d-bis/proxmox
4
0
Fork 0
Code Issues 2 Pull Requests 13 Actions Packages Projects Releases Wiki Activity
Files
0a3fd461c60091cc4f14cff729481a239d1b251d
proxmox/.env.master.example
defiQUG dd02f4b59b
All checks were successful
Deploy to Phoenix / validate (push) Successful in 1m11s
Details
Deploy to Phoenix / deploy (push) Successful in 43s
Details
Deploy to Phoenix / deploy-atomic-swap-dapp (push) Successful in 1m32s
Details
phoenix-deploy Deployed to cloudflare-sync
Deploy to Phoenix / cloudflare (push) Successful in 38s
Details
Enhance .env configuration with Infura support and add new RPC endpoints for various networks. Update package.json with new deployment scripts for Engine X. Improve public LP compliance documentation in runbooks and scripts, including guidance for public pair repairs and funding strategies.
2026-05-07 18:19:37 -07:00

284 lines
8.8 KiB
Plaintext
Raw Blame History

# ============================================================================
# Master Secrets Template — ALL keys used across the workspace
# ============================================================================
# Copy to .env (repo root) or .env.master (local only). Fill values; NEVER commit.
# See: docs/04-configuration/MASTER_SECRETS.md for where each is used.
# ============================================================================
# --- Proxmox ---
PROXMOX_ML110=
PROXMOX_R630_01=
PROXMOX_R630_02=
PROXMOX_HOST=
PROXMOX_PORT=
PROXMOX_USER=
PROXMOX_TOKEN_NAME=
PROXMOX_TOKEN_VALUE=
PROXMOX_ALLOW_ELEVATED=
# --- Cloudflare ---
# Prefer CLOUDFLARE_API_TOKEN scoped to Zone:DNS:Edit on the zones you use (avoid global Account API key when possible).
# Bulk DNS script: scripts/update-all-dns-to-public-ip.sh — use --dry-run and --zone-only=sankofa.nexus (etc.) before wide updates.
CLOUDFLARE_API_TOKEN=
# Set to 1 if token has no DNS:Edit and you need Global API key for scripts/cloudflare/provision-d-bis-mail-dns-and-npmplus.sh etc.
CLOUDFLARE_DNS_PREFER_GLOBAL_KEY=
CLOUDFLARE_EMAIL=
CLOUDFLARE_API_KEY=
CLOUDFLARE_ZONE_ID=
CLOUDFLARE_ZONE_ID_D_BIS_ORG=
CLOUDFLARE_ZONE_ID_MIM4U_ORG=
CLOUDFLARE_ZONE_ID_SANKOFA_NEXUS=
CLOUDFLARE_ZONE_ID_DEFI_ORACLE_IO=
CLOUDFLARE_TUNNEL_TOKEN=
CLOUDFLARE_TUNNEL_ID=
CLOUDFLARE_TUNNEL_ID_ALLTRA_HYBX=
CLOUDFLARE_TUNNEL_ID_MIFOS_R630_02=
CLOUDFLARE_TUNNEL_TOKEN_MIFOS_R630_02=
CLOUDFLARE_ORIGIN_CA_KEY=
CLOUDFLARE_ACCOUNT_ID=
# --- ClouDNS ---
CLOUDNS_AUTH_ID=
CLOUDNS_AUTH_PASSWORD=
# --- NPM / NPMplus ---
# For scripts/verify/backup-npmplus.sh: NPM_EMAIL and NPM_PASSWORD are both required
# (no in-script defaults); see AGENTS.md operator / backup row.
# PMG (LXC 100) web UI — optional: run scripts/operator/sync-pmg-webui-password-to-dotenv.sh to pull from /root/PMG_WEBUI_password.txt
PMG_WEBUI_PASSWORD=
NPM_URL=
NPM_EMAIL=
NPM_PASSWORD=
NPM_HOST=
NPM_PROXMOX_HOST=
NPMPLUS_HOST=
NPM_VMID=
NPMPLUS_VMID=
NPMPLUS_ALLTRA_HYBX_VMID=
IP_NPMPLUS_ALLTRA_HYBX=
NPM_URL_MIFOS=
# --- Fastly ---
FASTLY_API_TOKEN=
# --- Network / UniFi / Omada ---
PUBLIC_IP=
PROXMOX_HOST_FOR_TEST=
UNIFI_UDM_URL=
UNIFI_API_KEY=
UNIFI_API_MODE=
UNIFI_SITE_ID=
UNIFI_VERIFY_SSL=
OMADA_API_KEY=
OMADA_CLIENT_SECRET=
# --- Gitea ---
GITEA_URL=
GITEA_TOKEN=
GITEA_ORG=
# --- Phoenix deploy API (Gitea Actions secrets on EACH repo that triggers deploy) ---
# PHOENIX_DEPLOY_URL= # full POST URL e.g. http://192.168.11.59:4001/api/deploy — same variable name as repo Secrets in Gitea
# PHOENIX_DEPLOY_TOKEN= # bearer for Phoenix deploy API — set per-repo Secret on Gitea, not necessarily in this root .env
# --- CyberSecur Global (Gov portal static site; optional Web3Forms intake) ---
# CYBERSECUR_WEB3FORMS_ACCESS_KEY= # web3forms.com — used by CyberSecur-Global/deploy/render-intake.sh (key is public in browser HTML per provider)
# After rotating the key in the Web3Forms dashboard, update this line and redeploy:
# CYBERSECUR_REPO=/path/to/CyberSecur-Global ./scripts/deployment/sync-cybersecur-global-to-ct7810.sh
# CYBERSECUR_INTAKE_REDIRECT_URL= # optional; default https://cybersecur.d-bis.org/intake-thanks.html
# --- Database & app auth ---
DATABASE_URL=
JWT_SECRET=
JWT_REFRESH_SECRET=
JWT_EXPIRES_IN=
JWT_REFRESH_EXPIRES_IN=
SESSION_SECRET=
ADMIN_CENTRAL_API_KEY=
DBIS_CENTRAL_URL=
ADMIN_JWT_SECRET=
# --- Storage (AWS / Azure) ---
STORAGE_TYPE=
STORAGE_PATH=
AWS_REGION=
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_S3_BUCKET=
AZURE_STORAGE_CONNECTION_STRING=
AZURE_STORAGE_CONTAINER=
# --- Blockchain / SMOM-DBIS-138 (use smom-dbis-138/.env for PRIVATE_KEY) ---
PRIVATE_KEY=
DEPLOYER_ADDRESS=
RPC_URL_138=
RPC_URL_138_PUBLIC=
# Infura (recommended): one dashboard project fills JSON-RPC for Ethereum + major L2s.
# Set INFURA_PROJECT_ID (or INFURA_API_KEY) and leave per-chain URLs empty to auto-fill in scripts/lib/load-project-env.sh,
# or set explicit URLs: https://mainnet.infura.io/v3/<PROJECT_ID>, https://polygon-mainnet.infura.io/v3/<PROJECT_ID>, …
INFURA_PROJECT_ID=
INFURA_API_KEY=
ETHEREUM_MAINNET_RPC=
POLYGON_MAINNET_RPC=
ARBITRUM_MAINNET_RPC=
OPTIMISM_MAINNET_RPC=
BASE_MAINNET_RPC=
AVALANCHE_MAINNET_RPC=
# BSC / Gnosis / Celo (Infura-supported networks)
BSC_RPC_URL=
GNOSIS_MAINNET_RPC=
CELO_MAINNET_RPC=
# Clear scripts/verify/check-external-dependencies.sh — use real service URLs when split; example interim health target:
# DBIS_CORE_URL=https://dbis-api.d-bis.org/health
DBIS_CORE_URL=
CC_PAYMENT_ADAPTERS_URL=
CC_AUDIT_LEDGER_URL=
CC_SHARED_EVENTS_URL=
CC_SHARED_SCHEMAS_URL=
FIN_GATEWAY_URL=
ALLIANCE_ACCESS_URL=
# cast must be in PATH; use a runner-reachable Chain 138 RPC, e.g.:
# CHAIN138_CI_RPC_URL=https://rpc.public-0138.defi-oracle.io
CHAIN138_CI_RPC_URL=
ALL_MAINNET_RPC=
# Alltra / Wemix / Etherlink: set for production; for local read-only checks, deployer-gas-auto-route.sh falls back to public RPCs documented in scripts/deployment/deployer-gas-auto-route.sh
CHAIN_651940_RPC_URL=
# ALLTRA_MAINNET_RPC=https://mainnet-rpc.alltra.global
# WEMIX_RPC_URL=https://api.wemix.com
# ETHERLINK_RPC_URL=https://node.mainnet.etherlink.com
CHAIN_1_UNISWAP_V2_FACTORY=0x5C69bEe701ef814a2B6a3EDD4B1652CB9cc5aA6f
CHAIN_1_UNISWAP_V2_ROUTER=0x7a250d5630B4cF539739dF2C5dAcb4c659F2488D
CHAIN_1_UNISWAP_V2_START_BLOCK=0
CHAIN_10_UNISWAP_V2_FACTORY=0x0c3c1c532F1e39EdF36BE9Fe0bE1410313E074Bf
CHAIN_10_UNISWAP_V2_ROUTER=0x4A7b5Da61326A6379179b40d00F57E5bbDC962c2
CHAIN_10_UNISWAP_V2_START_BLOCK=0
CHAIN_25_UNISWAP_V2_FACTORY=0x3B44B2a187a7b3824131F8db5a74194D0a42Fc15
CHAIN_25_UNISWAP_V2_ROUTER=0x145863Eb42Cf62847A6Ca784e6416C1682b1b2Ae
CHAIN_25_UNISWAP_V2_START_BLOCK=0
CHAIN_56_UNISWAP_V2_FACTORY=0xcA143Ce32Fe78f1f7019d7d551a6402fC5350c73
CHAIN_56_UNISWAP_V2_ROUTER=0x10ED43C718714eb63d5aA57B78B54704E256024E
CHAIN_56_UNISWAP_V2_START_BLOCK=0
CHAIN_100_UNISWAP_V2_FACTORY=0xc35DADB65012eC5796536bD9864eD8773aBc74C4
CHAIN_100_UNISWAP_V2_ROUTER=0x1b02dA8Cb0d097eB8D57A175b88c7D8b47997506
CHAIN_100_UNISWAP_V2_START_BLOCK=0
CHAIN_137_UNISWAP_V2_FACTORY=0x5757371414417b8C6CAad45bAeF941aBc7d3Ab32
CHAIN_137_UNISWAP_V2_ROUTER=0xa5E0829CaCEd8fFDD4De3c43696c57F7D7A678ff
CHAIN_137_UNISWAP_V2_START_BLOCK=0
CHAIN_42220_UNISWAP_V2_FACTORY=0x62d5b84bE28a183aBB507E125B384122D2C25fAE
CHAIN_42220_UNISWAP_V2_ROUTER=0xE3D8bd6Aed4F159bc8000a9cD47CffDb95F96121
CHAIN_42220_UNISWAP_V2_START_BLOCK=0
CHAIN_43114_UNISWAP_V2_FACTORY=0x9Ad6C38BE94206cA50bb0d90783181662f0Cfa10
CHAIN_43114_UNISWAP_V2_ROUTER=0x60aE616a2155Ee3d9A68541Ba4544862310933d4
CHAIN_43114_UNISWAP_V2_START_BLOCK=0
CHAIN_8453_UNISWAP_V2_FACTORY=0x02a84c1b3BBD7401a5f7fa98a384EBC70bB5749E
CHAIN_8453_UNISWAP_V2_ROUTER=0x8cFe327CEc66d1C090Dd72bd0FF11d690C33a2Eb
CHAIN_8453_UNISWAP_V2_START_BLOCK=0
CHAIN_42161_UNISWAP_V2_FACTORY=0x02a84c1b3BBD7401a5f7fa98a384EBC70bB5749E
CHAIN_42161_UNISWAP_V2_ROUTER=0x8cFe327CEc66d1C090Dd72bd0FF11d690C33a2Eb
CHAIN_42161_UNISWAP_V2_START_BLOCK=0
# Optional / scaffold-only until Wemix UniV2 routing is promoted
CHAIN_1111_UNISWAP_V2_FACTORY=
CHAIN_1111_UNISWAP_V2_ROUTER=
CHAIN_1111_UNISWAP_V2_START_BLOCK=0
ETHERLINK_RPC_URL=
TEZOS_RPC_URL=
ETHERSCAN_API_KEY=
WEMIXSCAN_API_KEY=
ETHERLINK_CCIP_SELECTOR=
TEZOS_BRIDGE_ENABLED=
ETHERLINK_BRIDGE_ENABLED=
TEZOS_RELAY_ORACLE_KEY=
ETHERLINK_RELAY_BRIDGE=
ETHERLINK_RELAY_PRIVATE_KEY=
JUMPER_API_KEY=
ONEINCH_API_KEY=
MOONPAY_API_KEY=
MOONPAY_SECRET_KEY=
RAMP_NETWORK_API_KEY=
ONRAMPER_API_KEY=
# --- Alerts & monitoring ---
SLACK_WEBHOOK_URL=
PAGERDUTY_INTEGRATION_KEY=
EMAIL_ALERT_API_URL=
EMAIL_ALERT_RECIPIENTS=
SENTRY_DSN=
# --- Legal / e-signature ---
E_SIGNATURE_BASE_URL=
# --- OTC / exchanges (dbis_core) ---
CRYPTO_COM_API_KEY=
CRYPTO_COM_API_SECRET=
CRYPTO_COM_ENVIRONMENT=
BINANCE_API_KEY=
BINANCE_API_SECRET=
KRAKEN_API_KEY=
KRAKEN_PRIVATE_KEY=
OANDA_API_KEY=
OANDA_ACCOUNT_ID=
OANDA_ENVIRONMENT=
FXCM_API_TOKEN=
# --- Price / market data ---
COINGECKO_API_KEY=
COINDESK_API_KEY=
COINMARKETCAP_API_KEY=
DEXSCREENER_API_KEY=
# --- Mifos / Fineract / OMNL ---
MIFOS_BASE_URL=
MIFOS_TENANT=
MIFOS_USER=
MIFOS_PASSWORD=
MIFOS_INSECURE=
OMNL_FINERACT_BASE_URL=
OMNL_FINERACT_TENANT=
OMNL_FINERACT_USER=
OMNL_FINERACT_PASSWORD=
# --- Phoenix / Sankofa / OMNIS backend ---
SANKOFA_PHOENIX_API_URL=
SANKOFA_PHOENIX_CLIENT_ID=
SANKOFA_PHOENIX_CLIENT_SECRET=
SANKOFA_PHOENIX_TENANT_ID=
# --- Frontend / MetaMask / Explorer ---
VITE_WALLETCONNECT_PROJECT_ID=
VITE_THIRDWEB_CLIENT_ID=
VITE_ETHERSCAN_API_KEY=
VITE_SENTRY_DSN=
VITE_API_URL=
VITE_API_BASE_URL=
NEXT_PUBLIC_API_URL=
NEXT_PUBLIC_CHAIN_ID=
METAMASK_API_KEY=
THIRDWEB_SECRET_KEY=
NPM_ACCESS_TOKEN=
# --- DeFi aggregators (alltra-lifi-settlement) ---
PARASWAP_API_KEY=
ZEROX_API_KEY=
# --- ProxmoxVE API (MongoDB) ---
MONGO_USER=
MONGO_PASSWORD=
MONGO_IP=
MONGO_PORT=
MONGO_DATABASE=
# --- Chain138 RPC (config) ---
CHAIN138_RPC_URL=
RPC_URL_138_FIREBLOCKS=
WS_URL_138_FIREBLOCKS=
CHAIN_ID_138=
# --- Phoenix deploy API ---
PORT=
GITEA_TOKEN=
# --- Optional / per-service ---
MARKET_REPORTING_API_KEY=
E_FILING_ENABLED=
NODE_ENV=
Reference in New Issue View Git Blame Copy Permalink