A pragmatic CLI tool for managing .env files with a focus on simplicity, security, and reliability.
durable-appconfig-dotenv provides a straightforward command-line interface for editing environment files. Built with Rust for performance and safety, it handles common tasks like setting variables, generating secure passwords, and exporting configurations.
cargo install durable-appconfig-dotenvOr build from source:
git clone https://github.com/durableprogramming/durable-appconfig-dotenv.git
cd durable-appconfig-dotenv
cargo build --releaseSet environment variables:
durable-appconfig-dotenv set DATABASE_URL=postgres://localhost/mydb API_KEY=secret123Remove variables:
durable-appconfig-dotenv unset OLD_KEY DEPRECATED_VARList all keys:
durable-appconfig-dotenv keysGenerate secure random passwords:
# Basic 32-character password (letters only)
durable-appconfig-dotenv randomize API_SECRET
# Include numbers and symbols
durable-appconfig-dotenv randomize DB_PASSWORD --numeric --symbol --length 48
# Generate XKCD-style passphrase (requires xkcdpass)
durable-appconfig-dotenv randomize ADMIN_PASSPHRASE --xkcdExport as bash script:
durable-appconfig-dotenv export
# or
durable-appconfig-dotenv export --format bashExport as JSON:
durable-appconfig-dotenv export --format jsonBy default, durable-appconfig-dotenv operates on .env in the current directory. Use -f or --file to specify a different file:
durable-appconfig-dotenv -f .env.production set NODE_ENV=production
durable-appconfig-dotenv -f config/.env.local keys- Preserves file structure: Maintains comments, empty lines, and formatting
- Safe updates: Only modifies targeted key-value pairs
- Secure passwords: Generates cryptographically secure random passwords
- Multiple export formats: Bash and JSON output for integration with other tools
- Simple interface: Clear, predictable commands that do one thing well
This tool embodies a practical approach to software development:
- Solve real problems: Managing environment files is a common task that deserves a dedicated tool
- Keep it simple: No complex configuration or unnecessary features
- Be reliable: Written in Rust for memory safety and consistent behavior
- Respect existing work: Preserves file formatting and comments
- Security matters: Provides secure password generation out of the box
# Set up a new project
durable-appconfig-dotenv set NODE_ENV=development PORT=3000
durable-appconfig-dotenv randomize JWT_SECRET SESSION_SECRET --length 64 --symbol
# Export for local development
eval $(durable-appconfig-dotenv export)# Generate secure production credentials
durable-appconfig-dotenv -f .env.production randomize \
DATABASE_PASSWORD \
REDIS_PASSWORD \
API_SECRET \
--length 48 --numeric --symbol
# Export as JSON for container orchestration
durable-appconfig-dotenv -f .env.production export --format json > secrets.json# Rotate all password fields
durable-appconfig-dotenv randomize $(durable-appconfig-dotenv keys | grep -E '(PASSWORD|SECRET|KEY)')Contributions are welcome. This project values:
- Clear, maintainable code
- Comprehensive testing
- Thoughtful documentation
- Backwards compatibility
Please ensure all tests pass and add new tests for any new functionality.
MIT License - see LICENSE file for details.
Built with excellent Rust crates:
clapfor CLI parsinganyhowfor error handlingserdefor JSON serializationrandfor secure random generation