Skip to content

lucasepe/locker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
.github/workflows
.github/workflows
 
 
cmd
cmd
 
 
internal
internal
 
 
testdata
testdata
 
 
.gitignore
.gitignore
 
 
.goreleaser.yaml
.goreleaser.yaml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

Locker

┬  ┌─┐┌─┐┬┌─┌─┐┬─┐
│  │ ││  ├┴┐├┤ ├┬┘
┴─┘└─┘└─┘┴ ┴└─┘┴└─
Store secrets on your local file system.

> specify a master password setting the env var: LOCKER_SECRET

Usage:
   locker <command>

Commands:
   delete   Delete one or all secrets from a namespace.
   get      Get one, some or all secrets from a namespace.
   help     Show a list of all commands or describe a specific command.
   import   Import secrets.
   info     Print build information and list all existing lockers.
   list     List all namespaces or all keys in a namespace.
   put      Put a secret into a namespace.
   totp     Generate a time-based OTP from a 'totp' key into a namespace.

A Locker is a store on your file system (built on top of the amazing bbolt).

  • create as many lockers as you need

Secret

Secrets are credentials, tokens, secure notes, credit cards, and any info you want.

  • a secret has a key and a value
  • create unlimited number of secrets
  • organize secrets into namespaces
  • secrets are encrypted and decrypted automatically
    • using the environment variable LOCKER_SECRET with your master secret phrase
    • encryption will be done using AES-256-CFB

Using Keyring for master secret

Locker can read your master secret phrase LOCKER_SECRET from the system keyring thanks to the go keyring library.

On macOs

  1. Open the Keychain Access app on your Mac.

  2. Create the password LOCKER_SECRET in the Keychain, save it.

  3. Double-click the LOCKER_SECRET password in the Keychain window under the Kind column, then click Access Control.

  4. To give locker commandline tool access to this password: click the "Add" button, then navigate to the /path/where/you/saved/locker/binary and click "Save Changes"

  • if you installed locker using brew, the binary will be located at /opt/homebrew/Cellar/locker/x.y.z./bin/ (where x.y.z. is the release version).

Namespaces

Namespaces are used to group and organize your secrets.

TOTP

Locker can generate Time Based OTP codes parsing TOTP urls stored under a special key named totp.

If you store a TOTP url like this:

locker put -n acme -k totp "otpauth://totp/Acme?secret=IRXW4J3UEBKGK3DMEBAW46KPNZSSC"

then whenever you need you can generate the totp code using this command:

locker totp -n acme

How To Install

MacOs

brew tap lucasepe/locker
brew install locker

or if you have already installed memo using brew, you can upgrade it by running:

brew upgrade locker

From binary releases (macOS, Windows, Linux)

memo currently provides pre-built binaries for the following:

  • macOS (Darwin)
  • Windows
  • Linux

  1. Download the appropriate version for your platform from locker releases.

  2. Once downloaded unpack the archive (zip for Windows; tarball for Linux and macOS) to extract the executable binary.

  3. If you want to use from any location you must put the binary executable to your Path or add the directory where is it to the environment variables.

Using Go toolchain

go install github.com/lucasepe/locker@latest

About

Store secrets on your local file system.

Topics

golang localstorage standalone keyrings secrets-manager

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 3

v0.3.0 Latest
Apr 16, 2023
+ 2 releases

Packages

No packages published

Languages