Here’s a cool little trick for generating authorized keys files with doppler. Create configs as follows for each team member you need to give access to:
Now you can run the following:
doppler run -- printenv | grep SSH_AUTH_KEY | cut -d"=" -f2 > authorized_keys && chmod 600 authorized_keys
You can even run this on a crontab once an hour or so if you’d prefer to do so or just run it manually as needed.
You can even simplify this further using doppler secrets get:
doppler secrets get SSH_AUTH_KEY_ANIL --plain > authorized_keys && chmod 600 authorized_keys
Interesting are you stuffing it all into one big json in your case?
I was thinking every ssh key has its own variable and you’d have to do the following for each key:
doppler secrets get SSH_AUTH_KEY_* -c dev -p ... --plain
Are wildcard fetches like that supported?
Ahh my bad, I see now your script iterates through every key with the SSH_AUTH_KEY prefix. Neat!
Your solution is a good one and I’ve added it to a newly created Secrets Access page in our docs.
