Shelve
| v3.0.0
Get Started
Getting Started

Introduction

Learn about Shelve and how it can help you manage your environment variables and secrets.

Welcome to Shelve

Shelve is an open-source environment management platform designed to revolutionize how development teams handle their environment variables and secrets.

Born from the frustration of sharing sensitive information through insecure channels, Shelve provides a secure, collaborative, and developer-friendly solution for managing environment configurations across projects and teams.

Why Shelve?

  • Simple setup: one command to log in, another to inject secrets at runtime.
  • Team focused: built for modern development teams with collaboration and granular permissions.
  • Secure by default: per-project envelope encryption, OS-keychain token storage, scoped API tokens, and audit logs on every write.
  • Open source: completely free and self-hostable, giving you full control over your data.
  • Developer experience: CLI-first, .env-free workflow with shelve run.

Key features

Environment management

  • Centralized variable management across projects and teams.
  • First-class support for development, preview, production, plus custom environments.
  • Per-project data encryption keys (DEKs) sealed by a platform KEK — rotate scope is a single project.
  • Secret references (shelve://ENV/KEY) in .env.template for cross-environment composition.

Team collaboration

  • Role-based access control on teams and projects.
  • Scoped, expiring API tokens with optional IP allowlists.
  • Full audit trail of team, project, variable, and token changes.
  • Secure member invitations.

Integrations

  • GitHub secrets synchronization.
  • One-click deployment using Coolify.
  • Email authentication with OTP codes.
  • OAuth authentication (GitHub, Google).
  • Runtime injection into any process, CI, or container via shelve run.

Developer tools

  • CLI with init, login, run, pull, push, create, generate, config, upgrade.
  • Encrypted offline cache — work from a plane, get variables back online automatically.
  • AI-agent safety: init provisions .cursorignore / .aiderignore / .codeiumignore files and never exposes secrets to your coding agent.
  • Docker image and Vercel deploy button for self-hosting.

Getting Started

Ready to improve your environment management workflow? Head over to our Quickstart guide to begin your journey with Shelve.

Community and Support

Shelve is built by developers for developers. We believe in the power of community and open source. Join our growing community:

Whether you're a solo developer or part of a large team, Shelve adapts to your needs while maintaining security and simplicity at its core.

Quickstart

Get started with Shelve in minutes.