Docs

Quick Start

Create your first project and manage secrets in under 5 minutes.

1. Install the CLI

Install the Redshift CLI using the install script or your package manager:

# Using install script (recommended)
curl -fsSL https://redshiftapp.com/install | sh

# Or with bun
bun add -g redshift

2. Authenticate

Log in with your Nostr identity. If you don't have one, Redshift can generate one for you:

redshift login

# You'll see:
# ? Select authentication method
# > NIP-07 Browser Extension (recommended)
#   Enter nsec manually
#   Use bunker URL
#   Generate new identity

For most users, we recommend using a NIP-07 browser extension like Alby or nos2x. See the Authentication docs for all options.

Important: Never share your nsec (private key). Anyone with your nsec can access your secrets.

3. Create a Project

Projects organize your secrets. You might have one project per application:

# Using the web admin (opens browser)
redshift serve

# Or create directly via CLI
# Projects are created in the web admin for now

Visit /admin to create projects and environments through the web interface.

4. Set Up Your Directory

Link a directory to a project/environment:

cd your-project
redshift setup

# You'll be prompted to select:
# ? Select a project: my-app
# ? Select an environment: development
# 
# ✓ Created .redshift.json

This creates a .redshift.json file in your project:

{
  "project": "my-app",
  "environment": "development"
}

Tip: Add .redshift.json to your .gitignore if you want different environments per developer, or commit it to share the same environment across your team.

5. Add Secrets

Add secrets via the web admin or CLI:

# Via CLI
redshift secrets set DATABASE_URL "postgres://localhost/mydb"
redshift secrets set API_KEY "sk-..."
redshift secrets set STRIPE_SECRET "sk_test_..."

# List all secrets
redshift secrets list

# Output:
# DATABASE_URL  postgres://localhost/mydb
# API_KEY       sk-...
# STRIPE_SECRET sk_test_...

6. Run Your Application

Use redshift run to inject secrets as environment variables:

# Run any command with secrets injected
redshift run -- npm start
redshift run -- python app.py
redshift run -- go run main.go

# Secrets are available as environment variables
# process.env.DATABASE_URL, os.environ['API_KEY'], etc.

Example: Node.js App

Here's a complete example for a Node.js application:

# 1. Install dependencies
npm init -y
npm install express

# 2. Create app
cat > index.js << 'EOF'
const express = require('express');
const app = express();

app.get('/', (req, res) => {
  res.json({
    message: 'Hello!',
    hasApiKey: !!process.env.API_KEY,
    environment: process.env.NODE_ENV
  });
});

app.listen(3000, () => console.log('Server running on :3000'));
EOF

# 3. Set up Redshift
redshift setup  # Select your project/environment

# 4. Add secrets
redshift secrets set API_KEY "my-secret-key"
redshift secrets set NODE_ENV "development"

# 5. Run with secrets
redshift run -- node index.js

Next Steps