Show HN: EnvKey 2.0 – End-To-End Encrypted Environments (now open source)


[ comments ]

Securely manage configuration and secrets across environments, servers, and development machines all in one place.

Use a cross-platform UI and developer-friendly CLI to set environment variables, manage access, revert to previous versions, review audit logs, prevent duplication, build automations, and more.

Setup takes minutes. Integrate anywhere.


$ envkey-source -- any-shell-command$ envkey-source -- command
# That's it!# That's it! Your command runs with the latest environment variables.
$ es -- ping '$DATABASE_URL' # Use the `es` alias to type less.# `es` alias to type less. # Reference vars in commands.# Reference EnvKey variables in your commands. $ es -w -- ./start-server # Automatically reload.# Automatically reload with the latest environment after a change. $ es -w --rolling -- ./start-server # No-downtime rolling reloads.# Avoid downtime with rolling reloads across all connected processes. $ es -r ./reload-env -- ./start-server # Custom reload logic.# Run custom reload logic after a change. $ eval "$(es)" # Set vars in current shell.# Set your EnvKey variables in the current shell. $ echo $'\n\neval "$(es --hook bash)"\n' >> ~/.bash_profile # Auto-load in any directory.# Auto-load the latest environment when entering a directory. # Works just like direnv. $ es --dot-env > .env $ es --json > .env.json $ es --yaml > .env.yaml $ es --pam > /etc/environment # Easy export to many formats.
More examples ˯

Thousands of security-conscious engineers rely on EnvKey.

Zillow Sky News Lambda School Ginger RVShare The Daily Beast Ranker 8x8 Lingoda Terminus Origin Protocol Parkside Securities Wellth Idagio Forager DNSimple
Client-side end-to-end encryption.
Artboard 447 Open source and self-hostable.
A___45 Cross-platform and language-agnostic.
Fast, scalable, and redundant.

Uncompromising security.

Combined Shape Created with Sketch. Device-based auth
Secure invitations
Artboard 23 Easy access control
OS keyring integration

Enhanced productivity.

Powerful, scriptable CLI
Auto-reloading environments
Environment branches
noun_boxes_3254207 Created with Sketch. Stackable environment blocks
Custom environments
Environment inheritance
007 - Laptop Local development overrides
Data import/export
Conflict resolution
Account recovery keys

Flexible hosting.

Turn-key self-hosting
Multi-region redundancy
Behind-your-firewall mode

Advanced user management.

SCIM directory sync

Open Source

EnvKey is open source under the MIT License.

EnvKey's Cloud and Enterprise Self-Hosted products include commercially licensed server-side extensions for battle-ready infrastructure and advanced user management.

Next Level Data Security

Zero-knowledge end-to-end encryption with out-of-band verification ensures that no host, server, employee, or third party ever has access to your organization's secrets, unless it is specifically granted.

Even if an attacker takes over EnvKey Cloud or your Self-Hosted EnvKey host, your secrets will still be safe.

EnvKey's client-side end-to-end encryption is built with the NaCl cryptography library: a fast, modern, trusted standard.

Want updates on new features and releases?

[ comments ]