# GoblinPay environment. Copy to /etc/goblinpay.env (bare metal) or deploy/.env # (docker compose), then edit. NON-SECRET config only: the Grin seed and the # wallet password live as mode-0400 files (systemd LoadCredential / the compose # ./secrets mount), never in this file. # --- domain / URLs --- # docker-compose serves GoblinPay on GP_DOMAIN and the bundled relay on # relay.; point BOTH DNS records at this host before `compose up`. GP_DOMAIN=pay.example GP_PUBLIC_URL=https://pay.example # --- relay (bundled is the default: GoblinPay runs its own relay) --- GP_RELAY_MODE=bundled # The bundled relay's PUBLIC url: it is BOTH dialed by the server AND advertised # to payers in the checkout nprofile, so it must be reachable from the internet. GP_BUNDLED_RELAY_URL=wss://relay.pay.example # For GP_RELAY_MODE=external instead, drop the bundled relay and set: #GP_RELAY_MODE=external #GP_RELAYS=wss://relay.damus.io,wss://nos.lol # --- Grin node (read-only: confirmations + balance) --- GP_NODE_URL=https://main.gri.mw # --- mixnet --- # on (default) routes THIS server's relay traffic over the Nym mixnet. off is a # supported production posture (server-side clearnet): the payer's Goblin Wallet # still provides sender privacy and the payload stays gift-wrapped end to end. GP_NYM=on # --- API / admin tokens (bearer capabilities; use strong random values) --- GP_API_TOKEN=change-me-api-token GP_ADMIN_TOKEN=change-me-admin-token # --- webhook to your store (optional; the URL requires the secret) --- #GP_WEBHOOK_URL=https://your-store/hook #GP_WEBHOOK_SECRET=change-me-webhook-secret # --- default payment-matching mode: memo | derived | amount --- GP_MATCH_MODE=derived