nox

Overview

nox is a Go-based tool for synchronizing, decrypting, and managing application secrets sourced from Git repositories. It integrates with the age encryption tool to ensure secrets are safely stored and only decrypted where needed. nox is well-suited for multi-environment setups, microservices, and infrastructure-as-code workflows.

Key Features

• Automated secret sync: Poll Git repositories and update decrypted outputs at a configurable interval
• Built-in age support: Decrypt with identities; optionally encrypt with recipients. age does not need to be installed on the system
• Multi-app profiles: Manage multiple apps, repos, branches, and file mappings in one config
• Change detection: Skip re-processing unchanged files via a state file
• Dry-run and force modes: Validate configurations safely and bypass state when needed