e6bc7a6d7c
- Gitea: add validate-on-pr.yml (run-all-validation only; no deploy) - .env.master.example: document NPM_EMAIL/NPM_PASSWORD for backup-npmplus - pnpm: allowedVersions for @solana/sysvars to quiet thirdweb/x402 peer drift - AGENTS + verify README: CI pointers and .env.master.example for env - backup-npmplus: npm_lxc_ssh helper; keep prior timeout/BatchMode behavior - check-pnpm-workspace-lockfile + run-all-validation step 1b (from prior work in same commit set) Made-with: Cursor
234 lines
6.1 KiB
Plaintext
234 lines
6.1 KiB
Plaintext
# ============================================================================
|
|
# Master Secrets Template — ALL keys used across the workspace
|
|
# ============================================================================
|
|
# Copy to .env (repo root) or .env.master (local only). Fill values; NEVER commit.
|
|
# See: docs/04-configuration/MASTER_SECRETS.md for where each is used.
|
|
# ============================================================================
|
|
|
|
# --- Proxmox ---
|
|
PROXMOX_ML110=
|
|
PROXMOX_R630_01=
|
|
PROXMOX_R630_02=
|
|
PROXMOX_HOST=
|
|
PROXMOX_PORT=
|
|
PROXMOX_USER=
|
|
PROXMOX_TOKEN_NAME=
|
|
PROXMOX_TOKEN_VALUE=
|
|
PROXMOX_ALLOW_ELEVATED=
|
|
|
|
# --- Cloudflare ---
|
|
# Prefer CLOUDFLARE_API_TOKEN scoped to Zone:DNS:Edit on the zones you use (avoid global Account API key when possible).
|
|
# Bulk DNS script: scripts/update-all-dns-to-public-ip.sh — use --dry-run and --zone-only=sankofa.nexus (etc.) before wide updates.
|
|
CLOUDFLARE_API_TOKEN=
|
|
CLOUDFLARE_EMAIL=
|
|
CLOUDFLARE_API_KEY=
|
|
CLOUDFLARE_ZONE_ID=
|
|
CLOUDFLARE_ZONE_ID_D_BIS_ORG=
|
|
CLOUDFLARE_ZONE_ID_MIM4U_ORG=
|
|
CLOUDFLARE_ZONE_ID_SANKOFA_NEXUS=
|
|
CLOUDFLARE_ZONE_ID_DEFI_ORACLE_IO=
|
|
CLOUDFLARE_TUNNEL_TOKEN=
|
|
CLOUDFLARE_TUNNEL_ID=
|
|
CLOUDFLARE_TUNNEL_ID_ALLTRA_HYBX=
|
|
CLOUDFLARE_TUNNEL_ID_MIFOS_R630_02=
|
|
CLOUDFLARE_TUNNEL_TOKEN_MIFOS_R630_02=
|
|
CLOUDFLARE_ORIGIN_CA_KEY=
|
|
CLOUDFLARE_ACCOUNT_ID=
|
|
|
|
# --- ClouDNS ---
|
|
CLOUDNS_AUTH_ID=
|
|
CLOUDNS_AUTH_PASSWORD=
|
|
|
|
# --- NPM / NPMplus ---
|
|
# For scripts/verify/backup-npmplus.sh: NPM_EMAIL and NPM_PASSWORD are both required
|
|
# (no in-script defaults); see AGENTS.md operator / backup row.
|
|
NPM_URL=
|
|
NPM_EMAIL=
|
|
NPM_PASSWORD=
|
|
NPM_HOST=
|
|
NPM_PROXMOX_HOST=
|
|
NPMPLUS_HOST=
|
|
NPM_VMID=
|
|
NPMPLUS_VMID=
|
|
NPMPLUS_ALLTRA_HYBX_VMID=
|
|
IP_NPMPLUS_ALLTRA_HYBX=
|
|
NPM_URL_MIFOS=
|
|
|
|
# --- Fastly ---
|
|
FASTLY_API_TOKEN=
|
|
|
|
# --- Network / UniFi / Omada ---
|
|
PUBLIC_IP=
|
|
PROXMOX_HOST_FOR_TEST=
|
|
UNIFI_UDM_URL=
|
|
UNIFI_API_KEY=
|
|
UNIFI_API_MODE=
|
|
UNIFI_SITE_ID=
|
|
UNIFI_VERIFY_SSL=
|
|
OMADA_API_KEY=
|
|
OMADA_CLIENT_SECRET=
|
|
|
|
# --- Gitea ---
|
|
GITEA_URL=
|
|
GITEA_TOKEN=
|
|
GITEA_ORG=
|
|
|
|
# --- Database & app auth ---
|
|
DATABASE_URL=
|
|
JWT_SECRET=
|
|
JWT_REFRESH_SECRET=
|
|
JWT_EXPIRES_IN=
|
|
JWT_REFRESH_EXPIRES_IN=
|
|
SESSION_SECRET=
|
|
ADMIN_CENTRAL_API_KEY=
|
|
DBIS_CENTRAL_URL=
|
|
ADMIN_JWT_SECRET=
|
|
|
|
# --- Storage (AWS / Azure) ---
|
|
STORAGE_TYPE=
|
|
STORAGE_PATH=
|
|
AWS_REGION=
|
|
AWS_ACCESS_KEY_ID=
|
|
AWS_SECRET_ACCESS_KEY=
|
|
AWS_S3_BUCKET=
|
|
AZURE_STORAGE_CONNECTION_STRING=
|
|
AZURE_STORAGE_CONTAINER=
|
|
|
|
# --- Blockchain / SMOM-DBIS-138 (use smom-dbis-138/.env for PRIVATE_KEY) ---
|
|
PRIVATE_KEY=
|
|
RPC_URL_138=
|
|
RPC_URL_138_PUBLIC=
|
|
ETHEREUM_MAINNET_RPC=
|
|
CHAIN_1_UNISWAP_V2_FACTORY=0x5C69bEe701ef814a2B6a3EDD4B1652CB9cc5aA6f
|
|
CHAIN_1_UNISWAP_V2_ROUTER=0x7a250d5630B4cF539739dF2C5dAcb4c659F2488D
|
|
CHAIN_1_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_10_UNISWAP_V2_FACTORY=0x0c3c1c532F1e39EdF36BE9Fe0bE1410313E074Bf
|
|
CHAIN_10_UNISWAP_V2_ROUTER=0x4A7b5Da61326A6379179b40d00F57E5bbDC962c2
|
|
CHAIN_10_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_25_UNISWAP_V2_FACTORY=0x3B44B2a187a7b3824131F8db5a74194D0a42Fc15
|
|
CHAIN_25_UNISWAP_V2_ROUTER=0x145863Eb42Cf62847A6Ca784e6416C1682b1b2Ae
|
|
CHAIN_25_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_56_UNISWAP_V2_FACTORY=0xcA143Ce32Fe78f1f7019d7d551a6402fC5350c73
|
|
CHAIN_56_UNISWAP_V2_ROUTER=0x10ED43C718714eb63d5aA57B78B54704E256024E
|
|
CHAIN_56_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_100_UNISWAP_V2_FACTORY=0xc35DADB65012eC5796536bD9864eD8773aBc74C4
|
|
CHAIN_100_UNISWAP_V2_ROUTER=0x1b02dA8Cb0d097eB8D57A175b88c7D8b47997506
|
|
CHAIN_100_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_137_UNISWAP_V2_FACTORY=0x5757371414417b8C6CAad45bAeF941aBc7d3Ab32
|
|
CHAIN_137_UNISWAP_V2_ROUTER=0xa5E0829CaCEd8fFDD4De3c43696c57F7D7A678ff
|
|
CHAIN_137_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_42220_UNISWAP_V2_FACTORY=0x62d5b84bE28a183aBB507E125B384122D2C25fAE
|
|
CHAIN_42220_UNISWAP_V2_ROUTER=0xE3D8bd6Aed4F159bc8000a9cD47CffDb95F96121
|
|
CHAIN_42220_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_43114_UNISWAP_V2_FACTORY=0x9Ad6C38BE94206cA50bb0d90783181662f0Cfa10
|
|
CHAIN_43114_UNISWAP_V2_ROUTER=0x60aE616a2155Ee3d9A68541Ba4544862310933d4
|
|
CHAIN_43114_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_8453_UNISWAP_V2_FACTORY=0x02a84c1b3BBD7401a5f7fa98a384EBC70bB5749E
|
|
CHAIN_8453_UNISWAP_V2_ROUTER=0x8cFe327CEc66d1C090Dd72bd0FF11d690C33a2Eb
|
|
CHAIN_8453_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_42161_UNISWAP_V2_FACTORY=0x02a84c1b3BBD7401a5f7fa98a384EBC70bB5749E
|
|
CHAIN_42161_UNISWAP_V2_ROUTER=0x8cFe327CEc66d1C090Dd72bd0FF11d690C33a2Eb
|
|
CHAIN_42161_UNISWAP_V2_START_BLOCK=0
|
|
CHAIN_651940_RPC_URL=
|
|
ETHERLINK_RPC_URL=
|
|
TEZOS_RPC_URL=
|
|
ETHERSCAN_API_KEY=
|
|
WEMIXSCAN_API_KEY=
|
|
ETHERLINK_CCIP_SELECTOR=
|
|
TEZOS_BRIDGE_ENABLED=
|
|
ETHERLINK_BRIDGE_ENABLED=
|
|
TEZOS_RELAY_ORACLE_KEY=
|
|
ETHERLINK_RELAY_BRIDGE=
|
|
ETHERLINK_RELAY_PRIVATE_KEY=
|
|
JUMPER_API_KEY=
|
|
ONEINCH_API_KEY=
|
|
MOONPAY_API_KEY=
|
|
MOONPAY_SECRET_KEY=
|
|
RAMP_NETWORK_API_KEY=
|
|
ONRAMPER_API_KEY=
|
|
|
|
# --- Alerts & monitoring ---
|
|
SLACK_WEBHOOK_URL=
|
|
PAGERDUTY_INTEGRATION_KEY=
|
|
EMAIL_ALERT_API_URL=
|
|
EMAIL_ALERT_RECIPIENTS=
|
|
SENTRY_DSN=
|
|
|
|
# --- Legal / e-signature ---
|
|
E_SIGNATURE_BASE_URL=
|
|
|
|
# --- OTC / exchanges (dbis_core) ---
|
|
CRYPTO_COM_API_KEY=
|
|
CRYPTO_COM_API_SECRET=
|
|
CRYPTO_COM_ENVIRONMENT=
|
|
BINANCE_API_KEY=
|
|
BINANCE_API_SECRET=
|
|
KRAKEN_API_KEY=
|
|
KRAKEN_PRIVATE_KEY=
|
|
OANDA_API_KEY=
|
|
OANDA_ACCOUNT_ID=
|
|
OANDA_ENVIRONMENT=
|
|
FXCM_API_TOKEN=
|
|
|
|
# --- Price / market data ---
|
|
COINGECKO_API_KEY=
|
|
COINDESK_API_KEY=
|
|
COINMARKETCAP_API_KEY=
|
|
DEXSCREENER_API_KEY=
|
|
|
|
# --- Mifos / Fineract / OMNL ---
|
|
MIFOS_BASE_URL=
|
|
MIFOS_TENANT=
|
|
MIFOS_USER=
|
|
MIFOS_PASSWORD=
|
|
MIFOS_INSECURE=
|
|
OMNL_FINERACT_BASE_URL=
|
|
OMNL_FINERACT_TENANT=
|
|
OMNL_FINERACT_USER=
|
|
OMNL_FINERACT_PASSWORD=
|
|
|
|
# --- Phoenix / Sankofa / OMNIS backend ---
|
|
SANKOFA_PHOENIX_API_URL=
|
|
SANKOFA_PHOENIX_CLIENT_ID=
|
|
SANKOFA_PHOENIX_CLIENT_SECRET=
|
|
SANKOFA_PHOENIX_TENANT_ID=
|
|
|
|
# --- Frontend / MetaMask / Explorer ---
|
|
VITE_WALLETCONNECT_PROJECT_ID=
|
|
VITE_THIRDWEB_CLIENT_ID=
|
|
VITE_ETHERSCAN_API_KEY=
|
|
VITE_SENTRY_DSN=
|
|
VITE_API_URL=
|
|
VITE_API_BASE_URL=
|
|
NEXT_PUBLIC_API_URL=
|
|
NEXT_PUBLIC_CHAIN_ID=
|
|
METAMASK_API_KEY=
|
|
THIRDWEB_SECRET_KEY=
|
|
NPM_ACCESS_TOKEN=
|
|
|
|
# --- DeFi aggregators (alltra-lifi-settlement) ---
|
|
PARASWAP_API_KEY=
|
|
ZEROX_API_KEY=
|
|
|
|
# --- ProxmoxVE API (MongoDB) ---
|
|
MONGO_USER=
|
|
MONGO_PASSWORD=
|
|
MONGO_IP=
|
|
MONGO_PORT=
|
|
MONGO_DATABASE=
|
|
|
|
# --- Chain138 RPC (config) ---
|
|
CHAIN138_RPC_URL=
|
|
RPC_URL_138_FIREBLOCKS=
|
|
WS_URL_138_FIREBLOCKS=
|
|
CHAIN_ID_138=
|
|
|
|
# --- Phoenix deploy API ---
|
|
PORT=
|
|
GITEA_TOKEN=
|
|
|
|
# --- Optional / per-service ---
|
|
MARKET_REPORTING_API_KEY=
|
|
E_FILING_ENABLED=
|
|
NODE_ENV=
|