Tired of taking care of your .env files? no more. this script automatically encrypts all your .env files and creates a copy in the same directory which you can keep with the project/repo. any changes in the .env file(s) will automatically be reflected if the service is running in background. You can easily decrypt those files and it will override the orignal (unencrypted) files or create a new one if not there.
DISCLAIMER: for most scenarios, YOU DONT NEED THIS. I have created this for people who want to keep their env files in the same repo and not have to worry about key theft.
- Go programming language (for building the Encryptor and Decryptor). If you don't have go, follow these instructions: https://go.dev/doc/install
- Linux or Windows operating system.
- Auto Encryptor: Monitors a directory for changes to
.envfiles. Automatically encrypts the.envfiles. it will save the file in the same directory where the original file was located. If a file name contains .env, a copy of that file will be created with a suffix.encEx:.envwill be converted to.env.enc - Cryptor: Manual Encryption/Decryption script using AES cipher in Galois Counter Mode (GCM). Share with your friends using manual encryption mode and provide them with the key used during the manual process (the file wont be generated without a new key, it is advised you use a different key then the default one).
- Scripts : Easy installation and Deletion scripts for Linux and Windows.
- clone this git repo:
git clone https://github.com/Raghav-rv28/env-watcher - cd into your OS folder name (windows and Linux), and start the installation script (make sure you have administer privileges for windows)
- Install: Run the
install.sh | install.batscript to configure the environment and install the necessary dependencies. - Watch Directory: Specify the directory to watch for
.envfiles. (absolute path) - Encryption Key: Provide a 16 or 32 character encryption key.
- Start Service: The File Watcher service is automatically started and will monitor the specified directory for changes. (on Windows you might need to restart)
Arugments:
- process: "encrypt" / "decrypt", tells the script to either encrypt the file or decrypt.
- filename: name of the file
- encryption-key: encryption key to be used to either encrypt a file or decrypt an encrypted file.
cryptor encrypt <filename> <encryption-key>cryptor decrypt <filename> <encryption-key>If the file name contains .share, it was created using a custom encryption key and only that key will unencrypt the file. If a file is encrypted and doesn't have .share (only .enc) specify the default key you used when starting the encryption service.
The default key can be found using commands below:
The file ~/.file_watcher_env is located in your /home/<username>/ (Linux) and C:/users/<username>/ directory, you can grab the encryption token from there directly.
Grab the default encryption key using this:
Linux: grep -o 'ENCRYPTION_KEY=.*' ~/.file_watcher_env | cut -d '=' -f 2
Windows: for /f "tokens=2 delims==" %i in ('findstr "encryption_key" "%USERPROFILE%\.file_watcher_env"') do @echo %i
Auto Encryptor/: Contains the source code for the Auto Encryptor application.Cryptor/: Contains the source code for the Manual Cryptor application.Windows/: Contains the installation and delete scripts for Windows OS.Linux/: Contains the installation and delete scripts for Linux OS.install.sh: Setup script for configuring the environment and installing dependencies.delete.sh: if you don't want to have this setup any longer, just use delete.sh to remove all installation files/data. Once you do this, you will need to use a new key!
README.md: This file..env: sample env file..env.enc: sample encrypted file..env.enc.share: sample encrypted file using manual encryption.
- Open a terminal or Command Prompt window.
- Run the following command to check the status of the file_watcher service:
- Linux (systemd):
sudo systemctl status file_watcher
- Windows (Command Prompt):
sc query file_watcher
- Linux (systemd):
- If the service is running but encountering issues, you can view its output for debugging purposes.
- Run the following command to view the service logs:
- Linux (systemd):
By default it will show old logs, press
sudo journalctl -u file_watcher
shift + gto reach the bottom. - Windows (Event Viewer):
- Open Event Viewer.
- Navigate to Windows Logs > Application.
- Look for logs related to the file_watcher service.
- Linux (systemd):
- Look for any error messages or warnings in the output/logs.
- Pay attention to any specific error codes or messages that indicate issues with the service.
- If the service is not running or encountering issues, you can try restarting it.
- Run the following commands to restart the service:
- Linux (systemd):
sudo systemctl restart file_watcher- Windows (Command Prompt):
sc stop file_watcher
sc start file_watcher- Double-check the configuration settings, including the encryption key and watch directory, to ensure they are correct.
- Make any necessary adjustments to the configuration if errors are found.
- Ensure that the service has appropriate permissions to access the directories and files it needs.
- Check for any permission-related errors in the logs/output.
- use the delete scripts for your respective OS and start with a fresh installation.
This project is licensed under the MIT License - see the LICENSE file for details.
TODO:
- create installation scripts only for cryptor service. (Linux and Windows)
- add more configure options for the files being watched.