profile

ESPRESSO FRIDAYS

I’m Never Using .env Files Ever Again

Published 9 months ago • 2 min read

Hey friends!

Are you tired of juggling countless environment variables across different projects? Do you find yourself constantly tweaking your .zshrc or .bashrc with tokens, api keys or other project-specific variables? Well, I’ve got a game-changer for you!

The Problem with Traditional .env Files

We’ve all been there. You start a new project, set up a few environment variables in a .env file, and everything’s peachy. But as your project grows, so does your list of variables. Before you know it, you’re drowning in a sea of API keys, database credentials, and configuration settings.

The worst part? These variables are always loaded, even when you don’t need them.

It’s like carrying around a huge keychain when you only need one key. Not only that, sometimes they start conflicting with one another; a PG_USER or a AWS_ACCESS_KEY_ID of another environment will run over or get over-written, creating one big mess.

Enter direnv: Your Environment’s Best Friend

Direnv is like a smart badge for your code. It automatically loads and unloads environment variables based on your current directory. Here’s why it’s awesome:

  1. Path-based loading: Variables are only loaded when you’re in the right directory. Step out, and they’re gone!
  2. Security boost: No more accidental use of production credentials in your dev environment.
  3. Git-friendly: Works beautifully with Git worktrees, or allowing different configs for different branches.
  4. Built-in standard library: Use functions like dotenv to load traditional .env files effortlessly.
  5. Programmable environments: Set up warnings for missing required variables, ensuring your team has everything they need.

How to Get Started

  1. Install direnv (I used nix-env).
  2. Add eval "$(direnv hook zsh)" to your .zshrc (or equivalent for your shell).
  3. Create a .envrc file in your project directory.
  4. Run direnv allow to approve the .envrc file.

Pro Tip: Handling Secrets

For sensitive data, check out Dotenvx.
I wrote about it before, but in a nutshell, it allows for encryption of your .env files, and manages keys for you. It has its own pros and cons, and you can read all about it here

Wrapping Up

Direnv isn’t just a tool; it’s a new way of thinking about environment management. It’s secure, efficient, and plays well with modern development practices like 12-factor apps.

I made a video covering all about, catch it here.

Give direnv a try, and you’ll wonder how you ever lived without it!

ESPRESSO FRIDAYS

Every once in a while I send hand picked things I've learned. Kind of like your filter to the tech internet. No spam, I promise!

Read more from ESPRESSO FRIDAYS

How DHH Solved Deploying to Production (with Open Source) Ever felt depressed by the sheer complexity of getting your application live and serving users? You’re not alone. But what if deploying to production, even (or especially) across multiple servers, could be straightforward and more importantly, free? That’s the reality DHH, the creator of Ruby on Rails and CTO of Basecamp & HEY, wanted to create, and he delivered with an open source tool called Kamal. DHH’s approach to technology always...

11 days ago • 4 min read

The UNDERRATED Open Source Powering My HomeLab This issue is brought to you by: Secure Your AI Future at Snyk Launch 2025 Join Snyk Launch to discover how to establish a foundation to build securely and confidently in the age of AI. Register for Snyk Launch 2025 (It’s Free!) Kestra, an open-source automation platform that's been a game-changer for my homelab and, frankly, could be for a lot more. It's one of those tools that flies under the radar for too many people, but packs so much...

18 days ago • 5 min read

He Made $64K Searching GitHub With A GENIUS Trick (using open source only) This issue is brought to you by: TestSprite is the Easiest AI Agent for Software Testing Ensure End-to-End Confidence in Your Software Quality. LEARN MORE This, is the story of how one individual, "Mr. B," leveraged a deep understanding of Git's less-explored features to uncover secrets in public repositories, earning over $64,000 💰. His "genius trick" wasn't about finding new tools, but about using existing Git...

25 days ago • 4 min read