Configuration

When using the docker.env approach we introduced in the Deployment guide, most of these settings may be defined in your docker.env file that is used by your Docker instance. Most of them are populated by defaults, but you may want to set your own values in some cases.

On changing a configuration item, please restart your Virtual Signer instances to make the changes take effect. When using docker-compose, you could run docker-compose restart to restart all services.

Contact your io.finnet representative for more information if you would like to understand more about these options.

Configuration	Description
Port `EDG_VS_Port` Integer	The TCP port opened by the Virtual Signer, part of the URL exposed for device registration.
PrometheusPort `EDG_VS_PrometheusPort` String	The port that the Prometheus `/metrics` HTTP endpoint will be served on. See Deployment for more details on how monitoring a Virtual Signer works.
BindingNetworkName `EDG_VS_BindingNetworkName` String	The network name or IP address bound within the local host for accepting POST requests for device registration.
LogLevel `EDG_VS_LogLevel` String	The log level of the Virtual Signer. Valid values are `"info"` or `"debug"`.
APIBaseURL `EDG_VS_APIBaseURL` String	The URL of the io.vault or io.network API. This URL has a placeholder `"%s"`, which the Virtual Signer replaces with a method name (e.g., `"accessToken"`).
MQTTEndpoint `EDG_VS_MQTTEndpoint` String	The URL of the MQTT service for protocol messages exchanged among devices.
MQTTCACert `EDG_VS_MQTTCACert` String	A MQTT certificate in string format. New lines must be represented as `"\n"`.
OrgId `EDG_VS_OrgId` String	Optional. The organization ID used when registering a device on launch. Required if `InitialDevices` is defined.
InitialDevices `EDG_VS_INITIAL_DEVICES` String	Optional. Comma-separated device names to be registered on launch. Requires `OrgId`.
AuthClientId `EDG_VS_AuthClientId` String	The client ID used for authentication along with `AuthClientSecret`.
AuthClientSecret `EDG_VS_AuthClientSecret` String	The client secret used for authentication with `AuthClientId`.
GraphQLService `EDG_VS_GraphQLService` String	The URL of the GraphQL service.
ExternalReshareApprovalURL `EDG_VS_ExternalReshareApprovalURL` String	The URL of a user API that approves or rejects reshare requests. Required if `ApprovalMode="API"`.
ExternalTransactionApprovalURL `EDG_VS_ExternalTransactionApprovalURL` String	The URL of a user API that approves or rejects transactions. Required if `ApprovalMode="API"`.
ApprovalHTTPPublicKeyHex `EDG_VS_ApprovalHTTPPublicKeyHex` String	The EdDSA P256 public key (hex-encoded) used to verify HTTP responses from the user API when `ApprovalMode="API"`.
PrivateKeyPath `EDG_VS_PrivateKeyPath` String	The secure directory where private keys of newly created devices are saved.
PrivateKeyFileMask `EDG_VS_PrivateKeyFileMask` String	A file mask defining the filenames of private keys. Default: `"%s_%s.key"`.
PrivateSharePath `EDG_VS_PrivateSharePath` String	The secure directory where private shares of newly created devices are saved.
PrivateShareEdDSAFileMask `EDG_VS_PrivateShareEdDSAFileMask` String	A file mask defining filenames for EdDSA private shares. Default: `"%s.%s.share"`.
SignerInputHashPath `EDG_VS_SignerInputHashPath` String	The secure directory where transaction input hashes are saved.
RunningWithinSGX `EDG_VS_RunningWithinSGX` Boolean	`true`/`false`. If `true`, the Virtual Signer adds extra encryption for saved files.
ApprovalMode `EDG_VS_ApprovalMode` String	Determines approval mechanism. Valid values: `"API"`, `"SmartContract"`, or `"AlwaysApprove"`.
ApprovalNodeRPCAddress `EDG_VS_ApprovalNodeRPCAddress` String	Required for `"SmartContract"` mode. RPC address of an Ethereum or io.network node.
ApprovalSmartContractAddress `EDG_VS_ApprovalSmartContractAddress` String	Required for `"SmartContract"` mode. Smart contract address in hex (`"0x..."`) that approves/rejects requests.
Environment `EDG_VS_ENV` String	Refers to an io.vault environment and defines the config file to use. Possible values: `"dev"`, `"pre"`, `"staging"`.