Skip to content

ashish7802/smart-env-vault

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

13 Commits
.github/workflows
.github/workflows
Β 
Β 
backend
backend
Β 
Β 
cli
cli
Β 
Β 
frontend/src
frontend/src
Β 
Β 
.gitignore
.gitignore
Β 
Β 
CONTRIBUTING.md
CONTRIBUTING.md
Β 
Β 
README.md
README.md
Β 
Β 
docker-compose.yml
docker-compose.yml
Β 
Β 

Repository files navigation

πŸ” Smart Env Vault

Smart Env Vault Banner

Stop leaking secrets. Stop losing .env files. Start shipping safely.

MIT License Python 3.10+ FastAPI React PRs Welcome Stars

Features β€’ Quick Start β€’ CLI Usage β€’ API Docs β€’ Contributing

😀 The Problem

Every developer has done this:

# Monday
cp .env.example .env  # "I'll fill this later"

# Tuesday  
git add .             # accidentally commits .env πŸ’€

# Wednesday
slack: "hey what's the DB password?"  # sharing secrets in plain text πŸ’€

# Thursday
new team member: "what env vars do I need?" # nobody knows πŸ’€

Smart Env Vault fixes all of this.

✨ Features

Feature Description
πŸ”’ AES-256 Encryption All secrets encrypted locally before storage
🌐 Web UI Beautiful dashboard to manage all your project envs
⚑ CLI First Full terminal workflow β€” vault push, vault pull, vault sync
πŸ‘₯ Team Sharing Share encrypted vaults with teammates via tokens
πŸ“¦ Multi-Project Manage envs across unlimited projects
πŸ”„ Version History Roll back to any previous env state
🏷️ Environment Tags Separate dev / staging / prod configs
πŸ” Secret Scanner Detect accidentally committed secrets in your repo

πŸš€ Quick Start

Option 1: CLI (Recommended)

pip install smart-env-vault

# Initialize vault in your project
vault init

# Push your current .env to vault
vault push --env development

# Pull env on another machine / CI
vault pull --env development --out .env

Option 2: Self-hosted Server

git clone https://github.com/ashish7802/smart-env-vault
cd smart-env-vault

# Start backend
cd backend
pip install -r requirements.txt
uvicorn main:app --reload

# Start frontend (new terminal)
cd frontend
npm install && npm run dev

Open http://localhost:5173 πŸŽ‰

Option 3: Docker

docker-compose up -d

πŸ’» CLI Usage

# Initialize a new vault
vault init [--project my-app]

# Push secrets
vault push                          # push .env
vault push --file .env.production   # push specific file
vault push --env staging            # tag as staging

# Pull secrets
vault pull                          # pull latest
vault pull --env production         # pull specific env
vault pull --out /path/to/.env      # output to specific path

# Team management
vault invite teammate@email.com     # invite with read access
vault invite teammate@email.com --write  # invite with write access
vault token create --expires 7d     # create expiring share token

# Scan for leaked secrets
vault scan                          # scan current repo
vault scan --path /path/to/project  # scan specific path

# Version history
vault history                       # list all versions
vault rollback --version 3          # rollback to version 3

# Environment tags
vault envs                          # list all environments
vault switch production             # switch active environment

πŸ—οΈ Architecture

smart-env-vault/
β”œβ”€β”€ backend/              # FastAPI server
β”‚   β”œβ”€β”€ main.py           # App entry point
β”‚   β”œβ”€β”€ routers/          # API routes
β”‚   β”‚   β”œβ”€β”€ vault.py      # Vault CRUD operations
β”‚   β”‚   β”œβ”€β”€ auth.py       # Authentication
β”‚   β”‚   └── team.py       # Team management
β”‚   β”œβ”€β”€ services/
β”‚   β”‚   β”œβ”€β”€ crypto.py     # AES-256 encryption/decryption
β”‚   β”‚   β”œβ”€β”€ scanner.py    # Secret leak scanner
β”‚   β”‚   └── vault.py      # Business logic
β”‚   └── models/           # Pydantic models
β”‚
β”œβ”€β”€ frontend/             # React + Vite dashboard
β”‚   └── src/
β”‚       β”œβ”€β”€ pages/        # Dashboard, Projects, Settings
β”‚       └── components/   # Vault cards, Secret editor, etc.
β”‚
β”œβ”€β”€ cli/                  # Python CLI (Click)
β”‚   └── vault_cli.py
β”‚
└── docker-compose.yml

πŸ”’ Security

  • Zero-knowledge: Server never sees plaintext secrets
  • AES-256-GCM encryption with per-vault keys
  • Master password never leaves your machine
  • Keys derived using PBKDF2 (100k iterations)
  • All API endpoints require JWT auth
  • Optional 2FA support

πŸ“‘ API

API docs auto-generated at http://localhost:8000/docs

Key endpoints:

POST   /api/auth/register
POST   /api/auth/login
GET    /api/vaults                  # list all vaults
POST   /api/vaults                  # create vault
GET    /api/vaults/{id}/secrets     # get encrypted secrets
PUT    /api/vaults/{id}/secrets     # update secrets
GET    /api/vaults/{id}/history     # version history
POST   /api/team/invite             # invite teammate
POST   /api/scan                    # scan for leaks

🧰 Tech Stack

Backend: Python Β· FastAPI Β· SQLite/PostgreSQL Β· Pydantic Β· Python-jose (JWT) Β· Cryptography (AES-256)

Frontend: React 18 Β· Vite Β· TailwindCSS Β· Zustand Β· React Query

CLI: Python Β· Click Β· Rich (terminal UI)

DevOps: Docker Β· GitHub Actions CI

🀝 Contributing

PRs welcome! See CONTRIBUTING.md

git clone https://github.com/ashish7802/smart-env-vault
cd smart-env-vault
# Pick an issue labeled `good first issue`

πŸ“„ License

MIT Β© Ashish Yadav

If this saved your secrets, give it a ⭐

About

πŸ” Secure .env management for devs & teams β€” CLI + Web UI + Secret Scanner

ashyada.netlify.app/

Topics

react python cli open-source dotenv encryption devtools secrets developer-tools fastapi env-management

Resources

Readme

Contributing

Contributing
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages