0

I want to work with SFTP server in my lumen app and therefore i need to store the private key to access the SFTP server in the .env file (dotenv)

I tried this approach:

SFTP_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nHkVN9…\n-----END DSA PRIVATE KEY-----\n"

When I dd(env('SFTP_PRIVATE_KEY')); I am getting an empty string back

Any idea how to deal with this?

miken32
  • 42,008
  • 16
  • 111
  • 154
Latheesan
  • 23,247
  • 32
  • 107
  • 201
  • 1
    Just curiosity, why on earth would you need a private key as a string? Just keep it as the file and refer to it if you need the file itself. – ggdx Jan 18 '19 at 17:24
  • Because it's a bad idea to store SFTP private key credentials part of my source code / app in git repo. – Latheesan Jan 18 '19 at 17:24
  • 1
    add it to .gitignore? or outside the project entirely? – ggdx Jan 18 '19 at 17:28
  • Because the app is hosted in a docker container via AWS ECS and deployed via Circleci. You don't SSH onto the container and place the private on server, because thats less than ideal when the container crashes and moves around to different clusters. – Latheesan Jan 18 '19 at 17:35
  • 1
    To be honest, you shouldn't use .env-files in production at all. .env is meant to set environment variables in development (so you can mimic production environments). – M. Eriksson Jan 18 '19 at 17:35
  • I am well aware. In production i use circleci environment variables, which are used in the docker-compose yml files. i am developing locally first then it will be deployed to production. Whilst developing, I need the private key contents in env just like I will have access to it in production - through environment variables. – Latheesan Jan 18 '19 at 17:37

1 Answers1

2

Okay, I've managed to come up with a work around method like this:

  1. I've replaced every new line with double pipes: ||
  2. When I load the contents of the environment variables via lumen's env() function, I replaced it back to new lines

for e.g. my .env

SFTP_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----||HkVN9…||-----END DSA PRIVATE KEY-----||"

and here's how you use it:

$privateKey = env('SFTP_PRIVATE_KEY');
$privateKey = str_replace('||', PHP_EOL, $privateKey);

// Debug
echo '<pre>';
echo($privateKey);
exit;

I tested this and this now work, let me know if there is a better way.

Latheesan
  • 23,247
  • 32
  • 107
  • 201