HACKER Q&A
📣 d1sxeyes

How do you archive secrets for your side projects?


So, I've got a bunch of old side projects lying around, for which the majority have their code hosted on Github.

Generally, I get excited about new shiny things, and move on, and pretend to myself that one day I'll come back to whatever project I'm abandoning 'just for a few days' while I check out something else.

My side projects folder is now overflowing, but I can't clean it out easily because of all the pesky .env files which aren't checked into git, so will be lost.

How are you folks managing this?

  👤 dantelex Accepted Answer ✓
Over the year's i've joined and lead dev teams and one of the main issues we've always had is how we manage our secrets and share them. Personally as well while building my side projects in run into these issues.

I started building https://onboardbase.com late last year for this specific reason. Actively building and improving it and i hope it helps as well.

👤 botanicalfriend
You can encrypt them using something like https://github.com/FiloSottile/age and then just store them in git. When you need to access them, just run "age -d .."

If you're paranoid you can use GPG + a smart card like a yubikey, but its all about convenience trade off..

👤 swah
Sincerly I just check them in Git...

If its really sensitive, goes in Bitwarden.

👤 thinkingemote
If I want to delete a project and not work on it why would I want to keep the secrets that I wouldn't use?

Keep, document and archive a .env.example file for others, I guess?

👤 jamessb
Copy the env files into your password manager?
👤 d3nj4l
I keep a secure note in my password manager.
👤 notRobot
Check it into a second, private repository?