Doppler + RedwoodJS

Doppler + RedwoodJS

Never worry about a sharing a .env file again

Christopher Burns's photo
Christopher Burns
·

4 min read

So whats doppler?

You may have not heard of it, but it allows you to remove your secrets from your project (.env) and then when at runtime, doppler will inject your secrets into your application! Cool right.

image.png

Whats RedwoodJS?

Redwood is an opinionated, full-stack, serverless web application framework that will allow you to build and deploy JAMstack applications with ease. Imagine a React frontend, statically delivered by CDN, that talks via GraphQL to your backend running on AWS Lambdas around the world, all deployable with just a git push—that's Redwood. By making a lot of decisions for you, Redwood lets you get to work on what makes your application special, instead of wasting cycles choosing and re-choosing various technologies and configurations. Plus, because Redwood is a proper framework, you benefit from continued performance and feature upgrades over time and with minimum effort.

How to set up redwood + doppler

Before you get started with doppler if you use my referal code you will get $100 of free credit! Invite link

First start by creating your super secret project on doppler image.png

Doppler has three default stages of secrets. So, depending on the stage of the application will depend of what secrets are used, all in the cloud and easy to roll if leaked! image.png

You can delete the staging branch if you don't need it, but start by putting in your secrets into your dev branch

Remember that doppler will replace your .env file, Replace every var you want to be used.

image.png

when you click save, a modal will popup and allow you to save the same variables to the other branches! Awesome

image.png

Now you have your Prod and Dev setup in doppler time to look at the code!

Setting up your Dev Env

1) Install Doppler onto your computer

MacOS

brew install dopplerhq/cli/doppler

Windows

# Add Doppler's scoop repo
scoop bucket add doppler https://github.com/DopplerHQ/scoop-doppler.git

# Install latest doppler cli
scoop install doppler

If you need any other OS's then please go to the documentation

1.2) Log into Doppler

time to login! 

doppler login

1.3) Run Doppler Setup

# Change to your project's directory
cd ./your/project/directory

# Select project and config
doppler setup

# If you want to check your secrets run
doppler secrets

image.png

image.png

image.png

2) Code Changes required

To inject your env secrets from doppler you have to run `doppler run -- before your script so doppler knows to inject the secrets! This can easily be done one of two ways, scripts in package.json (2.1) or a Alias (2.2)

2.1) Add the prepended doppler run -- to your package.json scripts (optional)

First Add some scripts into your root package.json

 "scripts": {
    "start": "doppler run -- yarn rw dev --esbuild",
    "start:api": "doppler run -- yarn rw dev api --esbuild",
    "serve": "doppler run -- yarn rw serve"
  },

2.2) alias redwood (optional)

If you use .zsh then you can alias redwood and doppler to automatically inject your secrets every-time you run a redwood command!

.zshrc

alias rw="doppler run -- yarn redwood"

3) Replacing your env secrets

Doppler recommends you rename your secrets into the the following format. 

// From 
const secret = process.env.SECRET_NAME

// To
const secret = process.env["SECRET_NAME"]

4) Run Redwood

Now thats you aliased rw or chose to use the scripts it will start and prepend your secrets into your dev env

// alias version
rw start
// script version
yarn start

That's your dev env set up but what about production?

Setting up your Production Env

Doppler has made many integration into things like Vercel, Netlify, Render to pretty much be plug and go!

Netlify - docs.doppler.com/docs/netlify Vercel - docs.doppler.com/docs/vercel Render - docs.doppler.com/docs/render PM2 - First you will need to install doppler onto your server and login + setup and then add the extra doppler runs to your pm2.config pm2.config.js

const name = 'redwood-pm2' // Name to use in PM2
const repo = 'git@github.com:xxx/redwood-pm2.git' // Link to your repo
const user = 'deploy' // Server user
const path = `/home/${user}/${name}` // Path on the server to deploy to
const host = 'example.com' // Server hostname
const port = 8911 // Port to use locally on the server
const build = `yarn install && yarn doppler run -- rw build && yarn doppler run -- rw prisma deploy`

module.exports = {
  apps: [
    {
      name,
      cwd: `${path}/current/`,
      script: 'doppler run -- node_modules/@redwoodjs/api-server/dist/index.js',
    },
  ],

  deploy: {
    production: {
      user,
      host,
      ref: 'origin/master',
      repo,
      path,
      ssh_options: 'ForwardAgent=yes',
      'post-deploy': `${build} && pm2 reload pm2.config.js --env production && pm2 save`,
    },
  },
}
JavaScriptReact