structure updates

tech_docs/python/env-GnuPG.md

@@ -0,0 +1,150 @@
+## Managing Environment Variables Securely in Python Projects
+
+This guide provides a step-by-step approach to managing environment variables in Python projects on Ubuntu servers using `dotenv` for handling environment variables and GnuPG (GPG) for file encryption.
+
+### Prerequisites
+
+- Python 3 installed on Ubuntu Server
+- Basic familiarity with terminal commands
+
+### Contents
+
+1. [Setting Up dotenv with .env Files](#1-setting-up-dotenv-with-env-files)
+2. [Encrypting and Decrypting .env Files with GPG](#2-encrypting-and-decrypting-env-files-with-gpg)
+3. [Automating Decryption in Python Scripts](#3-automating-decryption-in-python-scripts)
+4. [Backing Up GPG Keys](#4-backing-up-gpg-keys)
+5. [Basic GPG Commands](#5-basic-gpg-commands)
+
+---
+
+### 1. Setting Up `dotenv` with `.env` Files
+
+`dotenv` is a module that loads environment variables from a `.env` file into `os.environ`. This section covers creating a `.env` file and integrating `dotenv` into your Python project.
+
+#### Steps:
+
+1. **Create a `.env` File**:
+
+    ```bash
+    # Navigate to your project directory
+    cd /path/to/your/project
+
+    # Create a .env file
+    touch .env
+
+    # Add environment variables
+    echo "API_KEY=yourapikey123" >> .env
+    echo "DB_PASSWORD=hunter2" >> .env
+    ```
+
+2. **Install `python-dotenv`**:
+
+    ```bash
+    pip3 install python-dotenv
+    ```
+
+3. **Modify Your Python Script**:
+
+    ```python
+    import os
+    from dotenv import load_dotenv
+
+    load_dotenv()  # Loads the .env file
+
+    api_key = os.getenv('API_KEY')
+    db_password = os.getenv('DB_PASSWORD')
+
+    # Your script continues here...
+    ```
+
+4. **Update `.gitignore`**:
+
+    ```bash
+    echo ".env" >> .gitignore
+    ```
+
+### 2. Encrypting and Decrypting .env Files with GPG
+
+GnuPG (GPG) is used for encrypting files, ensuring sensitive information like environment variables in `.env` files is secure.
+
+#### Steps:
+
+1. **Install GnuPG**:
+
+    ```bash
+    sudo apt-get update
+    sudo apt-get install gnupg
+    ```
+
+2. **Encrypt the `.env` File**:
+
+    ```bash
+    gpg --encrypt --recipient your_user_id .env
+    ```
+
+3. **Decrypt the `.env` File When Needed**:
+
+    ```bash
+    gpg --output .env --decrypt .env.gpg
+    ```
+
+### 3. Automating Decryption in Python Scripts
+
+Automate the decryption of the `.env` file at the start of your Python script for convenience while maintaining security.
+
+#### Example Function:
+
+```python
+import subprocess
+import os
+from dotenv import load_dotenv
+
+def decrypt_env_file():
+    subprocess.run(['gpg', '--quiet', '--batch', '--yes', '--decrypt', '--output', '.env', '.env.gpg'])
+
+# Decrypt the .env file
+decrypt_env_file()
+
+# Load environment variables
+load_dotenv()
+
+# Your main script logic
+
+# Delete the .env file securely after use
+os.remove('.env')
+```
+
+### 4. Backing Up GPG Keys
+
+Regular backups of GPG keys are essential to avoid losing access to encrypted data.
+
+#### Steps:
+
+1. **Export Your Private Key**:
+
+    ```bash
+    gpg --export-secret-keys your_user_id > myprivatekey.asc
+    ```
+
+2. **Export Your Public Key**:
+
+    ```bash
+    gpg --export your_user_id > mypublickey.asc
+    ```
+
+### 5. Basic GPG Commands
+
+Familiarize yourself with basic GPG commands for managing your keys and encrypted files.
+
+#### Common Commands:
+
+- **List Keys**: `gpg --list-keys`, `gpg --list-secret-keys`
+- **Import Key**: `gpg --import [file]`
+- **Export Key**: `gpg --export -a [email/id] > public.key`
+- **Delete Key**: `gpg --delete-key [email/id]`, `gpg --delete-secret-key [email/id]`
+- **Encrypt File**: `gpg --encrypt --recipient [email/id] [file]`
+- **Decrypt File**: `gpg --decrypt [file.gpg]`
+
+---
+
+By following this guide, you will be able to securely manage environment variables in your Python projects, leveraging `dotenv` for environment variable management and GnuPG for encryption, ensuring your sensitive data remains protected.