docs: add secrets management (vault & doppler)

astro.config.mjs

@@ -180,6 +180,13 @@ export default defineConfig({
         {
           label: 'Misc',
           items: [
+            {
+              label: 'Secrets',
+              link: '/misc/secrets',
+              attrs: {
+                icon: 'shield.svg',
+              },
+            },
             {
               label: 'Telemetry',
               link: '/misc/telemetry',

src/content/docs/misc/secrets.mdx

@@ -0,0 +1,111 @@
+---
+title: Secrets
+description: Learn how to manage and utilize secrets in Daytona.
+---
+
+Daytona provides secure methods to manage secrets and sensitive information within your Workspaces.
+
+## Vault
+
+Daytona integrates with HashiCorp Vault to securely manage and store secrets. Vault is a tool for securely accessing secrets and protecting sensitive data. It provides a simplified and secure method to store and manage sensitive data, such as API keys, passwords, and certificates.
+
+### Install Vault
+
+Daytona provides the option to install Vault in your Workspace.
+
+1. Download Vault and the Vault GPG key.
+
+```sh
+wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
+```
+
+2. Add the Vault repository.
+
+```sh
+echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
+```
+
+3. Update and install Vault.
+
+```sh
+sudo apt update && sudo apt install vault
+```
+
+### Configure Vault
+
+Daytona provides the option to configure Vault in your Workspace using the Vault address and token.
+
+1. Set the Vault address.
+
+```sh
+export VAULT_ADDR='http://<your_vault_address>:8200'
+```
+
+2. Set the Vault token.
+
+```sh
+export VAULT_TOKEN='your_vault_token'
+```
+
+### Retrieve Secrets
+
+Daytona provides the option to retrieve secrets from Vault.
+
+1. Retrieve secrets from Vault.
+
+```sh
+vault kv get secret/my_secret
+```
+
+## Doppler
+
+Daytona integrates with Doppler to securely manage and store secrets. Doppler is a tool for securely accessing secrets and protecting sensitive data. It provides a simplified method to secure secrets management across environments.
+
+### Install Doppler
+
+Daytona provides the option to install Doppler in your Workspace.
+
+1. Install the Doppler dependencies.
+
+```sh
+sudo apt update && sudo apt install -y apt-transport-https ca-certificates curl gnupg
+```
+
+2. Add the Doppler GPG key.
+
+```sh
+curl -sLf --retry 3 --tlsv1.2 --proto "=https" 'https://packages.doppler.com/public/cli/gpg.DE2A7741A397C129.key' | sudo gpg --dearmor -o /usr/share/keyrings/doppler-archive-keyring.gpg
+```
+
+3. Add the Doppler repository.
+
+```sh
+echo "deb [signed-by=/usr/share/keyrings/doppler-archive-keyring.gpg] https://packages.doppler.com/public/cli/deb/debian any-version main" | sudo tee /etc/apt/sources.list.d/doppler-cli.list
+```
+
+4. Update and install Doppler.
+
+```sh
+sudo apt update && sudo apt install doppler
+```
+
+### Configure Doppler
+
+Daytona provides the option to configure Doppler in your Workspace. Doppler requires a service token to authenticate and access secrets.
+
+1. Refer to the [Doppler documentation](https://docs.doppler.com/docs/service-tokens) to generate a service token for your Workspace.
+2. Set the service token.
+
+```sh
+echo 'your_service_token' | doppler configure set token --scope /
+```
+
+### Retrieve Secrets
+
+Daytona provides the option to retrieve secrets from Doppler.
+
+1. Retrieve secrets from Doppler.
+
+```sh
+doppler secrets get
+```