[ChrisMarshallNY]

I hope it works out. What I do, is create a file, usually called something like "DoNotCheckThisIntoSourceControl.swift", and then put that in a directory called "DoNotCheckThisIntoSourceControl". I then add "DoNotCheckThisIntoSourceControl" to my .gitignore.

Clunky, but it works. I add things like server secrets and whatnot, there. I keep the file small, and usually add the contents to a secure note in 1Password, so there is version control, of a sort.

[jacobparker]

You might be interested in:

git config --global core.excludesfile ~/.gitignore

You can have a system-wide (but local only) .gitignore. It doesn't help other people who clone your repo, but it can be useful in some situations.

[callahad]

No need to change the config; the default global ignore file path is ~/.config/git/ignore

[jacobparker]

Ah, thank you.

[twic]

What i do is not put secrets in files in my source tree. If secrets have to go in files, they go in files somewhere well clear of any source control tool.

[cardmagic]

I built an e2e encrypted cloud service for secrets in case you’re interested in trying it: https://cloudenv.com

[tln]

You might like git-crypt then, to add actual version control for your secrets

[c0nsumer]

I do something similar, by having a pretty global exclude for folders called donotbackup in my backup tools. Quite useful.

[noodlesUK]

As far as backup is concerned, a well-supported (by Borg, restic, and others) way of excluding directories is by putting a file that conforms to the CACHEDIR.TAG standard.

https://bford.info/cachedir/

[c0nsumer]

Thanks! I wasn't aware of this. Mostly it's for Apple's Time Machine which doesn't support it, but this is neat to hear about.

[tomcam]

I like this idea a lot and I am slightly annoyed that I didn’t think of it myself. Thanks for the contribution.

[swid]

If people are looking for a way to put encrypted files into git, you can use LockGit https://github.com/jswidler/lockgit.