Configuration
Environment Variables
Section titled “Environment Variables”BWENV_DEBUG
Section titled “BWENV_DEBUG”Controls the debug output level:
BWENV_DEBUG=0: Silent mode (errors only)BWENV_DEBUG=1: Show processing steps, hide secret values (default)BWENV_DEBUG=2: Show processing steps and actual secret values (full debug)
# Set for single commandBWENV_DEBUG=2 bwenv init
# Set for direnv operationsBWENV_DEBUG=1 direnv allow
# Export for sessionexport BWENV_DEBUG=2bwenv interactiveBW_SESSION
Section titled “BW_SESSION”Bitwarden session token (managed automatically by bwenv):
# Typically set automatically when you unlock Bitwardenexport BW_SESSION="your-session-token"Command-Line Options
Section titled “Command-Line Options”Global Options
Section titled “Global Options”--debug[=LEVEL],-d: Enable debug mode (level 1 or 2)--quiet,-q: Quiet mode (minimal output)--help,-h: Show help information--version,-v: Show version information
# Debug modesbwenv --debug init # Level 2 (full debug)bwenv --debug=1 init # Level 1 (steps only)bwenv --debug=2 init # Level 2 (full debug)
# Quiet modebwenv --quiet initbwenv -q init
# Help and versionbwenv --helpbwenv --versionFile Locations
Section titled “File Locations”Configuration Files
Section titled “Configuration Files”- Helper Script:
~/.config/direnv/lib/bitwarden_folders.sh - CLI Executable:
~/.local/bin/bwenv(Unix/macOS) or%USERPROFILE%\.local\bin\bwenv.bat(Windows)
Project Files
Section titled “Project Files”- Environment File:
.envrc(created in project directory) - Backup:
.envrc.bak(created automatically if.envrcexists)
Bitwarden Integration
Section titled “Bitwarden Integration”Required Setup
Section titled “Required Setup”- Bitwarden CLI installed:
bw --versionshould work - Logged in:
bw login(one-time setup) - Folder organization: Secrets stored in organized folders
Folder Structure Recommendations
Section titled “Folder Structure Recommendations”Bitwarden Vault├── Personal/├── Work Projects/│ ├── ProjectA - Development│ ├── ProjectA - Staging│ ├── ProjectA - Production│ └── ProjectB - Development└── Shared Tools/ ├── CI/CD Secrets └── Development ToolsCustom Fields Format
Section titled “Custom Fields Format”Bitwarden items should use Custom Fields for environment variables:
Example Item: “Database Configuration”
- Name:
Database Configuration - Custom Fields:
DATABASE_URL→postgresql://user:pass@localhost:5432/myappDB_POOL_SIZE→20DB_TIMEOUT→30REDIS_URL→redis://localhost:6379
direnv Integration
Section titled “direnv Integration”Required Setup
Section titled “Required Setup”- direnv installed:
direnv --versionshould work - Shell hook configured:
Terminal window # Add to ~/.bashrc, ~/.zshrc, etc.eval "$(direnv hook bash)" # for basheval "$(direnv hook zsh)" # for zsh
Helper Script
Section titled “Helper Script”The bitwarden_folders.sh helper script is installed to ~/.config/direnv/lib/ and provides:
load_bitwarden_folder(): Main function to load secrets- Session management
- Error handling
- Debug output
Makefile Commands
Section titled “Makefile Commands”Available commands for project management:
make help # Show all available commandsmake install # Install bwenv CLI and helper scriptsmake setup-path # Add ~/.local/bin to PATH (Linux/macOS)make uninstall # Remove bwenv CLI and helper scriptsmake test # Run installation testsSecurity Configuration
Section titled “Security Configuration”Session Management
Section titled “Session Management”- Auto-unlock: bwenv will prompt for master password if needed
- Session timeout: Respects Bitwarden CLI session timeout
- Manual lock: Use
bw lockto manually lock session
File Permissions
Section titled “File Permissions”bwenv creates .envrc files with restricted permissions:
# .envrc permissions (readable by owner only)-rw------- 1 user user .envrcBest Practices
Section titled “Best Practices”- Lock when done: Always
bw lockafter work - Separate environments: Use different folders for dev/staging/prod
- Regular rotation: Rotate secrets regularly
- Team access: Use Bitwarden Organizations for team sharing
- Version control: Add
.envrcto.gitignore
Troubleshooting Configuration
Section titled “Troubleshooting Configuration”Common Issues
Section titled “Common Issues”-
direnv not loading:
Terminal window # Check direnv hook is in shell configgrep direnv ~/.bashrc ~/.zshrc# Check direnv statusdirenv status -
Bitwarden session issues:
Terminal window # Check statusbw status# Re-login if neededbw login# Unlock vaultbw unlock -
PATH issues:
Terminal window # Check if bwenv is in PATHwhich bwenv# Add to PATH manuallyexport PATH="$HOME/.local/bin:$PATH"
Debug Commands
Section titled “Debug Commands”# Test complete setupbwenv test
# Check Bitwarden foldersbw list folders
# Debug bwenv with full outputBWENV_DEBUG=2 bwenv interactive
# Check direnv configurationdirenv status
# Manual helper script testsource ~/.config/direnv/lib/bitwarden_folders.shAdvanced Configuration
Section titled “Advanced Configuration”Custom Installation Paths
Section titled “Custom Installation Paths”If you need different installation paths, manually copy files:
# Custom CLI locationcp setup/bwenv /your/custom/bin/path/
# Custom helper locationcp setup/bitwarden_folders.sh /your/custom/direnv/lib/Integration with CI/CD
Section titled “Integration with CI/CD”For automated environments:
# Use service account or API keyexport BW_CLIENTID="your-client-id"export BW_CLIENTSECRET="your-client-secret"
# Use quiet modebwenv --quiet init
# Bypass interactive promptsecho "folder-name" | bwenv init