etoml

A tool to create and manage application secrets securely protected in encrypted (with ChaCha) toml files.

This is basically a Rust/Toml port of ejson.

• It generates a private/public key pair for you
• The publich key is stored with your secrets in a secrets.etoml in your repository
• The private key is stored /opt/etoml/keys (on your server)
• The values in the secrets.etoml are encrypted via the CLI tool

The main difference to ejson is that it gives you a function to decrypt your secrets directly into a struct in your application.

Install

cargo install etoml

Usage

To create/manage secret files you use the command line interface:

```ignore Usage: etoml-write

Commands: init Create a new encrypted TOML file encrypt (Re-)encrypt unencrypted values in an existinf etoml file decrypt decrypt unencrypted values in an existinf etoml file help Print this message or the help of the given subcommand(s)

Options: -h, --help Print help ```

In you app you can define a struct with the matching fields to decode your secrets into:

```ignore use serde::{Deserialize, Serialize};

[derive(Serialize, Deserialize)]

struct AppSecrets { github: String }

fn main() -> Result<(), etoml::EtomlError> { let secrets = etoml::decrypt_default::()?; println!("Github key: {}", secrets.github); Ok(()) } ```