Secrets Config (TOML)

This document describes the TOML format for secrets.

Each secret has an alternative corresponding environment variable.

See also:

Example

[Database]
URL = 'postgresql://user:pass@localhost:5432/dbname?sslmode=disable' # Required

[Password]
Keystore = 'keystore_pass' # Required

Database

[Database]
URL = "postgresql://user:pass@localhost:5432/dbname?sslmode=disable" # Example
BackupURL = "postgresql://user:pass@read-replica.example.com:5432/dbname?sslmode=disable" # Example
AllowSimplePasswords = false # Default

URL

URL = "postgresql://user:pass@localhost:5432/dbname?sslmode=disable" # Example

URL is the PostgreSQL URI to connect to your database. bondoracle nodes require Postgres versions >= 11. See for an example.

Environment variable: CL_DATABASE_URL

BackupURL

BackupURL = "postgresql://user:pass@read-replica.example.com:5432/dbname?sslmode=disable" # Example

BackupURL is where the automatic database backup will pull from, rather than the main CL_DATABASE_URL. It is recommended to set this value to a read replica if you have one to avoid excessive load on the main database.

Environment variable: CL_DATABASE_BACKUP_URL

AllowSimplePasswords

AllowSimplePasswords = false # Default

AllowSimplePasswords skips the password complexity check normally enforced on URL & BackupURL.

Environment variable: CL_DATABASE_ALLOW_SIMPLE_PASSWORDS

Explorer

[Explorer]
AccessKey = "access_key" # Example
Secret = "secret" # Example

AccessKey

AccessKey = "access_key" # Example

AccessKey is the access key for authenticating with the Explorer.

Environment variable: CL_EXPLORER_ACCESS_KEY

Secret

Secret = "secret" # Example

Secret is the secret for authenticating with the Explorer.

Environment variable: CL_EXPLORER_SECRET

Password

[Password]
Keystore = "keystore_pass" # Example
VRF = "VRF_pass" # Example

Keystore

Keystore = "keystore_pass" # Example

Keystore is the password for the node's account.

Environment variable: CL_PASSWORD_KEYSTORE

VRF

VRF = "VRF_pass" # Example

VRF is the password for the vrf keys.

Environment variable: CL_PASSWORD_VRF

Pyroscope

[Pyroscope]
AuthToken = "pyroscope-token" # Example

AuthToken

AuthToken = "pyroscope-token" # Example

AuthToken is the API key for the Pyroscope server.

Environment variable: CL_PYROSCOPE_AUTH_TOKEN

Prometheus

[Prometheus]
AuthToken = "prometheus-token" # Example

AuthToken

AuthToken = "prometheus-token" # Example

AuthToken is the authorization key for the Prometheus metrics endpoint.

Environment variable: CL_PROMETHEUS_AUTH_TOKEN

[Mercury.Credentials.Name]
Username = "A-Mercury-Username" # Example
Password = "A-Mercury-Password" # Example
URL = "https://example.com" # Example

Username

Username = "A-Mercury-Username" # Example

Username is used for basic auth of the Mercury endpoint

Password

Password = "A-Mercury-Password" # Example

Password is used for basic auth of the Mercury endpoint

URL

URL = "https://example.com" # Example

URL is the Mercury endpoint URL which is used by OCR2 Automation to access Mercury price feed

Threshold

[Threshold]
ThresholdKeyShare = "A-Threshold-Decryption-Key-Share" # Example

ThresholdKeyShare

ThresholdKeyShare = "A-Threshold-Decryption-Key-Share" # Example

ThresholdKeyShare used by the threshold decryption OCR plugin