shredbx logo
shredbx shredbx shredbx shredbx Personal
  • Home
  • Lab
  • Portfolio
  • Experience
  • Services
  • Profile
  • Contact
AClaude
  • Home
  • Lab
  • Portfolio
  • Experience
  • Services
  • Profile
  • Contact
Andrei Solovev
Knowledge
Search knowledge... ⌘K
Knowledge · Guidelines · docker

Sa Token Injection

Per-app SA token setup via Dokploy env vars

Andrei Solovev

Metadata

docker docker mandatory

Procedures

Showing 3 of 4

  1. 1 Identify application's vault tier
    Check the server model YAML for vault bindings to determine whether the application uses admin or readonly SA token tier
    # In server model (e.g., .sbx/workspace/infrastructure/servers/vps-01.yml)
    vault:
      bindings:
        - tier: admin
          apps: [dokploy, postgres]
        - tier: readonly
          apps: [sbx-api, shredbx-api, bestays-api]
  2. 2 Retrieve SA token
    Use the vault status API or 1Password CLI to get the SA token for the application's assigned tier
    # Via 1Password CLI
    op item get "SA Token - Readonly" --vault "Infrastructure" --field credential
    
    # Via server bootstrap API (if available)
    curl https://api.shredbx.com/api/infrastructure/servers/vps-01/vault/status
  3. 3 Set env var on compose project
    Use compose.update API to add OP_SERVICE_ACCOUNT_TOKEN=<token> to the env string for the compose project
    curl -X POST https://dokploy.shredbx.com/api/compose.update \
      -H "Authorization: Bearer $DOKPLOY_TOKEN" \
      -H "Content-Type: application/json" \
      -d '{
        "composeId": "<compose-id>",
        "env": "OP_SERVICE_ACCOUNT_TOKEN=ops_eyJ...\nNODE_ENV=production"
      }'

Tools

  • 1Password CLI
  • Dokploy API
shredbx logo shredbx shredbx shredbx shredbx Andrei Solovev

Solution Architect & Lead Software Engineer

ExperiencePortfolioResearch & ExperimentsEducationCertificationSkills
GitHub ↗LinkedIn ↗Email ↗
AVAILABLE FOR NEW PROJECTS
// MY LATEST BEATS
Hobby & Interests

Lab

  • The Lab
  • Framework
  • Components
  • Packages
  • Games
  • Process (SDLC)
  • Knowledge
  • Blog

Andrei

  • Portfolio
  • Experience
  • Services
  • Profile
  • Contact
  • Lifestyle

Team

  • Team
  • Andrei
  • Claude

Legal

  • Privacy
  • Terms
  • Cookies
© 2026 shredbx.com. All rights reserved. — Andrei Solovev |