about summary refs log tree commit diff
path: root/website/sandbox/learnpianochords/src/server/.envrc
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2020-08-20T17·31+0100
committerWilliam Carroll <wpcarro@gmail.com>2020-08-20T17·31+0100
commit17c68d654ba7c4f01b730ceb804bdfa16c041174 (patch)
tree99984df70daf27730b2bf7cbbaf99c58e1e3e98f /website/sandbox/learnpianochords/src/server/.envrc
parent392832a1ca492041bf9af4223b7049580e104bf3 (diff)
Prefer reading secrets.json to using pass show
I'm attempting to maintain a top-level secrets.json that defines all of the
sensitive data that I'd like to version-control without exposing everything in
cleartext to the world. To that end, I'm using `git secret`, which will use
`gpg` to encrypt secrets.json everytime I call `git secret hide` and decrypt
everytime I call `git secret reveal`.

I'm going to try this until I don't like it anymore... if that day comes...

I should write a blog post about my setup to solicit useful feedback and share
my ideas with others.
Diffstat (limited to 'website/sandbox/learnpianochords/src/server/.envrc')
-rw-r--r--website/sandbox/learnpianochords/src/server/.envrc6
1 files changed, 6 insertions, 0 deletions
diff --git a/website/sandbox/learnpianochords/src/server/.envrc b/website/sandbox/learnpianochords/src/server/.envrc
new file mode 100644
index 000000000000..db08eac38e8e
--- /dev/null
+++ b/website/sandbox/learnpianochords/src/server/.envrc
@@ -0,0 +1,6 @@
+source_up
+use_nix
+export SERVER_PORT=3000
+export CLIENT_PORT=8000
+export GOOGLE_CLIENT_ID="$(jq -j '.google | .clientId' < ~/briefcase/secrets.json)"
+export STRIPE_API_KEY="$(jq -j '.stripe | .apiKey' < ~/briefcase/secrets.json)"