Secrets Reference
Every secret the QGTMAI trading platform currently uses in the documented
production path, where to obtain it, and where it is applied.
Core Trading and Auth
| Secret |
Source |
Used By |
Rotation |
ALPACA_API_KEY |
Alpaca Dashboard -> Paper Trading |
qgtm_data, qgtm_execution, qgtm_live, deploy workflow |
90 days or on compromise |
ALPACA_SECRET_KEY |
same as above |
same as above |
same as above |
QGTM_API_KEY |
operator-generated (openssl rand -hex 32) |
owner API auth, watchdog, CI/server-to-server calls |
on operator rotation or compromise |
QGTM_JWT_SECRET |
operator-generated (openssl rand -hex 32) |
browser session JWT signing |
on operator rotation or compromise |
FOUNDER_1_HASH |
bcrypt hash of founder password |
POST /api/v1/auth/session |
on password change |
FOUNDER_2_HASH |
bcrypt hash of founder password |
POST /api/v1/auth/session |
on password change |
Data Providers
| Secret |
Source |
Used By |
Rotation |
FRED_API_KEY |
FRED API |
qgtm_data, forecasts, macro enrichment |
annual |
EIA_API_KEY |
EIA Registration |
qgtm_data |
annual |
USDA_API_KEY |
USDA QuickStats |
qgtm_data |
annual |
NOAA_API_TOKEN |
NOAA CDO |
qgtm_altdata |
annual |
DATABENTO_API_KEY |
Databento |
qgtm_data backup / validation paths |
90 days |
POLYGON_API_KEY |
Polygon.io |
qgtm_data backup / validation paths |
annual |
QUANDL_API_KEY |
Nasdaq Data Link |
qgtm_data COT support |
annual |
Runtime State and Storage
| Secret |
Source |
Used By |
Rotation |
DATABASE_URL |
local PostgreSQL on droplet or managed Postgres if reconfigured |
qgtm_api, other persistence paths |
on credential rotation |
REDIS_URL |
local Redis on droplet or managed Redis if reconfigured |
qgtm_live, qgtm_api, websocket/state paths |
on credential rotation |
ARCTICDB_URI |
local LMDB or object-store-backed ArcticDB |
qgtm_features, qgtm_backtest |
on storage migration |
DO_SPACES_BUCKET |
DigitalOcean Spaces |
off-site audit log backup |
on bucket change |
DO_SPACES_KEY |
DigitalOcean Spaces access key |
off-site audit log backup |
90 days |
DO_SPACES_SECRET |
DigitalOcean Spaces secret |
off-site audit log backup |
90 days |
DO_SPACES_REGION |
DigitalOcean region slug |
off-site audit log backup |
on region change |
Delivery and Alerts
| Secret |
Source |
Used By |
Rotation |
CLOUDFLARE_API_KEY |
Cloudflare Global API Key |
deploy.yml, deploy-docs.yml |
90 days |
CLOUDFLARE_EMAIL |
Cloudflare account email |
deploy.yml, deploy-docs.yml |
on account change |
CLOUDFLARE_ACCOUNT_ID |
Cloudflare dashboard |
deploy.yml, deploy-docs.yml |
static unless account changes |
DO_SSH_KEY |
private SSH key for root@142.93.1.195 |
API deploy workflow and operator workflows |
on server/key rotation |
TELEGRAM_BOT_TOKEN |
@BotFather |
deploy alerts, daemon alerts, watchdog |
on compromise |
TELEGRAM_CHAT_ID |
Telegram chat/user ID |
deploy alerts, daemon alerts, watchdog |
static unless destination changes |
Secret Management
- Local development:
.env file, never committed
- CI/CD: GitHub Actions secrets
- Production runtime: droplet
.env, updated by deploy workflow from GitHub secrets
- Current documented production path does not depend on Doppler, Fly.io, Upstash, or Neon as canonical infrastructure
Live Trading Gate
QGTM_LIVE_TRADING_ENABLED is an environment flag, not a secret, but it is the
final safety gate and belongs in the same operator checklist.
Promoting to live requires:
- CI green on the production-sensitive commit
- paper trading reconciliation and risk checks passing
- explicit server-side
QGTM_LIVE_TRADING_ENABLED=true
- human approval and documented operator sign-off
- post-deploy verification of health, readiness, and daemon telemetry