Show HN: Dotenv, if it is a Unix utility (opens in new tab)

(github.com)

225 pointsgyf3041y ago100 comments

I like the idea of using dotenv files, but I dislike having to use different language-specific libraries to read them.

To solve this, I created a small utility that lets you prefix any command with "dotenv" to load the ".env" file.

This is how I imagine dotenv would work if it had started as a UNIX utility rather than a Node.js library.

100 comments

petepete1y ago

I think direnv already does a good job in this space, and it's already available in your package manager.

https://direnv.net/

reissbaker1y ago

I don't think direnv and dotenv are really the same — dotenv manages environment variables for a program, whereas direnv manages environment variables for an interactive shell.

As an example of the difference, dotenv is useful for running programs inside Docker containers — which do not inherit your interactive shell's environment variables — whereas direnv isn't particularly useful there. Ditto for programs run via init systems like systemd or even classic SysV init. On the other hand, direnv is convenient for end-user env var config, since it's aware of your shell's working directory and updates the env vars based on it without needing to run extra commands.

frou_dh1y ago

In my experience, the subcommand `direnv exec ...` works just fine in non-interactive scenarios like launchd jobs. I'm not sure if it even involves a shell of any kind in that mode.

kelnos1y ago

I've used direnv, but I think a nice property of OP's dotenv is that it's explicit: if I want to pass env vars, I run my program under it. If I don't, then I don't. There's no "hidden behavior" for me to forget about and then get surprised by.

TheRoque1y ago

As far as I'm aware of, Direnv's behavior is not hidden at all. Whenever you cd into the directory, you get a message listing all the new en var activated. And when you change the .envrc, you get another message saying that direnv has been deactivated. I never had happen to me "oh shoot !! I forgot this env var was activated because I'm in this dir".

3 more replies

hk13371y ago

I know ohmyzsh and zsh has this covered for auto loading the .env when you enter the directory

toastal1y ago

…Just don’t commit your .envrc to a repository & add it to the .(git|hg)*ignore. Provide an example if you want, but don’t expect everyone to want to use your exact settings. This is for your personal environment.

cheptsov1y ago

I‘m a happy user of direnv. Hard to imagine my life without it. The only problem is not to forget to include it to .gitignore.

tuyiown1y ago

Please just see this

`env -S "$(cat .env)" <cmd>`

Believe it or not that’s all you need.

> S, --split-string=S process and split S into separate arguments; used to pass multiple arguments on shebang lines

edit: forgot the quotes around shell substitution

kazinator1y ago

Also, if we are going to involve the shell, we could also just make .env a shell fragment and do this:

   sh -c '. .env; <cmd>'

There is a way to pass commands to it which are reliably executed, like thisL

   sh -c '. .env; "$@"' -- command arg1 arg2 arg3.

The non-option arguments passed to the shell are available as `"$@"`. A command consisting of nothing but `"$@"` basically executes the arguments. We can use `exec`, speaking of which:

   sh -c '. .env; exec "$@"' -- command arg1 arg2 arg3.

What I'm getting at is that this form is fairly easily exec-able;

   execl("/bin/sh", "/bin/sh", ". .env; exec \"$@\"", "--", "command",
         "arg1", "arg2", "arg3", (char *) 0);

The command and arguments can be arbitrary strings, not subject to any shell mangling.

cholindo1y ago

I wouldn't follow this approach because if you run `. .env;` you .env gets evaluated as a bash script, not as a configuration file. This means that you can get runtime errors in the .env file, and nobody wants that.

1 more reply

kazinator1y ago

This is now syntax that requires processing by the shell.

The nice thing about utilities like env and dotenv is that they can be easily exec-ed:

  execl("/usr/bin/dotenv", "/usr/bin/dotenv", "command", "arg", (char *) 0);

-S is a fairly recently added option to the GNU Coreutils env (possibly inspired by BSD?). I have a window to an Ubuntu 18 VM where it's not available.

You want $(cat .env) quoted, as in "$(cat .env)" so that the content of the file is reliably passed as one argument.

-S will split on whitespace; but it respects quoting, so spaces can be protected. Basically .env has to be prepared with the features of -S in mind. Of which that thing has quite a few: escape sequences like \n, commenting, environment variable substitution.

ibotty1y ago

This will fail with comments. Of course you can script around that as well (I have done so), but it's not bulletproof. It makes sense to have a dedicated tool for the job.

SOLAR_FIELDS1y ago

Isn’t the problem with dotenv that it’s not a formal specification? The closest to a specification is the “reference” nodejs implementation. Even across languages that aren’t shell the behaviors differ to some extent. I think also it’s not just comments, there are probably some other edge cases that can’t be parsed as legitimate shell code either.

chasil1y ago

ksh/bash can abbreviate $(cat x) to $(<x) although this syntax is not in POSIX (and it should be).

userb1y ago

What is the difference with or without "-S". 'env $(cat .env) <cmd>' still work?

tuyiown1y ago

edit 2: seems that there are expectation around a complex .env unspecified file format I was totally not aware of, I was just merely trying to share the simplest way I've ever found to store and reuse env vars

grounder1y ago

Compare with dotenvx - https://github.com/dotenvx/dotenvx This is my current tool of choice.

kazinator1y ago

I just remembered. Adding a -f <file> option to the GNU Coreutils env utility has previously been discussed:

https://lists.gnu.org/archive/html/coreutils/2021-10/msg0000...

It came up in the mailing also this March. I saw the posting in my inbox and proposed that a null-terminated format be handled, which is exactly like /proc/<pid>/env:

https://lists.gnu.org/archive/html/coreutils/2024-03/msg0014...

If that feature were available, this becomes

  env -f .env command arg ...

miohtama1y ago

There is also shdotenv that allows you to load different .env file formats and convert between them, e.g. for UNIX shell.

https://github.com/ko1nksm/shdotenv

gyf304OP1y ago

This is a very neat project that seems to accomplish the same goal and have some extra features.

sirwitti1y ago

I recently discovered shdotenv and I like it a lot!

tester4571y ago

dotenv started as a ruby library actually. The first implementation inspired the others such as the golang version of the library.

whalesalad1y ago

    export $(cat .env | xargs)

Agree with the premise but this can be achieved with actual Unix concepts no need for anything else.

The language runtime dotenv projects are banned in my engineering org.

macintux1y ago

Your example has the downside of making the environment variables sticky, however, so it's not achieving the same thing.

johnisgood1y ago

What about:

    source <(cat .env | xargs)

or:

    export $(cat .env | xargs)

And then:

    unset $(cat .env | cut -d= -f1)

The last one unsets the environment variables that were set by the first command, ensuring they are not persisted beyond the current shell session.

If you are worried about forgetting to execute it, there are a couple of ways to work around it, depending on your case.

whalesalad1y ago

That is kinda the purpose of an environment.

2 more replies

bentinata1y ago

What about:

    env $(cat .env) [program]

arjvik1y ago

Has whitespace handling issues... but valiant effort!

fire_lake1y ago

When your environment variable values have spaces (e.g. some connection strings) this doesn’t work iirc

netcraft1y ago

I tend to agree, and we do this a lot actually. But it gets a little more complicated if you have several .env files.

Would love to hear more about why dotenv is banned at your org though.

whalesalad1y ago

Because I banned it haha. There should not be more than one .env file. Our projects have a .env.example that has any overrides a dev might want to override but this list is kept intentionally very short. Meanwhile .env is noted in gitignore. I absolutely hate seeing an entire application configured with environment variables. Some? Sure, where it makes sense. Most? No, those should be in version control, secrets aside.

I believe in convention over configuration. Most of our apps have hard-coded config, with a concise/short and finite number of things that can be overridden (like 3-4 parameters, tops). Secrets get injected.

I do subscribe to the idea of the 12 factor app, but there is a line that needs to be drawn between env config which is more dynamic and more persistent config that should be baked in to the release.

2 more replies

mongol1y ago

Would not

sh -c '. .env; echo $MY_VAR'

do the same thing? (I am not in front of a shell at the moment.)

emmanueloga_1y ago

There are like a couple dozen different ways to do this...

I have this on my .bashrc:

    alias loadenv='export $(xargs <.env)'

source: [1]

1: https://stackoverflow.com/a/60406814/855105

iokanuon1y ago

That will break if there's comments in the file, or if any one of the variables' values contain spaces. You can use `set -a` to load .env into an existing shell instance instead:

    loadenv() {
        set -a
        source ./.env
        set +a
    }

1 more reply

geysersam1y ago

Very nice! Thanks for the suggestion. Seems more Unix-esque. Are there any important drawbacks of this version compared to the dedicated tool? (dotenv or dotenvx)

kilroy1231y ago

I can't believe I've never thought of doing this until now.

iokanuon1y ago

You'd need to `set -a` or pass the `-a` as a flag to have them auto-exported though, so:

    sh -ac '. ./.env; ./prog'

Also if you use the `.` builtin it's a good idea to specify the path with a slash in it, so that `.` doesn't search $PATH first.

kelnos1y ago

That would, but unless each line in your .env file is prefixed with "export", those env vars won't get passed into any subprocesses you run.

1 more reply

datascienced1y ago

Now that is unixy!

mixmastamyk1y ago

Seems to work.

iDon1y ago

Thanks to OP and other posters - various ideas useful in different cases.

The xargs idea made me think of using bash as the parser :

  bash -c "exec -c bash -c 'source $CONFIG/main.bash; env'"

This test .bash file contains multiple source-s of other .bash files, which contain a mix of comments, functions, set and env vars - just the env vars are exported by env. This seems useful e.g. for collating & summarising an environment for docker run -e.

This outputs the env vars to stdout; for the OP's purpose, the output could be sourced :

  envFile=$(mktemp /tmp/env.XXXXXX);

  bash -c "exec -c bash -c 'source $CONFIG/main.bash; env'" > $envFile;

  env $(cat $envFile) sh -c 'echo $API_HOST'

# For Bourne shell, use env -i in place of exec -c :

sh -c "env -i sh -c '. $CONFIG/main.sh; env'" > $envFile

andy_ppp1y ago

This looks good and neater than my solution in my .zshrc:

envup() {

  local file=$([ -z "$1" ] && echo ".env" || echo ".env.$1")

  if [ -f $file ]; then
    set -a
    source $file
    set +a
  else
    echo "No $file file found" 1>&2
    return 1
  fi

}

You can also specify `envup development` to load .env.development files should you want. Obviously this will pollute the current shell but for me it is fine.

belthesar1y ago

This is interestingly similar to a little tool I wrote called sops-run [0], which manages encrypted secrets for cli tools using Mozilla’s sops [1]. Biggest upshot is that you can use it more confidently for secrets with encryption at rest. Built it when I was trying out CLI tools that wanted API keys, but I didn’t want to shove them into my profile and accidentally upload them into my dotfiles repository. Do need to finally get back to making this a package, being able to install it with pip(x) would be really nice.

[0] https://github.com/belthesar/sops-run

[1] https://github.com/getsops/sops

vishvananda1y ago

Doesn’t this already exist as https://www.npmjs.com/package/dotenv-cli ?

supriyo-biswas1y ago

I wrote my own some time ago: https://github.com/supriyo-biswas/dotfiles/commit/39585b42c2...

wodenokoto1y ago

Since loading dotenv files happens together with executing code I I have decided to trust my .env files just like I trust the rest of my code not to delete my entire system and therefore I source them.

KevinMS1y ago

I never understood why it had to be a dot file, except for naming it.

fire_lake1y ago

Does this accept the exact same format (including quotes and whitespace) as a Docker env file? That’s a key feature for me

prmoustache1y ago

I don't understand what more it does than sourcing a file on your shell would? Anyone can explain?

steezeburger1y ago

You can't source an .env file without some munging. All the keys would need `export` in front of them I believe.

prmoustache1y ago

That doesn't seem like a huge barrier compared to shipping a dotenv binary compiled specifically to all deployment arch.

1 more reply

kazinator1y ago

A sourced .env would have to be correct shell syntax for a sourced environment file, yes.

1 more reply

kzrdude1y ago

This idea seems to be cloned everywhere now, so something is causing the popularity

fyrn_1y ago

Kubernetes / containderd / docker apps are much more convenient to configure through ENV vars, as they easily pass through the sandbox layer (whatever that may be) files are not so easy to make work. Because that's how prod works devs want to be able to recreate prod to run locally, hence the cambrian explosion of tools like this.

forrestthewoods1y ago

What a tragic state of affairs.

It's a shame that running modern software requires carefully packaging a virtual environment and then injecting a bunch of ugly global env vars.

I still think Docker shouldn't exist. Programs should simply bundle their dependencies. Running a program should be as simple as download, unzip, run. No complex hierarchical container management needed.

Alas I am not King.

3 more replies

bitwize1y ago

C? Y u no Rust?

masklinn1y ago

The same thing already exists in Rust, it’s both a library for in-process loading and a binary, I use it daily and only for the binary: https://github.com/allan2/dotenvy

bitwize1y ago

Once I actually wrote a version in Emacs Lisp, for purposes of being able to run stacks that depended on .env configuration in Emacs buffers.

j / k navigate · click thread line to collapse

100 comments

petepete1y ago

I think direnv already does a good job in this space, and it's already available in your package manager.

https://direnv.net/

reissbaker1y ago

I don't think direnv and dotenv are really the same — dotenv manages environment variables for a program, whereas direnv manages environment variables for an interactive shell.

frou_dh1y ago

In my experience, the subcommand `direnv exec ...` works just fine in non-interactive scenarios like launchd jobs. I'm not sure if it even involves a shell of any kind in that mode.

kelnos1y ago

TheRoque1y ago

3 more replies

hk13371y ago

I know ohmyzsh and zsh has this covered for auto loading the .env when you enter the directory

toastal1y ago

cheptsov1y ago

I‘m a happy user of direnv. Hard to imagine my life without it. The only problem is not to forget to include it to .gitignore.

tuyiown1y ago

Please just see this

`env -S "$(cat .env)" <cmd>`

Believe it or not that’s all you need.

> S, --split-string=S process and split S into separate arguments; used to pass multiple arguments on shebang lines

edit: forgot the quotes around shell substitution

kazinator1y ago

Also, if we are going to involve the shell, we could also just make .env a shell fragment and do this:

   sh -c '. .env; <cmd>'

There is a way to pass commands to it which are reliably executed, like thisL

   sh -c '. .env; "$@"' -- command arg1 arg2 arg3.

The non-option arguments passed to the shell are available as `"$@"`. A command consisting of nothing but `"$@"` basically executes the arguments. We can use `exec`, speaking of which:

   sh -c '. .env; exec "$@"' -- command arg1 arg2 arg3.

What I'm getting at is that this form is fairly easily exec-able;

   execl("/bin/sh", "/bin/sh", ". .env; exec \"$@\"", "--", "command",
         "arg1", "arg2", "arg3", (char *) 0);

The command and arguments can be arbitrary strings, not subject to any shell mangling.

cholindo1y ago

1 more reply

kazinator1y ago

This is now syntax that requires processing by the shell.

The nice thing about utilities like env and dotenv is that they can be easily exec-ed:

  execl("/usr/bin/dotenv", "/usr/bin/dotenv", "command", "arg", (char *) 0);

-S is a fairly recently added option to the GNU Coreutils env (possibly inspired by BSD?). I have a window to an Ubuntu 18 VM where it's not available.

You want $(cat .env) quoted, as in "$(cat .env)" so that the content of the file is reliably passed as one argument.

ibotty1y ago

This will fail with comments. Of course you can script around that as well (I have done so), but it's not bulletproof. It makes sense to have a dedicated tool for the job.

SOLAR_FIELDS1y ago

chasil1y ago

ksh/bash can abbreviate $(cat x) to $(<x) although this syntax is not in POSIX (and it should be).

userb1y ago

What is the difference with or without "-S". 'env $(cat .env) <cmd>' still work?

tuyiown1y ago

grounder1y ago

Compare with dotenvx - https://github.com/dotenvx/dotenvx This is my current tool of choice.

kazinator1y ago

I just remembered. Adding a -f <file> option to the GNU Coreutils env utility has previously been discussed:

https://lists.gnu.org/archive/html/coreutils/2021-10/msg0000...

It came up in the mailing also this March. I saw the posting in my inbox and proposed that a null-terminated format be handled, which is exactly like /proc/<pid>/env:

https://lists.gnu.org/archive/html/coreutils/2024-03/msg0014...

If that feature were available, this becomes

  env -f .env command arg ...

miohtama1y ago

There is also shdotenv that allows you to load different .env file formats and convert between them, e.g. for UNIX shell.

https://github.com/ko1nksm/shdotenv

gyf304OP1y ago

This is a very neat project that seems to accomplish the same goal and have some extra features.

sirwitti1y ago

I recently discovered shdotenv and I like it a lot!

tester4571y ago

dotenv started as a ruby library actually. The first implementation inspired the others such as the golang version of the library.

whalesalad1y ago

    export $(cat .env | xargs)

Agree with the premise but this can be achieved with actual Unix concepts no need for anything else.

The language runtime dotenv projects are banned in my engineering org.

macintux1y ago

Your example has the downside of making the environment variables sticky, however, so it's not achieving the same thing.

johnisgood1y ago

What about:

    source <(cat .env | xargs)

or:

    export $(cat .env | xargs)

And then:

    unset $(cat .env | cut -d= -f1)

The last one unsets the environment variables that were set by the first command, ensuring they are not persisted beyond the current shell session.

If you are worried about forgetting to execute it, there are a couple of ways to work around it, depending on your case.

whalesalad1y ago

That is kinda the purpose of an environment.

2 more replies

bentinata1y ago

What about:

    env $(cat .env) [program]

arjvik1y ago

Has whitespace handling issues... but valiant effort!

fire_lake1y ago

When your environment variable values have spaces (e.g. some connection strings) this doesn’t work iirc

netcraft1y ago

I tend to agree, and we do this a lot actually. But it gets a little more complicated if you have several .env files.

Would love to hear more about why dotenv is banned at your org though.

whalesalad1y ago

I do subscribe to the idea of the 12 factor app, but there is a line that needs to be drawn between env config which is more dynamic and more persistent config that should be baked in to the release.

2 more replies

mongol1y ago

Would not

sh -c '. .env; echo $MY_VAR'

do the same thing? (I am not in front of a shell at the moment.)

emmanueloga_1y ago

There are like a couple dozen different ways to do this...

I have this on my .bashrc:

    alias loadenv='export $(xargs <.env)'

source: [1]

1: https://stackoverflow.com/a/60406814/855105

iokanuon1y ago

That will break if there's comments in the file, or if any one of the variables' values contain spaces. You can use `set -a` to load .env into an existing shell instance instead:

    loadenv() {
        set -a
        source ./.env
        set +a
    }

1 more reply

geysersam1y ago

Very nice! Thanks for the suggestion. Seems more Unix-esque. Are there any important drawbacks of this version compared to the dedicated tool? (dotenv or dotenvx)

kilroy1231y ago

I can't believe I've never thought of doing this until now.

iokanuon1y ago

You'd need to `set -a` or pass the `-a` as a flag to have them auto-exported though, so:

    sh -ac '. ./.env; ./prog'

Also if you use the `.` builtin it's a good idea to specify the path with a slash in it, so that `.` doesn't search $PATH first.

kelnos1y ago

That would, but unless each line in your .env file is prefixed with "export", those env vars won't get passed into any subprocesses you run.

1 more reply

datascienced1y ago

Now that is unixy!

mixmastamyk1y ago

Seems to work.

iDon1y ago

Thanks to OP and other posters - various ideas useful in different cases.

The xargs idea made me think of using bash as the parser :

  bash -c "exec -c bash -c 'source $CONFIG/main.bash; env'"

This outputs the env vars to stdout; for the OP's purpose, the output could be sourced :

  envFile=$(mktemp /tmp/env.XXXXXX);

  bash -c "exec -c bash -c 'source $CONFIG/main.bash; env'" > $envFile;

  env $(cat $envFile) sh -c 'echo $API_HOST'

# For Bourne shell, use env -i in place of exec -c :

sh -c "env -i sh -c '. $CONFIG/main.sh; env'" > $envFile

andy_ppp1y ago

This looks good and neater than my solution in my .zshrc:

envup() {

  local file=$([ -z "$1" ] && echo ".env" || echo ".env.$1")

  if [ -f $file ]; then
    set -a
    source $file
    set +a
  else
    echo "No $file file found" 1>&2
    return 1
  fi

}

You can also specify `envup development` to load .env.development files should you want. Obviously this will pollute the current shell but for me it is fine.

belthesar1y ago

[0] https://github.com/belthesar/sops-run

[1] https://github.com/getsops/sops

vishvananda1y ago

Doesn’t this already exist as https://www.npmjs.com/package/dotenv-cli ?

supriyo-biswas1y ago

I wrote my own some time ago: https://github.com/supriyo-biswas/dotfiles/commit/39585b42c2...

wodenokoto1y ago

KevinMS1y ago

I never understood why it had to be a dot file, except for naming it.

fire_lake1y ago

Does this accept the exact same format (including quotes and whitespace) as a Docker env file? That’s a key feature for me

prmoustache1y ago

I don't understand what more it does than sourcing a file on your shell would? Anyone can explain?

steezeburger1y ago

You can't source an .env file without some munging. All the keys would need `export` in front of them I believe.

prmoustache1y ago

That doesn't seem like a huge barrier compared to shipping a dotenv binary compiled specifically to all deployment arch.

1 more reply

kazinator1y ago

A sourced .env would have to be correct shell syntax for a sourced environment file, yes.

1 more reply

kzrdude1y ago

This idea seems to be cloned everywhere now, so something is causing the popularity

fyrn_1y ago

forrestthewoods1y ago

What a tragic state of affairs.

It's a shame that running modern software requires carefully packaging a virtual environment and then injecting a bunch of ugly global env vars.

Alas I am not King.

3 more replies

bitwize1y ago

C? Y u no Rust?

masklinn1y ago

The same thing already exists in Rust, it’s both a library for in-process loading and a binary, I use it daily and only for the binary: https://github.com/allan2/dotenvy

bitwize1y ago

Once I actually wrote a version in Emacs Lisp, for purposes of being able to run stacks that depended on .env configuration in Emacs buffers.

j / k navigate · click thread line to collapse