README

Convert environment variables to WP Password Argon Two required constants.

• Goal
• Installation
• Usage
  • Trellis
• Frequently Asked Questions
  • Why I got InsecureConfigException (Pepper should not be empty)?
  • Does it work when WP Password Argon Two installed as a must-use plugin?
  • It looks awesome. Where can I find some more goodies like this?
• Support!
  • Donate
  • Why don't you hire me?
  • Want to help in other way? Want to be a sponsor?
• Developing
• Feedback
• Change Log
• Security
• Credits
• License

Goal

Defining WP Password Argon Two required constants in application code violates 12-factor principle.

This package allows you configure WP Password Argon Two with environment variables.

Installation

➜ composer require typisttech/wp-password-argon-two-env

In wp-config.php or Bedrock's config/application.php:

TypistTech\WPPasswordArgonTwo\Env\Converter::run();

Usage

On your server, define these environment variables:

• WP_PASSWORD_ARGON_TWO_PEPPER
• WP_PASSWORD_ARGON_TWO_OPTION_MEMORY_COST
• WP_PASSWORD_ARGON_TWO_OPTION_TIME_COST
• WP_PASSWORD_ARGON_TWO_OPTION_THREADS
• WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_<integer>

Only WP_PASSWORD_ARGON_TWO_PEPPER is required. Others are optional.

Fallback peppers must start with 1 and consecutive. For example:

• WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_1
• WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_2
• WP_PASSWORD_ARGON_TWO_FALLBACK_PEPPER_3

Trellis

Trellis users could add environment variables under wordpress_sites:

# group_vars/<env>/vault.yml
vault_wordpress_sites:
  example.com:
    env:
      wp_password_argon_two_pepper: 'your_long_and_random_pepper'
      wp_password_argon_two_fallback_pepper_1: 'your_second_oldest_pepper'
      wp_password_argon_two_fallback_pepper_2: 'your_oldest_pepper'

# group_vars/<env>/wordpress_sites.yml
wordpress_sites:
  example.com:
    env:
      wp_password_argon_two_option_memory_cost: 131072 # 128 Mb
      wp_password_argon_two_option_time_cost: 4
      wp_password_argon_two_option_threads: 3

Encrypting vault.yml files is important! Learn more on Trellis docs.

Frequently Asked Questions

Why I got InsecureConfigException (Pepper should not be empty)?

Because... pepper should not be empty.

WP_PASSWORD_ARGON_TWO_PEPPER environment variable isn't defined properly.

Does it work when WP Password Argon Two installed as a must-use plugin?

No.

It looks awesome. Where can I find some more goodies like this?

• Articles on Typist Tech's blog
• Tang Rufus' WordPress plugins on wp.org
• More projects on Typist Tech's GitHub profile
• Stay tuned on Typist Tech's newsletter
• Follow Tang Rufus' Twitter account

Support!

Donate

Love WP Password Argon Two Env? Help me maintain it, a donation here can help with it.

Why don't you hire me?

Ready to take freelance WordPress jobs. Contact me via the contact form here or, via email info@typist.tech

Want to help in other way? Want to be a sponsor?

Contact: Tang Rufus

Developing

To set up a developer workable version you should run these commands:

$ composer create-project --keep-vcs --no-install typisttech/wp-password-argon-two-env:dev-master
$ cd wp-password-argon-two-env
$ composer install

Feedback

Please provide feedback! We want to make this library useful in as many projects as possible. Please submit an issue and point out what you do and don't like, or fork the project and make suggestions. No issue is too small.

Security

If you discover any security related issues, please email wp-password-argon-two-env@typist.tech instead of using the issue tracker.

Credits

WP Password Argon Two Env is a Typist Tech project and maintained by Tang Rufus, freelance developer for hire.

Full list of contributors can be found here.

License

The MIT License (MIT). Please see License File for more information.