dejury / laravel-envcrypt
This package will help you to keep different .env files within your version management. Of course, it is possible to encrypt the files so they can be safely pushed to your version control.
Requires
- php: >=7.2.5
- ext-json: *
- illuminate/encryption: ^7.0
Requires (Dev)
- orchestra/testbench: ^5.0
- phpunit/phpunit: ^8.0
This package is auto-updated.
Last update: 2024-12-06 17:22:44 UTC
README
This package gives you the possibility to store certain values you would normally store in your .env file in an encrypted file which can be part of your version control. It supports the storage for multiple environments and automatically loads the variables for the current environment. They will be available in the env() function.
Package inspired by:
BeyondCode laravel-credentials
Stechstudio Laravel Env Security
Installation
You can install the package via composer:
composer require dejury/laravel-envcrypt
Copy the corresponding config file to your laravel directory by executing:
php artisan vendor:publish --provider="Dejury\Envcrypt\EnvcryptServiceProvider"
It is highly recommended to use another encryption key then the default application key. Also it is highly recommended that the encryption key is not stored in version control. You can set the available environments inside the config, this is for letting the application know which environments to save if you choose to save all environments.
By default the encrypted files are stored in the root of your laravel project, you can change this in the config.
Usage
php artisan envcrypt:add KEY_NAME
Will save OR edit the corresponding KEY_NAME with the value that will be asked during execution of the command. You can also set an environment or choose to store to all environments.
php artisan envcrypt:remove KEY_NAME
Will REMOVE the corresponding KEY_NAME. You can also set an environment or choose to remove to all environments.
php artisan envcrypt:view ENVIRONMENT
See all the stored values for that ENVIRONMENT. Will show in JSON format.
$encryptedEnv = env('KEY_NAME'); // just like you are used to in Laravel
Testing
composer test
Is this package secure?
The goal of this package is to store certain ENV vars encrypted. For example API_KEYS. You can safely store them in version control and it will automatically be available on the server where it is deployed.
This makes it easier to deploy ENV vars through all of your different environments.
Of course: this package uses a key to encrypt and decrypt the data. The key should be stored securely, to prevent decryption by unwanted persons. Whenever somebody has access to the server it is always possible to see the decrypted values by using the artisan commands or to manually decrypt the files. This package is always better to use in version control then storing PLAIN values.
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security related issues, please email jonathan@hafka.mp instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.
Laravel Package Boilerplate
This package was generated using the Laravel Package Boilerplate.