Skip to content

Configuration model

Brokerr has two configuration layers with different responsibilities.

config.yml is read before SQLite can be opened. It contains only the bootstrap version, SQLite path, data directory, and master key source. It does not contain sources, targets, profiles, mappings, schedules, or notifications.

The path defaults to /data/config.yml and can be changed with APP_CONFIG_PATH. Exactly one of security.master_key and security.master_key_file is required.

Settings saved through the UI are stored in app.db. Provider credentials and OAuth tokens are encrypted with the deployment master key; passwords are hashed.

The API returns configured-state markers instead of secret values. Leaving a secret input empty during edit preserves the stored credential.

If another browser tab saves first, Brokerr asks you to reload instead of overwriting the newer configuration. Validation errors block saving; warnings do not.

Sanitized export/import transfers non-secret configuration. It is not a backup of provider credentials, OAuth tokens, users, API keys, or run history.