diff options
Diffstat (limited to 'man/taler.conf.5')
| -rw-r--r-- | man/taler.conf.5 | 82 |
1 files changed, 75 insertions, 7 deletions
diff --git a/man/taler.conf.5 b/man/taler.conf.5 index 9c393d4c..4467ef44 100644 --- a/man/taler.conf.5 +++ b/man/taler.conf.5 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "TALER.CONF" "5" "Nov 03, 2022" "0.9" "GNU Taler" +.TH "TALER.CONF" "5" "Apr 16, 2023" "0.9" "GNU Taler" .SH NAME taler.conf \- Taler configuration file . @@ -85,6 +85,14 @@ virtually all Taler components. .TP .B CURRENCY Name of the currency, e.g.\ “EUR” for Euro. +.TP +.B CURRENCY_ROUND_UNIT +Smallest amount in this currency that can be transferred using the +underlying RTGS. For example: "EUR:0.01" or "JPY:1". +.TP +.B AML_THRESHOLD +Largest amount in this currency that can be transferred per month without +an AML staff member doing a (manual) AML check. For example: "USD:1000000". .UNINDENT .sp The “[PATHS]” section is special in that it contains paths that can be @@ -232,22 +240,22 @@ The following options must be in the section "[kyc\-provider\-XXX]" sections wit Duration (e.g. "12 months") of the validity of the performed KYC check. Can be "forever". .TP .B KYC_OAUTH2_AUTH_URL -URL of the OAuth2 endpoint to be used for KYC checks. Requires KYC_ENABLED to be "OAUTH2". Example: "\fI\%http://localhost:8888/oauth/v2/login\fP" (or "/token") +URL of the OAuth2 endpoint to be used for KYC checks. This is where the server will ultimately send the authorization token from the client and obtain its access token (which currently must be a "bearer" token). Example: "\fI\%http://localhost:8888/oauth/v2/auth\fP" (or "/token") .TP .B KYC_OAUTH2_LOGIN_URL -URL of the OAuth2 endpoint to be used for KYC checks. Requires KYC_ENABLED to be "OAUTH2". Example: "\fI\%http://localhost:8888/oauth/v2/login\fP" +URL of the OAuth2 endpoint to be used for KYC checks. The login URL will be encoded as part of the \(aqredirect_uri\(aq argument of the request to the KYC_AUTH2_AUTH_URL. Typically, the user will then be redirected to this URL to log in. Example: "\fI\%http://localhost:8888/oauth/v2/login\fP" .TP .B KYC_OAUTH2_INFO_URL -URL of the endpoint where the OAuth 2.0 token can be used to download the user\(aqs details. Requires KYC_ENABLED to be "OAUTH2". Example: "\fI\%http://localhost:8888/api/user/me\fP" +URL of the endpoint where the OAuth 2.0 token can be used to download the user\(aqs details. The server will use the access token obtained from the KYC_AUTH2_AUTH_URL to show that it is authorized to obtain the details. Example: "\fI\%http://localhost:8888/api/user/me\fP" or "\fI\%http://localhost:8888/oauth/v2/info\fP" .TP .B KYC_OAUTH2_CLIENT_ID -Client ID of the exchange when it talks to the KYC OAuth2 endpoint. Requires KYC_ENABLED to be "OAUTH2". +Client ID of the exchange when it talks to the KYC OAuth2 endpoint. .TP .B KYC_OAUTH2_CLIENT_SECRET -Client secret of the exchange to use when talking to the KYC Oauth2 endpoint. Requires KYC_ENABLED to be "OAUTH2". +Client secret of the exchange to use when talking to the KYC Oauth2 endpoint. .TP .B KYC_OAUTH2_POST_URL -URL to which the exchange will redirect the client\(aqs browser after successful authorization/login for the KYC process. +URL to which the exchange will redirect the client\(aqs browser after successful authorization/login for the KYC process. Example: "\fI\%http://example.com/thank\-you\fP" .UNINDENT .SS EXCHANGE KYC KYCAID OPTIONS .sp @@ -266,6 +274,37 @@ ID that specifies the form to use for the KYC process. .B KYC_KYCAID_POST_URL URL to which the exchange will redirect the client\(aqs browser after successful authorization/login for the KYC process. .UNINDENT +.SS EXCHANGE KYC PERSONA OPTIONS +.sp +The following options must be in the section "[kyc\-provider\-XXX]" sections with "LOGIC = persona". +.INDENT 0.0 +.TP +.B KYC_PERSONA_VALIDITY +Duration (e.g. "12 months") of the validity of the performed KYC check. Can be "forever". +.TP +.B KYC_PERSONA_AUTH_TOKEN +Authentication token to access the KYC service. +.TP +.B KYC_PERSONA_SALT +Salt value to use for request idempotency. Optional, generated at random per process if not given. +.TP +.B KYC_PERSONA_SUBDOMAIN +Subdomain to use under Persona. +.TP +.B KYC_PERSONA_POST_URL +URL to which the exchange will redirect the client\(aqs browser after successful authorization/login for the KYC process. +.TP +.B KYC_PERSONA_TEMPLATE_ID +ID of the Persona template to use. +.UNINDENT +.SS EXCHANGE KYC PERSONA GLOBAL OPTIONS +.sp +The following option must be in the section "[kyclogic\-persona]". +.INDENT 0.0 +.TP +.B WEBHOOK_AUTH_TOKEN +Authentication token Persona must supply to our webhook. This is an optional setting. +.UNINDENT .SS EXCHANGE OFFLINE SIGNING OPTIONS .sp The following options must be in the section "[exchange\-offline]". @@ -387,6 +426,10 @@ After what time do we forget about (drained) reserves during garbage collection? .B AGGREGATOR_SHIFT Delay between a deposit being eligible for aggregation and the aggregator actually triggering. +.TP +.B DEFAULT_PURSE_LIMIT +Number of concurrent purses that a reserve may have active +if it is paid to be opened for a year. .UNINDENT .SS EXCHANGE POSTGRES BACKEND DATABASE OPTIONS .sp @@ -572,6 +615,31 @@ Name of the currency for which this auditor is trusted, e.g.\ “KUDOS” The entire section is ignored if the currency does not match the currency we use, which must be given in the \fB[taler]\fP section. .UNINDENT +.SS MERCHANT WIREWATCH OPTIONS +.sp +The name of the configuration section used by taler\-merchant\-wirewatch +can be changed via the command\-line. By default, it is simply +"[taler\-merchant\-wirewatch]". The options are: +.INDENT 0.0 +.TP +.B INSTANCE +Which instance of the backend should transactions be imported for by this wirewatcher. +.TP +.B WIRE_GATEWAY_URL +Under which URL is the wire gateway (libeufin facade) reachable that makes bank transfer data availalbe to us. +.TP +.B WIRE_GATEWAY_AUTH_METHOD +Which authentication method should be used (currently only "NONE" or "BASIC" are supported). +.TP +.B USERNAME +Username to give to the wire gateway when using "BASIC" authentication. +.TP +.B PASSWORD +Password to give to the wire gateway when using "BASIC" authentication. +.UNINDENT +.sp +Note that the libeufin facade type to configure for a taler\-merchant\-wirewatch +operation is the "Anastasis" facade. .SS AUDITOR OPTIONS .sp The following options must be in section “[auditor]” for the Taler |