Direnv: Automatic Per-Directory Environment Variables for Development

TL;DR — Quick Summary

Direnv loads and unloads environment variables when you cd into a project directory. Per-project secrets, PATH extensions, and cloud configs — automatically.

Direnv makes per-project environment variables automatic. No more source .env, no more forgetting to set AWS credentials, no more leaking production secrets into dev — just cd into your project and everything is set.

Installation

# macOS
brew install direnv

# Ubuntu/Debian
sudo apt install direnv

# Arch Linux
sudo pacman -S direnv

# Hook into your shell (add to .bashrc/.zshrc)
eval "$(direnv hook bash)"
eval "$(direnv hook zsh)"
# Fish: direnv hook fish | source

Quick Start

# Create a project .envrc
cd ~/projects/myapp
echo 'export DATABASE_URL="postgres://localhost/mydb"' > .envrc
echo 'export API_KEY="dev-key-123"' >> .envrc
echo 'export NODE_ENV="development"' >> .envrc

# Approve the file (security: required once per change)
direnv allow

# Variables are now set!
echo $DATABASE_URL  # postgres://localhost/mydb

# Leave the directory — variables are unloaded
cd ~
echo $DATABASE_URL  # (empty)

Advanced .envrc Features

# Load a .env file
dotenv

# Extend PATH with local binaries
PATH_add bin
PATH_add node_modules/.bin

# Use a specific Node.js version (with mise/asdf)
use mise

# Use Nix
use nix
use flake

# Inherit from parent directory
source_up

# Per-environment secrets
if [ -f .envrc.local ]; then
  source .envrc.local
fi

# Cloud provider configs
export AWS_PROFILE="staging"
export KUBECONFIG="$PWD/k8s/config"

Use Cases

Scenario	.envrc Content
Database	`export DATABASE_URL=...`
AWS profile	`export AWS_PROFILE=staging`
Node version	`use mise`
Local tools	`PATH_add bin`
Kubernetes	`export KUBECONFIG=...`
Docker compose	`export COMPOSE_FILE=docker-compose.dev.yml`

Summary

Direnv loads/unloads environment variables on cd — automatically
Security: requires explicit direnv allow before running .envrc files
PATH_add, dotenv, use_nix, source_up for advanced workflows
Works with bash, zsh, fish, and all shell tools
Perfect for 12-factor apps, cloud profiles, and per-project secrets

Frequently Asked Questions

What is Direnv?

Direnv is a shell extension that loads and unloads environment variables based on the current directory. When you cd into a project, its .envrc file runs and sets variables. When you leave, they're automatically unloaded.

How is Direnv different from .env files?

dotenv (.env) files are loaded by your application. Direnv sets variables at the shell level — they're available to ALL tools, scripts, and commands in that directory. It also supports computed values and PATH manipulation.

Is Direnv secure?

Yes, Direnv requires explicit approval (direnv allow) before executing a new or modified .envrc file. This prevents malicious directory traps.

Does Direnv work with nix?

Yes, use_nix or use_flake in .envrc integrates Direnv with Nix for reproducible development environments.

Installation

Quick Start

Advanced .envrc Features

Use Cases

Summary

Related Articles

Frequently Asked Questions

Related Articles

k9s: A Terminal UI for Kubernetes — Manage Clusters Without kubectl

Mise: Polyglot Dev Tool Version Manager (asdf Successor)

Nix Package Manager: Reproducible Builds and System Configuration on Linux