Skip to content

Commit

Permalink
Update text a bit
Browse files Browse the repository at this point in the history
  • Loading branch information
@motdotla
motdotla committed Oct 24, 2023
1 parent 8f2c137 commit bbd08d2
Showing 1 changed file with 13 additions and 4 deletions.
17 changes: 13 additions & 4 deletions blog/_posts/2023-10-24-what-is-env-vault-file.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,15 +9,17 @@ published: true

It's an encrypted copy of your `.env` files.

It' easiest to understand if you generate one. So let's do that. Then I'll show you how to use it in production. Lastly, we'll talk about its security advantages.
It is easiest to understand if you generate one. So let's do that. Then I'll show you how to use it in production. Lastly, we'll talk about its security advantages.

## Generating

We're going to use the command `npx dotenv-vault local build`.

#### Prerequisites

Enter a project where you already have `.env.*` file(s) and have installed [dotenv](https://github.com/motdotla/dotenv). For example, I have a project with 3 files in it. See [example code](https://github.com/dotenv-org/examples/tree/master/dotenv-blog/what-is-env-vault-file).
Enter a project where you already have `.env.*` file(s) and have installed [dotenv](https://github.com/motdotla/dotenv).

For example, I have a project with 3 files in it. See [example code](https://github.com/dotenv-org/examples/tree/master/dotenv-blog/what-is-env-vault-file).

* index.js
* .env
Expand All @@ -44,9 +46,11 @@ $ node index.js
Hello development
```

Let's build the `.env.vault` file.

#### Generate .env.vault

Run the local build command.
Run the **local build** command.

```bash
$ npx dotenv-vault local build
Expand All @@ -70,7 +74,10 @@ It contains two keys.
* `DOTENV_VAULT_DEVELOPMENT`
* `DOTENV_VAULT_PRODUCTION`

These contain encrypted copies of your `.env` file and your `.env.production` file.
These contain encrypted copies of:

* your `.env` file
* your `.env.production` file.

A `.env.keys` file was also generated. These keys decrypt the contents of `DOTENV_VAULT_${ENVIRONMENT}`.

Expand All @@ -86,6 +93,8 @@ DOTENV_KEY_DEVELOPMENT="dotenv://:key_f4516b0077d9aefad9fa7b36cec570e05dcb7cd6d5
DOTENV_KEY_PRODUCTION="dotenv://:key_18a137f844e3511022dbf1de2b1bd5e3bd6d1ef4c78988e2521ce9f05abc506a@dotenv.local/vault/.env.vault?environment=production"
```

**See the pattern?** A `.env.${ENVIRONMENT}` file corresponds to a `DOTENV_VAULT_${ENVIRONMENT}` secret and `DOTENV_KEY_${ENVIRONMENT}` decryption key.

Try decrypting the contents of `DOTENV_VAULT_PRODUCTION`.

```
Expand Down

0 comments on commit bbd08d2

Please sign in to comment.