diff --git a/README.md b/README.md index c34f71a..21dee05 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,32 @@ config :my_app, MyApp.Repo, database: "path/to/my/database.db", ``` +## Database Encryption + +As of version 0.9, `exqlite` supports loading database engines at runtime rather than compiling `sqlite3.c` itself. +This can be used to support database level encryption via alternate engines such as [SQLCipher](https://www.zetetic.net/sqlcipher/design) +or the [Official SEE extension](https://www.sqlite.org/see/doc/trunk/www/readme.wiki). Once you have either of those projects installed +on your system, use the following environment variables during compilation: + +```bash +# tell exqlite that we wish to use some other sqlite installation. this will prevent sqlite3.c and friends from compiling +export EXQLITE_USE_SYSTEM=1 + +# Tell exqlite where to find the `sqlite3.h` file +export EXQLITE_SYSTEM_CFLAGS=-I/usr/local/include/sqlcipher + +# tell exqlite which sqlite implementation to use +export EXQLITE_SYSTEM_LDFLAGS=-L/usr/local/lib -lsqlcipher +``` + +Once you have `exqlite` configured, you can use the `:key` option in the database config to enable encryption: + +```elixir +config :my_app, MyApp.Repo, + database: "path/to/my/encrypted-database.db", + key: "super-secret' +``` + ## Benchmarks We have some benchmarks comparing it against the `MySQL` and `Postgres` adapters.