Skip to main content


List of available ENV variables


To view list of up-to-date available variables, run oxygen env.


oxygen also supports yaml configuration, but it's not recommended for production usage. Use --config=config.yml to run with config file or --skip-config to load variables only from ENV.

WEB_ADDRESSstringListen address (default "")
WEB_PORTstringListen port (default "80")
DB_DATA_SOURCEstringPostgres connection string. Example: 'host=localhost sslmode=disable dbname=oxygen user=oxygen password=qwerty pool_max_conns=32'
APP_ENVstringEnvironment [production; local; sandbox] (default "production")
APP_DEBUGboolEnables debug mode (default "false")
CORS_ALLOW_CREDENTIALSboolCORS (Cross Origin Resource Sharing) allow credentials (default "true")
CORS_ALLOW_ORIGINSsliceComma separated list (without spaces) of origins (with schema). Example:
CSRF_COOKIE_DOMAINstringCSRF (Cross Site Request Forgery) cookie domain
CSRF_COOKIE_HTTP_ONLYboolCSRF HTTP only cookie (default "true")
CSRF_COOKIE_MAX_AGEintCSRF cookie max-age (default "7200")
CSRF_COOKIE_PATHstringCSRF cookie path (default "/")
CSRF_COOKIE_SAME_SITEstringCSRF cookie same site (default "default")
CSRF_COOKIE_SECUREboolCSRF secure cookie
DB_MIGRATE_ON_STARTboolApply database migrations on start (default "true")
EMAIL_AUTH_ENABLEDboolEnables email auth (default "true")
EMAIL_AUTH_USER_EMAILstringEmail of a user that will be created on first startup
EMAIL_AUTH_USER_PASSWORDstringPassword of a user that will be created on first startup
KMS_CLIENT_HOSTstringKMS server host. Example: localhost:14000 (default "localhost:14000")
KMS_DB_DATA_SOURCEstringKMS vault data source. Example: '/opt/oxygen/kms.db'
LOGGER_LEVELstringEnabled verbose logging (default "debug")
LOGGER_PRETTYboolEnables human-readable logging. Otherwise uses JSON output (default "false")
PROCESSING_PAYMENT_FRONTEND_BASE_PATHstringBase path for payment UI. Example:
PROCESSING_PAYMENT_FRONTEND_SUB_PATHstringSub path for payment UI (default "/p")
PROCESSING_WEBHOOK_BASE_PATHstringBase path for webhooks (sub)domain. Example:
SESSION_COOKIE_DOMAINstringCookie domain
SESSION_COOKIE_HTTP_ONLYboolAllow HTTP cookies only (default "true")
SESSION_COOKIE_MAX_AGEintCookie max-age (default "86400")
SESSION_COOKIE_PATHstringCookie path (default "/")
SESSION_COOKIE_SAME_SITEstringCookie same site (default "default")
SESSION_COOKIE_SECUREboolAllow secure cookies only
SESSION_FS_PATHstringPath to sessions directory
SESSION_SECRETstringSessions secret; use a random string with 8+ characters
TATUM_API_KEYstringTatum API Key
TATUM_HMAC_SECRETstringTatum HMAC Secret. Use any random string with 8+ chars
TATUM_TEST_API_KEYstringTatum Test API Key
TRONGRID_API_KEYstringTrongrid API Key
TRONGRID_MAINNET_URLstringTrongrid API base path (default "")
TRONGRID_TESTNET_URLstringTrongrid testnet (shasta) API base path (default "")
WEB_ENABLE_INTERNAL_APIboolEnables internal API /internal/v1/*. DO NOT EXPOSE TO PUBLIC (default "false")