Manage environment variables use the dotenv pattern with encrypted files.
This project is an attempted port of the credentials pattern found in Ruby on Rails.
Using pip:
pip install env-credentials[django]
Using poetry:
poetry add env-credentials --extras django
Initializing and editing the encrypted credentials file is only supported with Django at this time. Additional CLI tooling can be built for framework-less projects or projects using other frameworks.
After adding the dependency to your project, add the Django app
INSTALLED_APPS = [
# ...
'django_credentials',
# ...
]
You can then initialize the credentials files with
./manage.py credentials init
This will create a two new files called master.key
and credentials.env.enc
. It will default to adding these files
to the same folder as where you attempted to load the values in the same folder as you loaded the values. If following
these directions, then that will be in the same folder as your settings.py
file.
This will also attempt to add master.key
to the .gitignore
file colocated with your manage.py
file, if it exists.
Be sure to ignore your master.key file if the gitignore file cannot be automatically updated.
Finally, add the following code to your settings.py
file to load the credentials into os.environ
from django_credentials import credentials
credentials.load()
You can then edit the values in the file using
./manage.py credentials edit
Custom Credentials Directory
You can put your credentials files, both key and configuration, into a different directory, but must tell the library where they are.
import os
from django_credentials import credentials
from pathlib import Path
current_dir = os.path.dirname(__file__)
credentials.load(credentials_dir=Path(current_dir, credentials_dir))
When initializing and editing the credentials from the CLI, you can pass the dir
option
./manage.py credentials -d <path>