Creating .env.example Files



Before you make your repo public, you're going to want to make sure your .env files are excluded, but you also want to leave some examples for people who might clone your project.

Your .env file will be necessary. An .env.example file with an example of your needed secrets really helps people to get started.

Screenshot of vscode file explorer showing .env.example file

Quickly getting the job done

Below is an .env file with a couple of values. The NEXTAUTH_SECRET was quickly generated with openssl rand -base64 32. Assuming it was a valid value, I would not want that to accidentally get committed. Creating .env.example files is usually done by hand.


We can use the sed command to remove everything after =. Here is how you can do it:

.env -> .env.example
sed 's/=.*$/=/g' .env > .env.example

Make sure you run this in the directory where your .env file is located!

This powerful little command will read your .env file, replace = and anything that comes after it with =. Finally, it will output that into a new file named .env.example.

Please note that this command assumes that secrets are represented as values in key=value pairs and all secrets should be removed. If there's a more specific pattern to identify secrets, you may need to adjust the regex.

This command will not modify your original .env file, so no worries there.

Creating .example files for all environments

That's nice and everything, but what if you have multiple environments and want to have those files backed up as well? We can use a for loop to loop and grab every file that starts with .env, but it will avoid files ending in .example. This is crucial to avoid duplication.

.env* -> .env*.example
for file in $(ls .env* | grep -v '.example$'); do sed 's/=.*$/=/g' $file > ${file}.example; done

Pretty powerful stuff. It can safely be run multiple times and effortlessly creates your .example files.

Screenshot of vscode file explorer showing multiple .env.example files
Hope this helps at least one soul.

This will:

  1. List all files starting with .env.
  2. Exclude any files ending with .example from the list.
  3. Run the sed command on each file to replace key=value pairs with key=, effectively removing the secrets.
  4. Write the output to a new file named ${file}.example, where ${file} is the original filename.

Extra credit - Add to your .gitignore

I'd like a .gitignore pattern that will ensure that all .env files are ignored except those ending in .example.

# Ignore all .env files except .env files ending in .example


  • The first line .env* will ignore all files starting with .env.
  • The second line !.env*.example will not ignore files starting with .env and ending with .example.


Voila! Create .example files for all of your environments. Forget about using your brain for this task in the future. Use these scripts.

.env -> .env.example
sed 's/=.*$/=/g' .env > .env.example
.env* -> .env*.example
for file in $(ls .env* | grep -v '.example$'); do sed 's/=.*$/=/g' $file > ${file}.example; done