Doppler Relay proxy

Can Doppler support environments running in private networks without direct access to the internet?Is there any kind of relay available that can acts as an intermediary between the environment and the Doppler cloud service?

Thank you!

Hi @Max_Levitzky!

Welcome to the Doppler Community!

You can’t use Doppler directly without internet access and we don’t have any kind of proxy that can be used at this point. That said, there are a couple things you could potentially do here:

  1. Fallback Files - When doppler run executes, it automatically creates an encrypted fallback file it will try using if it can’t reach on a subsequent run. This alone wouldn’t help you really, however, you can manually generate these using doppler secrets download. If you perform builds from a location that has internet access, then you could fetch the secrets and include the encrypted fallback file with your deployment during the build process. After the deploy, you would then execute with doppler run --fallback /path/to/fallback.json --fallback-only. Out-of-the-box, these encrypted fallback files are tied to the specific access token that was used when they were created, but you can set a passphrase that will then allow it to be used with other tokens by passing in --passphrase your-passphrase-here when creating the file and also when using doppler run (it can also be passed in by setting the DOPPLER_PASSPHRASE environment variable.

  2. Integrations - Depending upon where you’re running from, it might be possible to have Doppler sync your secrets via an integration to the service you’re using. It could then expose those secrets to your deployment in a way that doesn’t require direct access to Doppler. This will be highly dependent on what services you’re using though.

That will hopefully give you some options to work with!


1 Like

Hi Joel,
Thanks for your response.
Our private environment has access to a public environment that has internet access , so we could potentially use it as a proxy. Could you confirm that Doppler would not block proxied requests?



@Max_Levitzky Sorry for the delay getting back to you! If you have a regular HTTP/HTTPS proxy, then our CLI should support it if you specify that in either the HTTP_PROXY or HTTPS_PROXY environment variables in the environment you’re running the CLI in. In terms of our backend service – we don’t have any kind of generic proxy blocks as far as I’m aware. All requests to our API do run through Cloudflare, but if you get blocked for some reason, just let us know by contacting (or by opening a ticket at and we’ll see what we can do to help there.

1 Like