Ecto

Learn how Doppler can securely store and sync database credentials for your Elixir applications using Ecto by dynamically generating a config/*.exs file at runtime.

In this guide, we'll cover how to use the Doppler CLI to render a template with injected secret values from a specific environment.

Requirements

Import Secrets

Once you've signed up and created a Project, import your database credentials for each environment:

1600

Config Template

Next, we'll create a config template named config.exs.tmpl that will be used by the Doppler CLI to generate the config.exs file with substituted values:

# This file is auto-generated by Doppler ({{.DOPPLER_PROJECT}} > {{ .DOPPLER_CONFIG }})

config :my_app, Repo,
  database: "{{.DB_NAME}}",
  username: "{{.DB_USERNAME}}",
  password: "{{.DB_PASSWORD}}",
  hostname: "{{.DB_HOSTNAME}}",

Render Config File

Ensure the Doppler CLI is configured using doppler setup if developing locally or using a Service Token in a DOPPLER_TOKEN environment variable for live environments.

Using local development as an example, use Doppler CLI to render the config/dev.exs file:

doppler secrets substitute config.exs.tmpl > config/dev.exs

Which would produce something like the following:

# This file is auto-generated by Doppler (pheonix-app > dev)

config :my_app, Repo,
  database: "jean-grey-blog",
  username: "jean",
  password: "30a4e1bf-736e-41e3-b00d-2a117fa403c9",
  hostname: "postgres.cerebro",

πŸ‘

Awesome Work!

Now you know how to use the Doppler securely store your application database credentials and dynamically generate an Ecto config/*.exs file at runtime.