dotenvx in a Node.js environment

Welcome to the Railway dotenvx Node.js template!

This example provides a minimal setup for managing environment variables using the dotenvx library in a Node.js environment (e.g. http or express server).

⚠️ Disclaimer

This is a demonstration template.
The .env.keys file should not be commited in a real project.

(cf. Development and production use)

✨ Overview

dotenvx is described as a better dotenv–from the creator of dotenv :

run anywhere (cross-platform)
multi-environment
encrypted envs

🚀 Use as it stands

Click the 'Deploy Now' button 👆
Deploy with the pre-configured environment variables values (production):

DOTENV_PRIVATE_KEY_PRODUCTION=706afc89eaa09ea9441d0f18f7c2fbbb6c77a201abf47aaa3a607e499a52c51d

Click on the "public domain" link provided by Railway to observe the variables being loaded from the server.

`Hello ${process.env.NAME ?? 'world'} from ${process.env.ENVIRONMENT ?? 'space'}!`;

There you go! 💪

Please, note that there may be a delay of 2-3 minutes for the DNS to become aware of this new address. If this doesn't work after a few minutes, in the settings, delete the public address (Public Networking) and regenerate one.

(Bonus) To use development environment variables, change the name and value of the private key:

DOTENV_PRIVATE_KEY=78ef7c8b904d674d8a2e468714e4b770a3c7c76b3c09cdfa1bc80bcd862f0036

💻 Development and production use

Installing dotenvx globally:

npm install @dotenvx/dotenvx -g

> Install globally as a cli to unlock dotenv for ANY language, framework, or platform. I am using (and recommending) this approach going forward. – motdotla

Add (or uncomment) the .env.keys file in the .gitignore to prevent it from being tracked:

.env.keys

Then, at the root of the project, make sure you no longer track this file:

git rm -r --cached .

If there are, you can add and commit these changes.

Encrypt your secrets and generate your own private keys file (.env.key):

3.1. Remove existing .env.keys file:
```
rm .env.keys
```
3.2 Setting up your custom .env and .env.production files:
```
NAME=YOUR_NAME
ENVIRONMENT=YOUR_ENV
YOUR_CUSTOM_KEY=YOUR_CUSTOM_VALUE
```
Make sure you don't have a DOTENV_PUBLIC_KEY variable in your environment files to generate new keys.

3.3. Encrypt created environment files:
```
dotenvx encrypt -f .env
dotenvx encrypt -f .env.production
```
Finally, in Railway, update the variable with the value of the newly generated key: either DOTENV_PRIVATE_KEY or DOTENV_PRIVATE_KEY_PRODUCTION, depending on the variables you wish to load.

And that's it! You've just regenerated the encrypted file and decryption keys. Each time you add, delete, or modify environment variables in your .env files, check that the values are encrypted before deploying the file on your server. It's that simple!

⚒️ Useful commands

Retrieve initial value(s) from and encrypted .env file:

dotenvx get {KEY} [-f,--env-file]                   # Return a single value
dotenvx get [-f,--env-file] [-pp,--pretty-print]    # Return all values

Set a new encrypted key/value:

dotenvx set {KEY} {VALUE} [-f,--env-file]

Decrypt an encrypted environment file:

dotenvx decrypt [-f,--env-file] [--stdout]

More information and details about the CLI:

dotenvx --help

📄 Learn more

Blog post:

dotenvx · Secure and Next-Generation dotenv Successor

dotenvx:

dotenvx-node-template:

Contribution

Contributions are welcome! If you encounter any issues or have suggestions for improvements, feel free to open an issue or submit a pull request.

License

This template is licensed under the MIT License. See the LICENSE file for details.