Easily manage environment variables for your DigitalOcean applications
This guide will show you how to use the Doppler DigitalOcean Marketplace App to securely manage secrets for applications hosted on DigitalOcean.
- You have created a project in Doppler
- You have a DigitalOcean account
- You are familiar with creating and configuring a Droplet
Create Service Token
Accessing your secrets as environment variables in your DigitalIOcean droplet requires a Service Token to provide read-only access to a specific config. We'll cover how to provide this in the Configure Droplet section.
Go to the Doppler DigitalOcean Marketplace page, then click the Create Doppler Droplet button.
This will take you to the DigitalOcean dashboard to configure your Droplet for launch.
The Doppler CLI should be configured when creating the Droplet by scoping the Doppler Service Token to the file system location of your application code. This only needs to be performed once.
Configure your Droplet as usual until you reach the Select additional options section, then click the User data checkbox.
In the User data text area, enter the following (replacing the Service Token and path to your application code):
#!/bin/bash # Ensure the latest version of the CLI is installed sudo doppler update # Change service token and app directory path doppler configure set token dp.st.prd.xxxx --scope /home/ubuntu/your-app # Removing the Service Token value from bash history history -c
Continue configuring your Droplet, then click the Create Droplet button.
Now that the Doppler Droplet has been created, let's sign-in using ssh to test the Doppler CLI can fetch secrets successfully.
The username is root and you'll need the Droplet public IP address (ipv4):
Once logged in, change into the application directory, and test the Doppler CLI is configured correctly:
# Replace with path to your application /home/ubuntu/your-app doppler secrets
If you're looking for a command that will run your application in the background with logging support for
stderror, it could look like the following using
nohup and the
& operator to background the process:
# Replace `start-your-app` with your command nohup doppler run -- start-your-app > $PWD/app.log 2> $PWD/app_error.log &
If you're new to Doppler, check out our Getting Started Guide to learn more about how to supply secrets to your application.
Now you know to use the Doppler DigitalOcean Marketplace App to securely manage secrets for applications hosted on DigitalOcean.
Updated over 1 year ago