It feels unsafe to store dot files in source control as the article mentions. Is this a common practice? They could contain sensitive information and I fear people might be tempted to push to GitHub.
What about storing such files in a password manager/database?
There are a number of possible solutions:
git-remote-gcrypt: https://github.com/spwhitton/git-remote-gcrypt
git-crypt: https://github.com/AGWA/git-crypt
git-secret: https://github.com/sobolevn/git-secret
However, most people who self-host their Git repository are fine with just transport-level encryption (TLS).