Universal tool for synchronizing ~/.secrets/ directory across multiple machines
Secrets Sync Manager is a project-agnostic tool that helps you keep your secrets (API tokens, credentials, configuration files) synchronized across multiple machines using rsync over SSH.
- π Project-Agnostic: Works with Terraform, Docker Compose, Python, or any project
- π₯οΈ Multi-Machine Support: Sync to/from multiple machines (desktop, laptops, VPS)
- π¨ Interactive GUI: Beautiful terminal UI with menu-driven interface
- π§ Linux Integration: Desktop launcher for Linux Mint/Ubuntu
- π Bidirectional Sync: Push (β) or Pull (β) secrets
- π Dry-Run Mode: Preview changes before syncing
- π¦ Batch Operations: Sync to all machines at once
- π Secure: Uses SSH keys for authentication
Keep terraform.tfvars synced across machines:
~/.secrets/projects/myapp/terraform/terraform.tfvarsSync .env files:
~/.secrets/projects/myapp/.envCentralize all credentials:
~/.secrets/api_keys/openai.txt
~/.secrets/api_keys/github_token.txt# Clone repository
git clone https://github.com/sobol-mo/secrets-sync-manager.git
cd secrets-sync-manager
# Run installer
./install.shEdit ~/.config/secrets-sync/machines.conf:
# Format: NAME|USER|HOST
LAPTOP|maxim|192.168.1.20
VPS|root|example.com
# Launch interactive mode
secrets-sync-tool
# Or use from application menu
# Menu β System β Secrets Sync Manager- Full Documentation - Complete user guide
- Directory Structure - File organization
- Configuration Example - Sample config
βββββββββββββββ
β Desktop β 1. Edit secrets locally
β ~/.secrets/β 2. Run: secrets-sync-tool
ββββββββ¬βββββββ 3. Select "Push" and target machine
β
β rsync -avz ~/.secrets/ user@remote:~/.secrets/
β
βΌ
βββββββββββββββ
β VPS β 4. Secrets synced to remote
β ~/.secrets/β 5. Ready to use!
βββββββββββββββ
# 1. Edit secrets on desktop
nano ~/.secrets/projects/myapp/terraform/terraform.tfvars
# 2. Launch sync manager
secrets-sync-tool
# 3. Select "Push secrets"
# 4. Select "All machines"
# 5. β
Secrets synced to all machines!- OS: Linux (Ubuntu, Debian, Linux Mint, etc.)
- Shell: Bash
- Tools: rsync, ssh
- Optional: Desktop environment for menu integration
~/bin/secrets-sync/
βββ secrets-sync # Main executable
βββ install.sh # Installation script
βββ uninstall.sh # Uninstallation script
βββ README.md # Full documentation
βββ DIRECTORY.md # Directory overview
βββ config/
βββ machines.conf.example # Configuration template
- Use SSH keys (not passwords)
- Set
chmod 700 ~/.secrets - Set
chmod 600on secret files - Use different credentials for dev/staging/prod
- Regularly backup
~/.secrets/(encrypted)
- Don't commit secrets to Git
- Don't sync over unsecured networks
- Don't share SSH keys between machines
- Don't use root unless necessary
Contributions are welcome! Please feel free to submit a Pull Request.
# Clone repository
git clone https://github.com/sobol-mo/secrets-sync-manager.git
cd secrets-sync-manager
# Make changes
nano secrets-sync
# Test locally
./secrets-sync
# Commit changes
git add .
git commit -m "feat: your feature description"
git push origin mainThis project is licensed under the MIT License - see the LICENSE file for details.
- Built for managing secrets across multiple development machines
- Inspired by the need for simple, project-agnostic secret management
- Created as part of DevOps teaching materials
- Issues: GitHub Issues
- Documentation: See README.md for full documentation
- Email: your.email@example.com
- β Interactive terminal UI
- β Multi-machine support
- β Push/Pull operations
- β Dry-run mode
- β Desktop launcher
- Conflict detection and resolution
- GPG encryption at rest
- Backup before sync (with rollback)
- Sync history and logs
- GUI application (GTK/Qt)
- Webhook notifications
- Scheduled automatic syncs
- Multi-directional sync (mesh)
If you find this tool useful, please consider giving it a star on GitHub!
Made with β€οΈ by Maxim
Last Updated: 2026-01-27
Version: 1.0.0