Contributed by
Tobias Schultze,
Jérémy Derussé
Nicolas Grekas
in #33997.
Storing sensitive application information (passwords, tokens, certificates, etc.) is a challenging task. You cannot rely on traditional configuration files and you cannot rely either on environment variables. That's why in Symfony 4.4 we've added a new encryption-based feature to manage secrets.
Imagine that you want to keep the entire DATABASE_URL
content secret to
avoid leaking the database connection credentials. This is how you can do that:
Step 1. Generate the keys used to encrypt/decrypt secrets (this feature is based on a traditional public-key cryptography and uses the libsodium library):
1 | $ php bin/console secrets:generate-keys
|
This command generates a pair of keys in config/secrets/dev/
(or
config/secrets/prod/
). The public key is used to encrypt secrets and you
should commit it to your shared repository. The private key should not be
committed to the repository and should not be shared in any way.
Step 2. Upload the private key to your remote server using SSH or any other
safe means and store it in the same config/secrets/<environment>/
directory.
Step 3. Create a new secret to store the contents of DATABASE_URL
:
1 2 3 4 5 6 | $ php bin/console secrets:set DATABASE_URL
Please type the secret value:
> **************
[OK] Secret "DATABASE_URL" encrypted in "config/secrets/dev/"; you can commit it.
|
Each secret is stored in its own file inside the config/secrets/<environment>/
directory. You can commit these files to the repository because their contents
are not accessible unless you also have the private key.
Step 4. Update your application configuration to use this new secret as the
value of the DATABASE_URL
option:
1 2 3 4 5 | # config/packages/doctrine.yaml
doctrine:
dbal:
url: "%env(secret:DATABASE_URL)%"
# ...
|
The only required change is to add the secret:
env var processor to tell
Symfony that this is an encrypted secret that must be decrypted before using it.
That's all! Repeat the steps 3 and 4 for all the configuration values that you
want to turn into secrets. Use the other commands to complete the whole secret
management experience: secrets:remove
to delete secrets, secrets:list
to show all the secrets managed by the application, generate-keys --rotate
to change the existing keys by new ones and re-encrypt all secrets automatically, etc.
What a Symfony developer should know about the framework: News, Jobs, Tweets, Events, Videos,...