Configuration model
Brokerr has two configuration layers with different responsibilities.
Bootstrap configuration
Section titled “Bootstrap configuration”config.yml is read before SQLite can be opened. It contains only the bootstrap
version, SQLite path, data directory, and master key source. It does not contain
sources, targets, profiles, mappings, schedules, or notifications.
The path defaults to /data/config.yml and can be changed with APP_CONFIG_PATH.
Exactly one of security.master_key and security.master_key_file is required.
Runtime configuration
Section titled “Runtime configuration”Settings saved through the UI are stored in app.db. Provider credentials and
OAuth tokens are encrypted with the deployment master key; passwords are hashed.
The API returns configured-state markers instead of secret values. Leaving a secret input empty during edit preserves the stored credential.
Revisions and validation
Section titled “Revisions and validation”If another browser tab saves first, Brokerr asks you to reload instead of overwriting the newer configuration. Validation errors block saving; warnings do not.
Sanitized export/import transfers non-secret configuration. It is not a backup of provider credentials, OAuth tokens, users, API keys, or run history.