Smallweb

Appearance

Env Variables

Environment variables

You can set environment variables for your app by creating a file called .env in the application folder.

Here is an example of a .env file:

txt
BEARER_TOKEN=SECURE_TOKEN

Use the Deno.env.get method to access the environment variables in your app:

ts
// File: ~/smallweb/demo/main.ts
export default {
  fetch(req: Request) {
    return new Response(`Hello, ${Deno.env.get("BEARER_TOKEN")}`, {
      headers: {
        "Content-Type": "text/plain",
      },
    });
  },
}

Injected environment variables

Smallweb automatically injects the following environment variables into your app:

  • SMALLWEB_VERSION: The version of the smallweb CLI.
  • SMALLWEB_DIR: The directory where the smallweb apps are stored.
  • SMALLWEB_DOMAIN: The domain where the smallweb apps are served from.
  • SMALLWEB_APP_NAME: The name of the app.
  • SMALLWEB_APP_DOMAIN: The domain of the app.
  • SMALLWEB_APP_URL: The base URL of the app.

In addition to these, the SMALLWEB_ADMIN environment variable is also set for admin apps.

Encrypted Secrets

This feature is recommended only for advanced users.

Smallweb delegates encryption to SOPS.

Encrypted secrets are stored in a secrets.enc.env file at the root of your app dir.

Smallweb will automatically decrypt the file and inject the secrets as environment variables into your app at runtime.

This is a opinionated guide, sops support other encryption methods.

Check the SOPS documentation for more information.

On MacOS/Linux, you can install SOPS using Homebrew:

sh
brew install sops

In this guide, we will use age to encrypt our secrets.

sh
brew install age

To generate a new key pair, run the following command:

sh
# linux / WSL
$ age-keygen -o $HOME/.config/sops/age/keys.txt
Public key: age1ud9l6jaer6fp9dnneva23asrauxh5zdhsjzz8zh7lzh02synyd3se9l6mc

# macOS
$ age-keygen -o $HOME/Library/Application\ Support/sops/age/keys.txt
Public key: age1ud9l6jaer6fp9dnneva23asrauxh5zdhsjzz8zh7lzh02synyd3se9l6mc

Then we'll create a .sops.yaml file at the root of our smallweb dir:

yaml
# ~/smallweb/.sops.yaml
creation_rules:
  - key_groups:
      - age:
          - age1ud9l6jaer6fp9dnneva23asrauxh5zdhsjzz8zh7lzh02synyd3se9l6mc # my public key

You can repeat the process to add more public keys

Make sure to run smallweb secrets --update-keys after adding new public keys

From now on, we can generate/edit a secrets.enc.env for your app using the following command:

sh
# edit <app> secrets
sops ./<app>/secrets.enc.env

Make sure to never edit the encrypted file directly!

If you add a new public key to your .sops.yaml file, you'll need to update the keys in your encrypted files:

sh
sops updatekeys .smallweb/.secrets.enc.env **/secrets.env.env