DEV Community

Priscillia Aforah
Priscillia Aforah

Posted on • Updated on

Using Doppler as Secrets Manager on Ubuntu Linux

doppler

What is Ubuntu Linux?

Ubuntu is an open-source Linux operating system that is available with professional support. It comes with all you will ever need to run your organization or enterprise. Ubuntu is a Linux kernel-based distribution, meaning that it was built on the Linux operating system and that the Linux kernel is at the core of the Ubuntu operating system

Managing secrets on Ubuntu linux
There are many ways of managing secrets in Ubuntu like using and installing HashiCorp vault and then storing and retrieving the secrets over Transport Layer Security (TLS), Using a pipeline to pass the secrets around, passing your secrets via credential files into Docker containers or using the traditional .env files. (which is not advisable)

There is another way of managing and handling secrets on Ubuntu and that is by using Doppler

Introduction to Doppler Secret Management

Doppler is a fully managed Universal Secrets Manager that works across every language and can be used for storing and encrypting sensitive information, like passwords and API keys.
It is fully automated and integrates seamlessly across multiple platforms with a CLI that injects secrets into application processes as environmental variables.

Solutions offered by Doppler includes:
Universal Deployment: Doppler deploys and fetches secrets with containers or serverless anytime, anywhere.

Increased Productivity: Doppler increases productivity by keeping teams in sync and sharing changes immediately

Consistency: Doppler makes it easy for companies to organize their secrets across environment and projects

We are going to install Doppler in our workflow by making use of the Doppler CLI and we are going to do that by installing it from our terminal.

Setting up Doppler for use in our OS.
In this section, we are going to learn how to install Doppler into our workflow from our teminal. So navigate to your terminal on ur PC and input the following command below:

sudo apt-get update && sudo apt-get install -y apt-transport-https ca-certificates curl gnupg

If done correctly, then it should look like the image below:

The command above installs all the prerequisites for using Doppler CLI. Next we will enter the command below to add Doppler’s GNU Privacy Guard(GPG) key which is a public key that allows for secure transmission of information between parties. So to add the Doppler’s GPG key we run the following command:
curl -sLf --retry 3 --tlsv1.2 --proto "=https" 'https://packages.doppler.com/public/cli/gpg.DE2A7741A397C129.key' | sudo apt-key add -

You should get the message exactly like the image below if done correctly:

Next, we run the command below to add Doppler’s apt repo:

echo "deb https://packages.doppler.com/public/cli/deb/debian any-version main" | sudo tee /etc/apt/sources.list.d/doppler-cli.list

You should get the message exactly like the image below if done correctly:

Next, we fetch and then install the latest Doppler CLI
sudo apt-get update && sudo apt-get install -y doppler

And it should look like the image below if done correctly:

doppler --version

And it should look like the image below:

Set up a Doppler project on the Doppler’s website
Type the command below in your terminal:

doppler login

Then you will be prompted to open the authorization page in your browser, then you click y to accept and an auth code will automatically be created for you:

Next, you copy the auth code to the browser page and then click on next

Now you choose a name for your code and then click Finish Login

Connecting to Doppler
Now we go to our browser and then log into the Doppler dashboard and the click on the + icon to create a new project which will we name

Next, we run the command below to setup Doppler in our project’s root directory:

doppler setup

After that we select a config environment:

And then that’s it!

Conclusion
In this article, we have learnt about Doppler as a secret manager and Ubuntu OS and how to set up Doppler on Ubuntu. You can still continue the development by putting your .env files and any other secret or integrating with Doppler.

Discussion (0)