I would suggest NOT using env files. They are a hack. The environment belongs in... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		withinboredom on Sept 27, 2024 \| parent \| context \| favorite \| on: Ask HN: What tools should I use to manage secrets ... I would suggest NOT using env files. They are a hack. The environment belongs in the environment, not a file on disk; and if it is on a file on the disk, it belongs outside your repository. There is a script in the repository that will bootstrap your local env by storing encrypted secrets into ~/.config/ by asking some questions that you get from the shared passwords manager for development credentials. The key to decrypt them is password protected and requested at application boot.

nbbaier on Sept 27, 2024 [–]

Do you have an example of such a script?

withinboredom on Sept 27, 2024 | [–]

I will see if I can open source it.

nbbaier on Sept 28, 2024 | | [–]

What would be great!

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact