The Complete .env Suite for Laravel Teams

Securely manage, effortlessly sync, validate, audit changes, and confidently deploy your Laravel environment variables and secrets—all within one unified platform.

Get Started Documentation

Zero-knowledge

Your environment data is encrypted locally before it ever leaves your machine.

Validation

Locally validate your .env files to catch errors before deployment without touching third-party servers.

Robust Versioning

Track every change with full environment history and rollback capability.

Comprehensive Auditing

Detailed audit logs provide full transparency into environment file activities.

Precision Sharing

Fine-grained organization permissions ensure controlled access without confusion.

Seamless Deployments

Easily integrate into your existing CI/CD workflows to deploy configs securely.

Effortless, Secure Sharing

Keep your environment secrets out of inboxes and DMs—where they don’t belong.

> ghostable env:push

Which environment would you like to push?

○ Local

› ● Staging

○ Production

Environment Staging pushed to Ghostable.

> (3) added, (5) updated, & (1) removed

Enforced Validation, No Surprises

Validate environment variables before deploys — so you never push broken config again.

> Validating Production...

APP_KEY is present

DB_CONNECTION is one of: mysql

QUEUE_CONNECTION is set to sync (recommended: redis)

APP_DEBUG must be false in production

Custom Rules

Define required keys, types, lengths, and allowed values for each project.

Preflight Validation

Validate your .env before merging or deploying—automatically.

Organization Enforcement

Enforce consistent config rules across organizations, environments, and pipelines.

Yes. Ghostable uses a Zero-Knowledge architecture — all environment data is encrypted locally before it ever leaves your machine. Only ciphertext is stored on Ghostable’s servers, and your encryption keys never leave your device. This means it is mathematically impossible for Ghostable to decrypt your data, even if we wanted to.

Ghostable makes sharing environment files effortless and secure. When you push an update with the CLI, it’s encrypted locally using your team’s master seed key before leaving your machine. Teammates with access to the same team key can pull and decrypt it locally—no plaintext ever touches Ghostable’s servers. Everyone always gets the latest version automatically, without emailing .env files or dropping them in Slack.

Validation now runs entirely in your local CLI — nothing ever leaves your machine. You can define simple rules for required keys, allowed values, and formats like URLs, emails, or booleans. The CLI checks your environment against these rules before a push or deploy, helping you catch issues early while keeping Ghostable fully zero-knowledge.

Yes. You can define rules at the project level and apply them across all linked environments. Ghostable ensures consistency for staging, production, and beyond.

Absolutely. Every change is versioned automatically, so you can review who changed what—and when. You can also roll back to a previous version at any time.

Access is scoped by organization and project roles. You control who can read, write, or validate environments using fine-grained permissions for each collaborator.

Yes. You can run validations as part of your CI pipeline to ensure environments meet your rules before deploying. CLI and API integrations are available.