.env File Generator
Build a .env file with shell-safe quoting and a matching .env.example.
Written by Golam Rabbani, Founder & Lead Engineer
How to use this .env file generator
- Enter an app name for the top-of-file comment, and pick whether to auto-uppercase keys.
- Add a variable per row — key, value, and an optional comment.
- Click + Add variable to add more rows. Each key is validated against the standard env-var rules.
- Click Generate to produce a .env file with shell-safe quoting plus a matching .env.example with values masked.
- Use Copy .env for the real file, Copy .env.example for the redacted version you can commit safely.
About this .env file generator
The .env file generator produces a valid, shell-safe `.env` file plus a matching `.env.example` with values masked. Keys are validated against the standard rule — start with a letter or underscore, then letters, digits, and underscores only — so misnamed variables fail loudly instead of breaking your loader silently.
Values are double-quoted only when they need to be: anything containing whitespace, `#`, quotes, backticks, dollar signs, or shell metacharacters gets wrapped and escaped. Plain strings like `production` or `3000` stay unquoted, which keeps the file readable while staying safe for `set -a; source .env`. The matching `.env.example` redacts each value to `xx****yy` (first two and last two characters) so secrets are not committed but variables names and structure are still visible.
For example, the variables `NODE_ENV=production`, `PORT=3000`, and `DATABASE_URL=postgres://user:p@ss word@localhost/db` produce a `.env` like:
NODE_ENV=production PORT=3000 DATABASE_URL="postgres://user:p@ss word@localhost/db"
and a matching `.env.example`:
NODE_ENV=pr****on PORT=**** DATABASE_URL=po****db
Everything runs locally in your browser — no value ever leaves the device.
FAQ
- Why are some values quoted and others not?
- The generator quotes a value only when it has to: anything containing whitespace, `#`, `$`, backticks, quotes, or other shell metacharacters gets wrapped in double quotes and escaped. Plain values stay unquoted so the file reads cleanly. The result works with `dotenv`, `docker-compose`, and `set -a; source .env`.
- Should I commit the .env file or the .env.example?
- Commit the `.env.example` — it documents the variables your project needs without exposing secrets. Add `.env` to your `.gitignore` so the real values never end up in source control. The generator emits both files for exactly this workflow.
- What characters are allowed in a key?
- A key must start with a letter (A–Z, a–z) or underscore, followed by any combination of letters, digits, and underscores. Spaces, dashes, dots, and unicode are rejected. The "Uppercase keys" toggle converts on the way out so you can type lowercase and still ship UPPER_SNAKE_CASE.
- How does the masking in .env.example work?
- Values shorter than four characters become `****`; longer ones keep the first two and last two characters with `****` in the middle, so a reader can verify the variable is roughly the right shape without seeing the secret. Empty values are kept empty.
- Does the generator send my keys or values anywhere?
- No. The form, validation, and file rendering all run in your browser. Closing the tab discards the variables.
- Is this .env file generator free to use?
- Yes, it is completely free with no account, no signup, and no usage limits.