Learn how to make Netlify, Astro, and Dotenv Vault work together. This tutorial assumes you have already created a .env
file and synced it.
You can find a complete example repo here.
Install dotenv-vault-core.
$ npm install dotenv-vault-core --save
Preload Astro scripts using dotenv-vault-core. This will inject the environment variables ahead of Astro.
"scripts": {
"dev": "node -r dotenv-vault-core/config ./node_modules/.bin/astro dev",
"start": "node -r dotenv-vault-core/config ./node_modules/.bin/astro dev",
"build": "node -r dotenv-vault-core/config ./node_modules/.bin/astro build",
"preview": "node -r dotenv-vault-core/config ./node_modules/.bin/astro preview",
"astro": "astro"
},
Run npx dotenv-vault build to build your encrypted .env.vault file.
$ npx dotenv-vault build
Run npx dotenv-vault keys production.
$ npx dotenv-vault keys production
remote: Listing .env.vault decryption keys... done
dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=production
Visit your Netlify Project > Settings > Build & Deploy > Environment.
Set DOTENV_KEY to the value returned in step 4.
That’s it!
Commit those changes safely to code and push to GitHub.
When the build runs, it will recognize the DOTENV_KEY
, decrypt the .env.vault file, and load the production environment variables to ENV
. If a DOTENV_KEY
is not set (like during development on your local machine) it will fall back to regular dotenv.
It worked if you see the message ‘Loading env from encrypted .env.vault’.