Django package for managing a single root encryption key and decrypting embedded secrets.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for efeoge from gravatar.com efeoge

Unverified details

These details have not been verified by PyPI
Meta
  • Requires: Python >=3.13
Report project as malware

Project description

django-root-secret

Tests

django-root-secret is a Django package for managing one root encryption key per environment and decrypting encrypted literals at runtime.

django-root-secret reduces the number of plaintext secrets you need to manage. Large .env files are a common source of configuration errors because variables can be missing, misnamed, outdated, or inconsistent across environments. This package keeps the env file minimal by storing only ROOT_ENCRYPTION_KEY there and encrypting the rest.

Installation

Add the app to INSTALLED_APPS:

INSTALLED_APPS = [
    ...,
    "django_root_secret",
]

Commands

Generate a root key file:

python manage.py generate_root_encryption_key --env development

This creates development.env in the current working directory with only:

# This file must only contain ROOT_ENCRYPTION_KEY.
# Encrypt every other secret with this key and keep the file private.
ROOT_ENCRYPTION_KEY=...

Encrypt a plaintext secret using that file:

python manage.py encrypt_secret --env development --value "my-db-password"

Use the encrypted output in code and decrypt it with ROOT_ENCRYPTION_KEY from the runtime environment:

from django_root_secret import get_secret

DATABASE_PASSWORD = get_secret("gAAAAAB...")

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for efeoge from gravatar.com efeoge

Unverified details

These details have not been verified by PyPI
Meta
  • Requires: Python >=3.13

Release history Release notifications | RSS feed

0.2.1

0.2.0

0.1.2

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django_root_secret-0.1.0.tar.gz (6.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

django_root_secret-0.1.0-py3-none-any.whl (8.9 kB view details)

Uploaded Python 3

File details

Details for the file django_root_secret-0.1.0.tar.gz.

File metadata

  • Download URL: django_root_secret-0.1.0.tar.gz
  • Upload date:
  • Size: 6.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for django_root_secret-0.1.0.tar.gz
Algorithm Hash digest
SHA256 405916136547aa8c916d1907aaeef3c26bbdc0ca6bab4532e0f5f44a9a8d1021
MD5 cc113c1838f1532e41f0d3463ae4f4a0
BLAKE2b-256 51ac2918a97d46d903e48e4190ebd1b9d07b2d109e62e433388542bd39c89683

See more details on using hashes here.

Provenance

The following attestation bundles were made for django_root_secret-0.1.0.tar.gz:

Publisher: publish.yml on efe/django-root-secret

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file django_root_secret-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for django_root_secret-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 0c5d54b29ed653083f3d860638242be4b8c48bac91705912c00d2e55ccc42aa9
MD5 beae7705ad533812b41fef15520f04db
BLAKE2b-256 57ee58035a6f4b618fbb9c53d7e6cafec7b1efa078435f28066f6fb8e744dfe2

See more details on using hashes here.

Provenance

The following attestation bundles were made for django_root_secret-0.1.0-py3-none-any.whl:

Publisher: publish.yml on efe/django-root-secret

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page