13 रिपॉजिटरी
Tools for integrating encryption into infrastructure, configuration management, and editors.
Explore 13 awesome GitHub repositories matching part of an awesome list · System Integrations. Refine with filters or upvote what's useful.
Sops is a secrets encryption tool designed to encrypt and decrypt sensitive values within configuration files. It functions as a manager for secrets that integrates with cloud key vaults and PGP keys to secure data stored in version-controlled files. The tool utilizes structure-preserving encryption to encrypt individual values while keeping the overall file format and non-sensitive keys intact. It employs a KMS-backed encryption model, interfacing with external key management services from AWS, GCP, and Azure to handle cryptographic operations without exposing private keys locally. The proj
Flexible secret manager with broad ecosystem support.
gopass is a terminal-based password manager and GPG secret store used for generating, storing, and retrieving encrypted credentials. It functions as a collaborative secret manager that encrypts data using GPG or age and synchronizes it across devices and teams using Git. The system distinguishes itself by treating version control repositories as the primary storage backend, enabling secure secret sharing and version history for credentials. It utilizes a hierarchical directory structure to organize secrets on the filesystem and supports multi-store mounting to combine multiple independent rep
Password manager with native encryption backend support.
agenix is a small and convenient Nix library for securely managing and deploying secrets using common public-private SSH key pairs: You can encrypt a secret (password, access-token, etc.) on a source machine using a number of public SSH keys, and deploy that encrypted secret to any another…
Secret management for NixOS configurations.
tlock gives you time based encryption and decryption capabilities by relying on a drand threshold network as described in our tlock paper. It is implemented here as a Go library, which is used to implement the tle command line tool enabling anybody to leverage timelock encryption. A compatible…
CLI tool for threshold-based timelock encryption.
ragenix provides age-encrypted secrets for NixOS systems which live in the Nix store and are decrypted on system activation. Using ragenix to create, edit and rekey secrets is possible on any system which has Nix installed—with particular support for NixOS and macOS.
Rust-based replacement for NixOS secret management.
Installation \| Usage \| How does it work? \| Module options
Automated secret rekeying extension for NixOS.
Minimally invasive safe secret provisioning to Nix-generated service config files.
Secret provisioning for Nix-generated service configurations.
homeage is a module for home-manager that enables runtime decryption of declarative age files.
Nix home-manager module for declarative secret decryption.
Transparent age encryption support for Emacs modeled after EPG/EPA
Encryption support for the Emacs editor.
A simply utility for loading encrypted secrets from an age encrypted file.
Neovim utility for managing encrypted secrets.
Emacs support for passage: an age encryption based port of the standard unix password manager
Password store integration for Emacs.
kustomize-age is a plugin for kustomize that allows the user to keep local files encrypted with age that are decrypted before being used as files inside a kubernetes Secret.
Kustomize plugin for managing encrypted Kubernetes secrets.