dejury/laravel-envcrypt

This package will help you to keep different .env files within your version management. Of course, it is possible to encrypt the files so they can be safely pushed to your version control.

Maintainers

Details

github.com/dejury/laravel-envcrypt

Homepage

Source

Issues

Installs: 3

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v1.0.0 2020-08-05 14:04 UTC

Requires

Requires (Dev)

MIT 2f0abff4a2a3554ecb4e3c98157681b3513fbd5c

  • Jonathan Hafkamp <jonathan.woop@hafka.mp>

dejuryenvcrypt

This package is auto-updated.

Last update: 2024-04-06 15:59:09 UTC

README

Latest Version on Packagist Total Downloads

This package gives you the possibility to store certain values you would normally store in your .env file in an encrypted file which can be part of your version control. It supports the storage for multiple environments and automatically loads the variables for the current environment. They will be available in the env() function.

Package inspired by:

BeyondCode laravel-credentials
Stechstudio Laravel Env Security

Installation

You can install the package via composer:

composer require dejury/laravel-envcrypt

Copy the corresponding config file to your laravel directory by executing:

php artisan vendor:publish --provider="Dejury\Envcrypt\EnvcryptServiceProvider"

It is highly recommended to use another encryption key then the default application key. Also it is highly recommended that the encryption key is not stored in version control. You can set the available environments inside the config, this is for letting the application know which environments to save if you choose to save all environments.

By default the encrypted files are stored in the root of your laravel project, you can change this in the config.

Usage

php artisan envcrypt:add KEY_NAME

Will save OR edit the corresponding KEY_NAME with the value that will be asked during execution of the command. You can also set an environment or choose to store to all environments.

php artisan envcrypt:remove KEY_NAME

Will REMOVE the corresponding KEY_NAME. You can also set an environment or choose to remove to all environments.

php artisan envcrypt:view ENVIRONMENT

See all the stored values for that ENVIRONMENT. Will show in JSON format.

$encryptedEnv = env('KEY_NAME'); // just like you are used to in Laravel

Testing

composer test

Is this package secure?

The goal of this package is to store certain ENV vars encrypted. For example API_KEYS. You can safely store them in version control and it will automatically be available on the server where it is deployed.
This makes it easier to deploy ENV vars through all of your different environments.

Of course: this package uses a key to encrypt and decrypt the data. The key should be stored securely, to prevent decryption by unwanted persons. Whenever somebody has access to the server it is always possible to see the decrypted values by using the artisan commands or to manually decrypt the files. This package is always better to use in version control then storing PLAIN values.

Changelog

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email jonathan@hafka.mp instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

Laravel Package Boilerplate

This package was generated using the Laravel Package Boilerplate.