Rune is a terminal-based password manager for developers. Store, retrieve, update, and manage secrets securely and easily.
Project description
Rune
Are you tired of storing passwords and API keys in plain text files? Rune is a simple, developer-focused terminal vault for securely storing secrets. Each secret is encrypted with a key you provide — nothing is ever stored unencrypted, and no master password is saved.
Rune is built with a workflow developers expect: fast commands, helpful prompts, clipboard integration, and flexible configuration.
Features
- 🔐 Per-secret encryption keys
- 🏷️ Add, update, delete, and list secrets
- 📋 Retrieve and auto-copy secrets to your clipboard
- 🛠️ Configurable encryption mode, storage mode, and file location
- ❌ Keys are never stored — lose the key, lose the secret
- ✨ Interactive prompts for missing options
Installation
pip install rune
Usage
All commands prompt for missing values — names, secrets, and keys — making them easy to use interactively.
Add a Secret
rune add --name <name> --secret <secret> --key <key>
If any option is omitted, Rune will prompt:
- Name
- Secret (input hidden)
- Encryption key (input hidden; must be remembered)
Example:
rune add -n github -s myToken123 -k myKey
Retrieve a Secret
rune get --name <name> --key <key>
- Secret is automatically copied to your clipboard.
- Add
--showto also display it in the terminal.
Example:
rune get -n github -k myKey --show
Update a Secret
rune update --name <name> --secret <new_secret> --key <key>
Delete a Secret
rune delete --name <name>
You will be prompted for the name if omitted.
List All Secrets
rune list
Secrets are shown in a numbered list:
[1] github
[2] aws
[3] database
Configuration
Rune allows you to configure encryption mode, storage mode, and the secrets file location.
rune config --encryption <mode> --storage-mode <mode> --secrets-file <path>
Supported values:
--encryption:no-encryption,aesgcm--storage-mode:local--secrets-file: Any file path (e.g.,~/.secrets.json)
Example:
rune config -e no-encryption -s local -f ~/.rune_secrets.json
Run:
rune config -h
for full help.
Security Notes
- Each secret is encrypted with its own key.
- Keys are never stored — you must provide the correct key to decrypt or modify a secret.
- Forget the key → the secret is permanently lost.
- Secrets are stored locally in an encrypted file.
Example Workflow
# Add
rune add -n stripe -s sk_live_abc -k myStrongKey
# Retrieve (copied to clipboard)
rune get -n stripe -k myStrongKey
# Update
rune update -n stripe -s newKey -k myStrongKey
# Delete
rune delete -n stripe
# List
rune list
License
Apache 2.0 License
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file rune-0.1.0.tar.gz.
File metadata
- Download URL: rune-0.1.0.tar.gz
- Upload date:
- Size: 19.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d1b550062da4f9d7fcf47990c0463ba989bfc9ec045c2fc278d838d3c3bc4e17
|
|
| MD5 |
20624126b2196768cb03a5a7aac475bc
|
|
| BLAKE2b-256 |
703ea08f45ff4cc646cdd6f429c63ecb170979006ab98794e106a5dc1b7581d0
|
File details
Details for the file rune-0.1.0-py3-none-any.whl.
File metadata
- Download URL: rune-0.1.0-py3-none-any.whl
- Upload date:
- Size: 22.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b8bd9b288cfd0012972d33449dd470254995f01210fa211834ddf84b04230b59
|
|
| MD5 |
47158316397e77e0f353171ec2af5075
|
|
| BLAKE2b-256 |
abce4c73ce39a36e60e07cb699460b9b05b102a8ec37f88259df97f6f4798ad1
|
