Home Basics of Environment Variables
Post
Cancel

Basics of Environment Variables

Introduction

Environment variables can be used to store sensitive information. Combined with 1Password CLI, it is also a safe and convenient way to reference secrets and passwords.


Storing data in .env file

Create a .env file in the project folder

1
2
touch .env
nano .env

Add information as Key=Value

1
2
API_KEY=your_api_key
DATABASE_URL=your_database_url

Access .env variable in Python

dotenv - is a useful python utility to keep environment variables in a separate file, which allows to easily manage it and to keep out of the source code.

Import environmental variables to python script

1
2
3
4
5
6
from dotenv import load_dotenv
import os

load_dotenv()

APIKEY = os.getenv("API_KEY")

Access .env variable in Shell

1
source .env

Load 1Password secrets into .env

1Password secrets can be loaded into the environment. That is great option that allows to edit secrets in 1Password without having to make any changes to the configuration settings or put any plaintext secrets in code. This requires having 1Password CLI installed on the system.

1Password CLI Commands

1
2
3
4
op vault list   # Show available vaults
op item get "Raspberry Pi"   # get item details 
op read 'op://Personal/Raspberry Pi/username' # check item is accessable

Reference in .env

create secret reference in .env to 1password

1
ADMIN_PASSWORD='op://Personal/Ansible/password'  #op://(vault)/(item)/(field)

To use environment files with 1password reference, use op run with specify the path to the environment file by using the flag –env-file:

1
op run --env-file=".env" -- aws

To check item is accessable with enviroment variable

1
op run --no-masking --env-file=".env" printenv ADMIN_PASSWORD
This post is licensed under CC BY 4.0 by the author.

Host Jekyll Blog on AWS

Repurpose old Macbook to Proxmox Server

Comments powered by Disqus.