Firebase 私钥文件作为环境变量

Firebase 私钥文件作为环境变量

我对 Ubuntu 很陌生,正在开发一个基于 firebase firestore 数据库的项目。尝试在 ubuntu server 22.04 上运行服务。我可以使用私钥文件连接 firestore 数据库(在 Windows 中,我也可以使用环境变量来执行此操作),并且我想将此文件保密。为了实现这一点,我创建了一个带有机密的文件,并在我的服务配置文件中引用它,如下所示。

[Unit]
Description=myservice

[Service]
Type=simple
Restart=always
RestartSec=5sec
EnvironmetnFile=/etc/mysecrets/mysecret

[Install]
WantedBy=multi-user.target

它适用于诸如

MYSECRET=111111

但不能处理如下文件

    MYSECRET= {
  "type": "service_account",
  "project_id": "my-project-id",
  "private_key_id": "1234567890abcdef",
  "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDzq3MW0BWT4skj\n6pSG0ZXl...U6XyUrhRz\n-----END PRIVATE KEY-----\n",
  "client_email": "[email protected]",
  "client_id": "1234567890abcdef",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://oauth2.googleapis.com/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/my-project-id%40my-project-id.iam.gserviceaccount.com"
}

private_key 将有 1700 多个字符长\n

如何在 Ubuntu 服务器中创建包含如此大量信息的安全机密文件?有什么想法吗?

PS:这不是真实或有效的私钥文件

答案1

喜欢穆鲁上面评论说,单一配额解决了我的问题。我刚刚像这样输入了 secret,现在运行得很好。

回答解决了我的问题。

MYSECRET= '{
  "type": "service_account",
  "project_id": "my-project-id",
  "private_key_id": "1234567890abcdef",
  "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDzq3MW0BWT4skj\n6pSG0ZXl...U6XyUrhRz\n-----END PRIVATE KEY-----\n",
  "client_email": "[email protected]",
  "client_id": "1234567890abcdef",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://oauth2.googleapis.com/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/my-project-id%40my-project-id.iam.gserviceaccount.com"
}'

相关内容