Where do you store your .env files?
#devops#javascript#opensource#discuss
Ibrahim Cesar

Ibrahim Cesar @ibrahimcesar

About: ⚡️ Enterprise Solutions Architect @ Amazon Web Services (AWS)

Location:
São Paulo, Brazil
Joined:
Jul 2, 2019

Where do you store your .env files?

Publish Date: Oct 2 '19
11 8

Given that .env files are not supposed to be committed, where do you usually store your .env files in order to share with other people in your team or between groups?

Comments 8 total

  • Suraj Shrestha
    Suraj ShresthaOct 2, 2019

    I tend to put in Google Drive or copy from prod/qa environment directly

  • Nguyen Kim Son
    Nguyen Kim SonOct 2, 2019

    This depends on your configuration management tools (Chef, Ansible, Puppet, etc), basically how you deploy your software. In small projects I usually use Ansible script that:

    1. copies the configuration file onto a server
    2. runs the docker image of the program

    In this case the configuration file is stored along with the Ansible script. This file can be encrypted using ansible-vault. This setup is not ideal but works quite well for small projects.

  • Brad
    BradOct 2, 2019

    We used to just pass them around in a USB. We eventually updated our projects to use to use Google KMS + Google storage, this way the secrets are encrypted and can be loaded anywhere.

  • Thomas Werner
    Thomas WernerOct 2, 2019

    I store .env files (and similar) in my continuous integration system (e.g. Jenkins) and let it automatically add the file when the project is built. If there is anything to be shared (i.e. default settings that are not confidential secrets) then I put it into a template file which I add to the project's repository (e.g. .env.template).

  • Derek Rosenzweig
    Derek RosenzweigOct 2, 2019

    If you don't use configuration management tools (Chef, Puppet, etc), you can store them in Gists, Confluence, or similar documentation products. Also you can provide a default eg .env.default that can be used as a prototype with basic values (local env URL, local service configs, etc). At the very least, the default/template can list out the env variables that the app supports in any given commit.

  • Kunal
    KunalOct 2, 2019

    Have you considered secure-env? Full disclosure, this is an NPM I made out of necessity. how-secure-is-your-environment-fil...?

    • Jaswanth
      JaswanthAug 29, 2022

      Hey kunal, i am using the secure-env package for one of my personal projects, but i am using typescript, is there types files for this package?

  • Edoardo Tenani
    Edoardo TenaniNov 23, 2019

    If you do dotenv sensibly, there should be no need to be shared in the team.

    It's true that 12factor app ask you to out configuration in the environment, but this does not mean to add them in a .env file.

    Put only personal configuration there, like your token for a service, and put every other configuration in committed configuration files.

    If you go down this path you will find that .env are very personal and thus there should be no need to share them.

    If for some special reason you need to share them, encrypt them and share any way you like. gpg or a service like onetimesecret.com/ may come handy.

    The only other path, but beware that may have some unintended consequences, is to commit a .env.default sort of file that each Dev has to copy and fill appropriately.

    May I ask you what configurations are in your .env file?

Add comment