diff options
Diffstat (limited to 'manpages')
| -rw-r--r-- | manpages/challenger-admin.1.rst | 9 | ||||
| -rw-r--r-- | manpages/libeufin-bank.1.rst | 170 | ||||
| -rw-r--r-- | manpages/libeufin-bank.conf.5.rst | 122 | ||||
| -rw-r--r-- | manpages/libeufin-nexus.1.rst | 170 | ||||
| -rw-r--r-- | manpages/libeufin-nexus.conf.5.rst | 187 | ||||
| -rw-r--r-- | manpages/libeufin-sandbox.1.rst | 8 | ||||
| -rw-r--r-- | manpages/taler-config.1.rst | 1 | ||||
| -rw-r--r-- | manpages/taler-exchange-offline.1.rst | 4 | ||||
| -rw-r--r-- | manpages/taler-mdb.1.rst | 73 | ||||
| -rw-r--r-- | manpages/taler-merchant-depositcheck.1.rst | 78 | ||||
| -rw-r--r-- | manpages/taler-merchant-exchange.1.rst | 73 | ||||
| -rw-r--r-- | manpages/taler-merchant-setup-reserve.1.rst | 119 | ||||
| -rw-r--r-- | manpages/taler-merchant-webhook.1.rst | 6 | ||||
| -rw-r--r-- | manpages/taler-merchant-wirewatch.1.rst | 10 | ||||
| -rw-r--r-- | manpages/taler-terms-generator.1.rst | 3 | ||||
| -rw-r--r-- | manpages/taler-unified-setup.1.rst | 6 | ||||
| -rw-r--r-- | manpages/taler-wallet-cli.1.rst | 2 | ||||
| -rw-r--r-- | manpages/taler.conf.5.rst | 81 |
18 files changed, 890 insertions, 232 deletions
diff --git a/manpages/challenger-admin.1.rst b/manpages/challenger-admin.1.rst index af4508ea..bdb7687c 100644 --- a/manpages/challenger-admin.1.rst +++ b/manpages/challenger-admin.1.rst @@ -19,7 +19,9 @@ Synopsis [**-h** | **--help**] [**-L** *LOGLEVEL* | **--log=**\ \ *LOGLEVEL*] [**-l** *FILENAME* | **--logfile=**\ \ *FILENAME*] -[**-v** | **--version**] CLIENT_URL +[**-q** | **--quiet**] +[**-v** | **--version**] +CLIENT_URL Description @@ -48,7 +50,10 @@ Its options are as follows: **-l** *FILENAME* \| **--logfile=**\ \ *FILENAME* Configure logging to write logs to *FILENAME*. -**-v** \| **–version** +**-q** \| **–-quiet** + Be less verbose in the output. Useful in shell scripts. + +**-v** \| **–-version** Print version information. diff --git a/manpages/libeufin-bank.1.rst b/manpages/libeufin-bank.1.rst new file mode 100644 index 00000000..5b8c3721 --- /dev/null +++ b/manpages/libeufin-bank.1.rst @@ -0,0 +1,170 @@ +libeufin-bank(1) +################# + +.. only:: html + + Name + ==== + + **libeufin-bank** - LibEuFin Bank + + +Synopsis +======== + +**libeufin-bank** +[**-h** | **--help**] +[**--version**] +COMMAND [ARGS...] + +Subcommands: **serve**, **dbinit**, **create-account**, **passwd**, **config** + + +Description +=========== + +**libeufin-bank** is a program that implements a simple core banking system with +account and REST APIs, including REST APIs for a Web interface +and REST APIs to interact with GNU Taler components. + +Its options are as follows: + +**-h** \| **--help** + Print short help on options. + +**–version** + Print version information. + +The interaction model is as follows: + +- Configure the database with commands ``dbinit``. + +- Set admin account password with commands ``passwd``. + +- Start the HTTP server with command ``serve``. + Let this run in a shell, writing logs to stderr. + +The following sections describe each command in detail. + +dbinit +------ + +This command defines the database schema for LibEuFin Bank. It is mandatory to run this command before invoking the ``serve`` command. + +Its options are as follows: + +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. +**-r** \| **--reset** + If present, deletes any database table (WARNING: potential data loss) + + +serve +----- + +This command starts the HTTP server. + +Its options are as follows: + +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. + +create-account +-------------- + +This command create a bank account and prints its payto://-URI to STDOUT. + +Its options are as follows: + +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. +**-u** \| **--username** *USERNAME* + Account unique username. +**-p** \| **--password** *PASSWORD* + Account password used for authentication. +**--name** *NAME* + Legal name of the account owner. +**--public** + Make this account visible to anyone. +**--exchange** + Make this account a taler exchange. +**--email** *EMAIL* + E-Mail address used for TAN transmission. +**--phone** *PHONE_NUMBER* + Phone number used for TAN transmission. +**--cashout_payto_uri** *PAYTO_URI* + Payto URI of a fiant account who receive cashout amount. +**--payto_uri** *PAYTO_URI* + Payto URI of this account. +**--debit_threshold** *AMOUNT* + Max debit allowed for this account. + + +edit-account +-------------- + +This command edit an existing account. + +It takes one argument, the account username. + +Its options are as follows: + +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. +**--name** *NAME* + Legal name of the account owner. +**--public** *true|false* + Make this account visible to anyone. +**--email** *EMAIL* + E-Mail address used for TAN transmission. +**--phone** *PHONE_NUMBER* + Phone number used for TAN transmission. +**--cashout_payto_uri** *PAYTO_URI* + Payto URI of this account. +**--debit_threshold** *AMOUNT* + Max debit allowed for this account. + +passwd +------ + +This command change any account password. + +It takes two arguments, the account username and the account new password. + +Its options are as follows: + +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. + +.. include:: ../frags/libeufin-config-cli.rst + + +SEE ALSO +======== + +libeufin-bank.conf(5) + +Bugs +==== + +Report bugs by using https://bugs.taler.net or by sending electronic mail to <taler@gnu.org>. diff --git a/manpages/libeufin-bank.conf.5.rst b/manpages/libeufin-bank.conf.5.rst new file mode 100644 index 00000000..35103760 --- /dev/null +++ b/manpages/libeufin-bank.conf.5.rst @@ -0,0 +1,122 @@ +libeufin-bank.conf(5) +###################### + +.. only:: html + + Name + ==== + + **libeufin-bank.conf** - LibEuFin Bank configuration file + + +Description +=========== + +.. include:: ../frags/common-conf-syntax.rst + +Files containing default values for many of the options described below +are installed under ``$TALER_PREFIX/share/libeufin-bank/config.d/``. +The configuration file given with **-c** to Taler binaries +overrides these defaults. + +A configuration file may include another, by using the ``@INLINE@`` directive, +for example, in ``main.conf``, you could write ``@INLINE@ sub.conf`` to +include the entirety of ``sub.conf`` at that point in ``main.conf``. + +Be extra careful when using ``taler-config -V VALUE`` to change configuration +values: it will destroy all uses of ``@INLINE@`` and furthermore remove all +comments from the configuration file! + +GLOBAL OPTIONS +-------------- + +The following options are from the “[libeufin-bank]” section. + +CURRENCY + Internal currency of the libeufin-bank, e.g. “EUR” for Euro. + +WIRE_TYPE + Supported payment target type, this can either be ``iban`` or ``x-taler-bank`` + +IBAN_PAYTO_BIC + Bank BIC used in generated iban payto URI. Required if WIRE_TYPE = iban + +X_TALER_BANK_PAYTO_HOSTNAME + Bank hostname used in generated x-taler-bank payto URI. Required if WIRE_TYPE = x-taler-bank + +DEFAULT_DEBT_LIMIT + Default debt limit for newly created accounts. Defaults to CURRENCY:0 if not specified. + +REGISTRATION_BONUS + Value of the registration bonus for new users. Defaults to CURRENCY:0 if not specified. + +ALLOW_REGISTRATION + Whether anyone can create a new account or whether this action is reserved for the admin. Defaults to no if not specified. + +ALLOW_ACCOUNT_DELETION + Whether anyone can delete its account or whether this action is reserved for the admin. Defaults to no if not specified. + +ALLOW_CONVERSION + Whether regional currency conversion is enabled. Defaults to no if not specified. + +FIAT_CURRENCY + External currency used during cashin and cashout. + Only used if ``ALLOW_CONVERSION`` is ``YES``. + +TAN_SMS + Path to TAN challenge transmission script via sms. If not specified, this TAN channel will not be supported. + Only used if ``ALLOW_CONVERSION`` is ``YES``. + +TAN_EMAIL + Path to TAN challenge transmission script via email. If not specified, this TAN channel will not be supported. + Only used if ``ALLOW_CONVERSION`` is ``YES``. + +TAN_SMS_ENV + Environment variables for the sms TAN script. + Only used if ``TAN_SMS`` is set. + +TAN_EMAIL_ENV + Environment variables for the email TAN script. + Only used if ``TAN_EMAIL`` is set. + +SERVE + This can either be ``tcp`` or ``unix``. + +PORT + Port on which the HTTP server listens, e.g. 9967. + Only used if ``SERVE`` is ``tcp``. + +BIND_TO + Which IP address should we bind to? E.g. ``127.0.0.1`` or ``::1``for loopback. Can also be given as a hostname. + Only used if ``SERVE`` is ``tcp``. + +UNIXPATH + Which unix domain path should we bind to? + Only used if ``SERVE`` is ``unix``. + +UNIXPATH_MODE + What should be the file access permissions for ``UNIXPATH``? + Only used if ``SERVE`` is ``unix``. + +DATABASE OPTIONS +---------------- + +Setting the database belongs to the “[libeufin-bankdb-postgres]” section and the +following value. + +CONFIG + PostgreSQL connection string. + +SQL_DIR + Where are the SQL files to setup our tables? + +SEE ALSO +======== + +libeufin-bank(1). + +BUGS +==== + +Report bugs by using https://bugs.taler.net/ or by sending electronic +mail to <taler@gnu.org>. diff --git a/manpages/libeufin-nexus.1.rst b/manpages/libeufin-nexus.1.rst index 792c1de6..a0ed99ff 100644 --- a/manpages/libeufin-nexus.1.rst +++ b/manpages/libeufin-nexus.1.rst @@ -6,7 +6,7 @@ libeufin-nexus(1) Name ==== - **libeufin-nexus** - Service to interface to various bank access APIs + **libeufin-nexus** - EBICS client. Synopsis @@ -17,21 +17,14 @@ Synopsis [**--version**] COMMAND [ARGS...] -Commands: serve, superuser, parse-camt, reset-tables +Subcommands: **dbinit**, **ebics-setup**, **ebics-submit**, **ebics-fetch**, **config** Description =========== **libeufin-nexus** is a program that provides a service to interface to -various bank access APIs, using JSON as the response format. -It maintains state in its own private database. -You interact with it through HTTP -requests either over the network or via a Unix domain socket. -Related program **libeufin-cli** is the preferred front end -for that mode of operation. -There is also a mode where **libeufin-nexus** accepts commands directly, -useful for doing administrative tasks. +various bank access APIs Its options are as follows: @@ -43,108 +36,119 @@ Its options are as follows: The interaction model is as follows: -- Configure the nexus with command ``superuser``. - -- Start the HTTP server with command ``serve``. - Let this run in a shell, writing logs to stderr. - -- Interact with **libeufin-nexus**. - -- When finished, interrupt the ``serve`` process and clean up with command - ``reset-tables``. +In order to operate any EBICS communication with ``libeufin-nexus``, it is necessary to setup EBICS access via the ``ebics-setup`` subcommand. Setting the access means to share the client keys with the bank and downloading the bank keys. After a successful setup, the subcommands ``ebics-submit`` and ``ebics-fetch`` can be run to respectively send payments and download the bank account history. The following sections describe each command in detail. +ebics-setup +----------- -superuser ---------- - -This command adds a superuser, or changes the password. -It takes argument ``USERNAME``. -Option ``--password TEXT`` specifies the password. -If omitted, **libeufin-nexus** will query interactively for it. - -For example: - -.. code-block:: console +This command creates the client keys, if they aren't found already on the disk, and sends them to the bank if they were not sent yet. In case of sending, it ejects the PDF document that contains the keys fingerprints, so that the user can send it to the bank to confirm their keys. The process continues by checking if the bank keys exist already on disk, and proceeds with downloading them in case they are not. It checks then if the bank keys were accepted by the user; if yes, the setup terminates, otherwise it interactively asks the user to mark the keys as accepted. By accepting the bank keys, the setup terminates successfully. - $ libeufin-nexus superuser joe +Its options are as follows: -This creates superuser ``joe`` and interactively queries for the password. +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. +**--force-keys-resubmission** + Resubmits the client keys. If no keys were found, it creates and submits them. +**--auto-accept-keys** + Accepts the bank keys without interactively asking the user. +**--generate-registration-pdf** + Generates the PDF with the client keys fingerprints, if the keys have the submitted state. That's useful in case the PDF went lost after the first submission and the user needs a new PDF. -parse-camt ----------- +dbinit +------ -This command parses a camt file and displays the result to stdout. -It takes argument ``FILENAME``, which names a file in CAMT format. -Parsing may also display log information to stderr. -The normal log level is ``DEBUG``. -To change it, use ``--log-level LEVEL``, where ``LEVEL`` is one of: -``ERROR``, ``WARN``, ``INFO``, ``DEBUG``, ``TRACE``. +This subcommand defines the database schema for Nexus. It is mandatory to run this command before invoking the ``ebics-submit`` or ``ebics-fetch`` subcommands. -For example: +Its options are as follows: -.. code-block:: console +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. +**-r** \| **--reset** + If present, deletes any database table (WARNING: potential data loss) - $ libeufin-nexus parse-camt camt53-gls-style-0.xml - { - "transactions" : [ { - "amount" : "EUR:2.35", - "creditDebitIndicator" : "DBIT", - ... - } ] - } +ebics-submit +------------ -serve ------ +This subcommand submits any initiated payment that was not already sent to the bank. In the current version, initiated payments may come from a cash-out operation or from a bounced incoming payment. ebics-submit is Taler friendly, therefore bounced payments are those that do not contain a valid subject to start a Taler withdrawal. Cash-out operations come from a tightly integrated bank that offers their customers to convert their currency to the currency whose the EBICS subscriber bank account is tied to. -This command starts the HTTP server, listening on port 5001. -To use a different port, use option ``--port INT``. -To listen, instead, on a Unix domain socket, -use option ``--with-unix-socket PATH``. -When both ``--port`` and ``--with-unix-socket`` are given, -``--with-unix-socket`` takes precedence. +Its options are as follows: -The process runs in the foreground, writing its logs to standard error. -The normal log level is ``DEBUG``. -To change it, use ``--log-level LEVEL``, where ``LEVEL`` is one of: -``ERROR``, ``WARN``, ``INFO``, ``DEBUG``, ``TRACE``. +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. + Uploaded documents will be stored *before* being submitted to the bank. This directory would contain several directories, each named after the ``YYYY-MM-DD/submit`` format. The pain.001 file would then be named in the following schema: ``$microseconds_pain.001.xml``. +**--transient** + This flag, enabled by default, causes the command to check the database and submit only once, and then return. -Before invoking ``serve``, the following environment variable needs to be set: -``LIBEUFIN_NEXUS_DB_CONNECTION`` - This specifies the database **libeufin-nexus** uses to maintain state. - Currently, both Sqlite and PostgreSQL are supported. - (Only one needs to be specified.) - Examples: +ebics-fetch +----------- - - ``jdbc:sqlite:/tmp/libeufin-nexus.db`` - - ``jdbc:postgresql://localhost:5432/libeufindb?user=Foo&password=secret`` +This subcommand downloads and parse EBICS files and ingest them into the database. Along the download, ebics-fetch would bounce incoming payments that do not have a valid Taler subject, or as well those with an already existing valid subject. Valid incoming payments are then stored in the database so that they can trigger Taler withdrawals. Along this process, ebics-submit would as well reconcile initiated outgoing payments with any outgoing transactions that show up in the downloaded records. -Normally, the ``serve`` command runs until interrupted. -When run in a shell, you can use ``Control-C`` for that. +The files type can be given as an argument to select what will be fetched. If no argument is given, all supported files are fetched. The following files are supported: +* ``acknowledgement``: EBICS acknowledgement, retrieves the status of EBICS orders. +* ``status``: Payment status, retrieves status of pending debits. +* ``notification``: Debit & credit notifications, retrieves the history of confirmed debits and credits. -reset-tables ------------- +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. +**--debug-ebics** *SAVEDIR* + Log EBICS content at SAVEDIR. + Downloaded documents will be stored *before* being ingested in the database. This directory would contain several directories, each named after the ``YYYY-MM-DD/fetch`` format. The stored files would then be named after the following schema: ``$microseconds_$filename``. Exception to this naming scheme are the HAC responses, since they do not get any filename assigned by the ZIP archive (they are sent unzipped). Their naming scheme is: ``$microseconds_HAC_response.pain.002.xml``. +**--transient** + This flag, enabled by default, causes the command to perform one download and return. +**--pinned-start** + Only supported in --transient mode, this option lets specify the earliest timestamp of the downloaded documents. The latest timestamp is always the current time. -This command drops all the tables in the internal database. -(The next time the tables are needed, **libeufin-nexus** creates them -again, automatically.) +initiate-payment +---------------- -It should only be used when the nexus is quiescent. +This subcommand initiates an outgoing payment. The pending payment is stored in the database and will be performed the next time ``ebics-submit`` run. +It takes one argument, the creditor IBAN payto URI, which must contain a 'receiver-name' and may contain an 'amount' and a 'message' if they have not been defined using CLI options. -See Also +**-h** \| **--help** + Print short help on options. +**-c** \| **--config** *FILENAME* + Specifies the configuration file. +**-L** \| **--log** *LOGLEVEL* + Configure logging to use LOGLEVEL. +**--amount** *AMOUNT* + The amount to transfer, payto 'amount' parameter takes the precedence +**--subject** *TEXT* + The payment subject, payto 'message' parameter takes the precedence +**--request-uid** *TEXT* + The payment request UID, will be randomly generated if missing. + +.. include:: ../frags/libeufin-config-cli.rst + +SEE ALSO ======== -.. TODO: libeufin-sandbox(1), libeufin-cli(1). - +libeufin-nexus.conf(5) Bugs ==== -Report bugs by using https://bugs.taler.net or by sending electronic -mail to <taler@gnu.org>. +Report bugs by using https://bugs.taler.net or by sending electronic mail to <taler@gnu.org>. diff --git a/manpages/libeufin-nexus.conf.5.rst b/manpages/libeufin-nexus.conf.5.rst new file mode 100644 index 00000000..e70ff7b3 --- /dev/null +++ b/manpages/libeufin-nexus.conf.5.rst @@ -0,0 +1,187 @@ +libeufin-nexus.conf(5) +###################### + +.. only:: html + + Name + ==== + + **libeufin-nexus.conf** - LibEuFin Nexus configuration file + + +Description +=========== + +The configuration file is line-oriented. Blank lines and whitespace at the +beginning and end of a line are ignored. Comments start with ``#`` or ``%`` +in the first column (after any beginning-of-line whitespace) and go to the end +of the line. + +The file is split into sections. Every section begins with ``[SECTIONNAME]`` +and contains a number of options of the form ``OPTION=VALUE``. There may be +whitespace around the ``=`` (equal sign). Section names and options are +*case-insensitive*. + +The values, however, are *case-sensitive*. In particular, boolean values are +one of ``YES`` or ``NO``. Values can include whitespace by surrounding the +entire value with ``"`` (double quote). Note, however, that there are no +escape characters in such strings; all characters between the double quotes +(including other double quotes) are taken verbatim. + +Durations must be expressed with a number followed by the time unit. The following +time units are supported: 's' (seconds), 'm' (minutes), 'h' (hours). For example, +the value *5m* denotes a duration of *five minutes*. + +Values that represent filenames can begin with a ``/bin/sh``-like variable +reference. This can be simple, such as ``$TMPDIR/foo``, or complex, such as +``${TMPDIR:-${TMP:-/tmp}}/foo``. The variables are expanded either using +key-values from the ``[PATHS]`` section (see below) or from the environment +(``getenv()``). The values from ``[PATHS]`` take precedence over those from +the environment. If the variable name is found in neither ``[PATHS]`` nor the +environment, a warning is printed and the value is left unchanged. Variables (including those from the environment) are expanded recursively, so if ``FOO=$BAR`` and ``BAR=buzz`` then the result is ``FOO=buzz``. Recursion is bounded to at most 128 levels to avoid undefined behavior for mutually recursive expansions like if ``BAR=$FOO`` in the example above. + +The ``[PATHS]`` section is special in that it contains paths that can be +referenced using ``$`` in other configuration values that specify +*filenames*. Note that configuration options that are not specifically +retrieved by the application as *filenames* will not see “$”-expressions +expanded. To expand ``$``-expressions when using ``taler-config``, you must pass +the ``-f`` command-line option. + +The system automatically pre-populates the ``[PATHS]`` section with a few values +at run-time (in addition to the values that are in the actual configuration +file and automatically overwriting those values if they are present). +These automatically generated values refer to installation properties +from `GNU autoconf +<https://www.gnu.org/prep/standards/html_node/Directory-Variables.html>`_. The +values are usually dependent on an ``INSTALL_PREFIX`` which is determined by +the ``--prefix`` option given to configure. The canonical values are: + + * LIBEXECDIR = $INSTALL_PREFIX/taler/libexec/ + * DOCDIR = $INSTALL_PREFIX/share/doc/taler/ + * ICONDIR = $INSTALL_PREFIX/share/icons/ + * LOCALEDIR = $INSTALL_PREFIX/share/locale/ + * PREFIX = $INSTALL_PREFIX/ + * BINDIR = $INSTALL_PREFIX/bin/ + * LIBDIR = $INSTALL_PREFIX/lib/taler/ + * DATADIR = $INSTALL_PREFIX/share/taler/ + +Note that on some platforms, the given paths may differ depending +on how the system was compiled or installed, the above are just the +canonical locations of the various resources. These +automatically generated values are never written to disk. + +Files containing default values for many of the options described below +are installed under ``$TALER_PREFIX/share/libeufin-nexus/config.d/``. +The configuration file given with **-c** to Taler binaries +overrides these defaults. + +A configuration file may include another, by using the ``@INLINE@`` directive, +for example, in ``main.conf``, you could write ``@INLINE@ sub.conf`` to +include the entirety of ``sub.conf`` at that point in ``main.conf``. + +Be extra careful when using ``taler-config -V VALUE`` to change configuration +values: it will destroy all uses of ``@INLINE@`` and furthermore remove all +comments from the configuration file! + +GLOBAL OPTIONS +-------------- + +Setting the database belongs to the “[nexus-postgres]” section and the +following value. + +CONFIG + PostgreSQL connection string. Note: this option is NOT used by the + ebics-setup subcommand, as it stores the key files directly on the + filesystem. + +The “[paths]” section is special in that it contains paths that can be +referenced using “$” in other configuration values that specify +filenames. For Taler, it commonly contains the following paths: + +LIBEUFIN_HOME + Home directory of the user, usually “${HOME}”. Can be overwritten by + testcases by setting ${LIBEUFIN_TEST_HOME}. + +EBICS SETUP OPTIONS +------------------- + +The following options are from the “[nexus-ebics]” section and used by +the ``libeufin-nexus ebics-setup`` command. + +CURRENCY + Name of the currency, e.g. “EUR” for Euro. + +HOST_BASE_URL + URL of the EBICS server + +BANK_DIALECT + Name of the following combination: EBICS version and ISO20022 recommendations + that Nexus would honor in the communication with the bank. Currently only the + 'postfinance' value is supported. + +HOST_ID + EBICS specific: name of the EBICS host + +USER_ID + EBICS specific: user ID of the EBICS subscriber. This value must be assigned + by the bank after having activated a new EBICS subscriber. + +PARTNER_ID + EBICS specific: partner ID of the EBICS subscriber. This value must be assigned + by the bank after having activated a new EBICS subscriber. + +BANK_PUBLIC_KEYS_FILE + Filesystem location where Nexus should store the bank public keys. + +CLIENT_PRIVATE_KEYS_FILE + Filesystem location where Nexus should store the subscriber private keys. + +IBAN + IBAN of the bank account that is associated with the EBICS subscriber. + +BIC + BIC of the bank account that is associated with the EBICS subscriber. + +NAME + Legal entity that is associated with the EBICS subscriber. + + +EBICS SUBMIT OPTIONS +-------------------- + +The following configuration value(s) belong to the “[nexus-submit]” section. + +FREQUENCY + Duration value to instruct the ``ebics-submit`` subcommand how much to wait + before checking the database again to find new unsubmitted payments. + +EBICS FETCH OPTIONS +------------------- + +The following configuration value(s) belong to the “[nexus-fetch]” section. + +FREQUENCY + Duration value to instruct the ``ebics-fetch`` subcommand how often it should + download from the bank. + +DATABASE OPTIONS +---------------- + +Setting the database belongs to the “[libeufin-nexusdb-postgres]” section and the following value. + +CONFIG + PostgreSQL connection string. + +SQL_DIR + Where are the SQL files to setup our tables? + +SEE ALSO +======== + +libeufin-nexus(1) + +BUGS +==== + +Report bugs by using https://bugs.taler.net/ or by sending electronic +mail to <taler@gnu.org>. diff --git a/manpages/libeufin-sandbox.1.rst b/manpages/libeufin-sandbox.1.rst index e073500e..6f0948d0 100644 --- a/manpages/libeufin-sandbox.1.rst +++ b/manpages/libeufin-sandbox.1.rst @@ -70,16 +70,16 @@ config This command takes argument ``NAME`` and creates a demobank with that name. -Option ``--currency CUR`` (default: ``EUR``) specifes another currency. +Option ``--currency CUR`` (default: ``EUR``) specifies another currency. Option ``--captcha-url $URL`` specifies where the wallet user is going -to be redirected to confirm the withdrawal operation. This $URL should +to be redirected to confirm the withdrawal operation. This $URL should point to the bank frontend. More precisely to the UI that let the user finish a withdrawal operation that needs to be confirmed. Example of -this value may be "https://bank.domain/#/operation/{wopid}" where +this value may be "https://bank.domain/#/operation/{wopid}" where "https://bank.domain" returns the demobank SPA and the demobank view under the route "/operation/{wopid}" will show the status of the operation id {wopid}. Note that "{wopid}" is literally in the --captcha-url config and replaced at -runtime by the sandbox server. +runtime by the sandbox server. Option ``--bank-debt-limit N`` (default: 1000000) specifies that the bank debt limit should be N (units of currency). Similarly, option ``--users-debt-limit N`` (default: 1000) specifies diff --git a/manpages/taler-config.1.rst b/manpages/taler-config.1.rst index 14a8959b..abc10dd6 100644 --- a/manpages/taler-config.1.rst +++ b/manpages/taler-config.1.rst @@ -83,6 +83,7 @@ Description Note: Changing the configuration file with ``-V`` will remove comments and may reorder sections and remove ``@INLINE@`` directives. + Using **-V** is thus dangerous! Use with extreme caution! **-v** \| **--version** Print GNU Taler version number. diff --git a/manpages/taler-exchange-offline.1.rst b/manpages/taler-exchange-offline.1.rst index f14e29e8..378c6312 100644 --- a/manpages/taler-exchange-offline.1.rst +++ b/manpages/taler-exchange-offline.1.rst @@ -259,7 +259,7 @@ enable-account -------------- This subcommand informs an exchange that it should advertise a bank account as -belonging to the exchange on its ``/wire`` endpoint. Note that this does +belonging to the exchange on its ``/keys`` endpoint. Note that this does *not* ensure that the exchange will use this bank account for incoming or outgoing wire transfers! For this, the **taler-exchange-transfer** and **taler-exchange-wirewatch** tools must be configured. Furthermore, the bank @@ -316,7 +316,7 @@ disable-account This subcommand informs an exchange that it should stop advertising a bank account as -belonging to the exchange on its ``/wire`` endpoint. +belonging to the exchange on its ``/keys`` endpoint. The ``payto://`` URI (RFC 8905) of the exchange's (former) bank account must be given as the first argument to the subcommand. diff --git a/manpages/taler-mdb.1.rst b/manpages/taler-mdb.1.rst new file mode 100644 index 00000000..5e6f86d2 --- /dev/null +++ b/manpages/taler-mdb.1.rst @@ -0,0 +1,73 @@ +taler-mdb(1) +############ + +.. only:: html + + Name + ==== + + **taler-mdb** - Taler multi-drop bus vending machine integration + + +Synopsis +======== + +**taler-mdb** +[**-c** *FILENAME* | **--config=**\ \ *FILENAME*] +[**-d** | **--disable-mdb**] +[**-h** | **--help**] +[**-i** | **--backlight-invert**] +[**-L** _*LOGLEVEL* | **--log=**\ \ *LOGLEVEL*] +[**-l** _*FILENAME* | **--logfile=**\ \ *FILENAME*] +[**-s** | **--enable-soldout**] +[**-t** | **--disable-tty**] +[**-v** | **--version**] + + +Description +=========== + +**taler-mdb** is a command-line tool to operate a vending machine using GNU Taler for payments. + +Its options are as follows: + +**-c** *FILENAME* \| **--config=**\ \ *FILENAME* + Use the configuration and other resources for the Sync commands + to operate from *FILENAME*. + +**-d** \| **--disable-mdb** + Disable interaction with the MDB bus (for testing). + +**-h** \| **--help** + Print short help on options. + +**-i** \| **--backlight-invert** + Invert the bit for turning on/off the backlight. + +**-L** *LOGLEVEL* \| **--log=**\ \ *LOGLEVEL* + Configure logging to use *LOGLEVEL*. + +**-l** *FILENAME* \| **--logfile=**\ \ *FILENAME* + Configure logging to write logs to *FILENAME*. + +**-s** \| **--enable-soldout** + When the machine fails to dispense a product, internally set the product to "sold out" and refuse future orders until restarted. + +**-t** \| **--disable-tty** + Disable interactive command-line use. + +**-v** \| **–version** + Print version information. + + +See Also +======== + +taler-merchant-httpd(1), taler.conf(5). + + +Bugs +==== + +Report bugs by using https://bugs.taler.net or by sending electronic +mail to <taler@gnu.org>. diff --git a/manpages/taler-merchant-depositcheck.1.rst b/manpages/taler-merchant-depositcheck.1.rst new file mode 100644 index 00000000..e243f0d2 --- /dev/null +++ b/manpages/taler-merchant-depositcheck.1.rst @@ -0,0 +1,78 @@ +taler-merchant-depositcheck(1) +############################## + +.. only:: html + + Name + ==== + + **taler-merchant-depositcheck** - check if deposits are associated with wire transfers + + +Synopsis +======== + +**taler-merchant-depositcheck** +[**-c** *FILENAME* | **--config=**\ \ *FILENAME*] +[**-e** *BASE_URL* | **--exchange=**\ \ *BASE_URL*] +[**-h** | **--help**] +[**-L** *LOGLEVEL* | **--loglevel=**\ \ *LOGLEVEL*] +[**-l** *FILENAME* | **--logfile=**\ \ *FILENAME*] +[**-T** *USEC* | **--timetravel**\ \ *USEC*] +[**-t** | **--test**] +[**-v** | **--version**] + +Description +=========== + +**taler-merchant-depositcheck** is a command-line tool to inquire with exchanges about whether they completed +bank transfers in response to deposits made by the +merchant backend. This will allow the merchant backend to detect deposit issues, for example if a KYC is blocking +a wire transfer. + +Its options are as follows: + +**-c** *FILENAME* \| **--config=**\ \ *FILENAME* + Use the configuration and other resources for the merchant to operate + from *FILENAME*. + +**-e** *BASE_URL* \| **--exchange=**\ \ *BASE_URL* + Base URL of the exchange to monitor. If not given, a worker process will be spawned for each exchange in the configuration ("merchant-exchange-" sections). + +**-h** \| **--help** + Print short help on options. + +**-L** *LOGLEVEL* \| **--loglevel=**\ \ *LOGLEVEL* + Specifies the log level to use. Accepted values are: ``DEBUG``, ``INFO``, + ``WARNING``, ``ERROR``. + +**-l** *FILENAME* \| **--logfile=**\ \ *FILENAME* + Send logging output to *FILENAME*. + +**-s** *SECTION* \| **--section=**\ \ *SECTION* + Configuration section to use. Default is taler-merchant-depositcheck. Needed + if different processes are used to watch multiple bank accounts (for the + same instance or different instances). + +**-T** *USEC* \| **--timetravel=**\ \ *USEC* + Modify the system time by *USEC* microseconds. + *USEC* may be prefixed with ``+`` or ``-`` (e.g. ``-T +300``). + This option is intended for debugging/testing only. + +**-t** \| **--test** + Run in test mode. Only runs until the current list of bank + transactions are all imported. + +**-v** \| **–version** + Print version information. + +See Also +======== + +taler-merchant-httpd(1), taler.conf(5). + +Bugs +==== + +Report bugs by using https://bugs.taler.net or by sending electronic +mail to <taler@gnu.org>. diff --git a/manpages/taler-merchant-exchange.1.rst b/manpages/taler-merchant-exchange.1.rst new file mode 100644 index 00000000..de2b571f --- /dev/null +++ b/manpages/taler-merchant-exchange.1.rst @@ -0,0 +1,73 @@ +taler-merchant-exchange(1) +########################## + +.. only:: html + + Name + ==== + + **taler-merchant-exchange** - reconcile bank transfers with Taler exchange + + +Synopsis +======== + +**taler-merchant-exchange** +[**-c** *FILENAME* | **--config=**\ \ *FILENAME*] +[**-h** | **--help**] +[**-L** *LOGLEVEL* | **--loglevel=**\ \ *LOGLEVEL*] +[**-l** *FILENAME* | **--logfile=**\ \ *FILENAME*] +[**-T** *USEC* | **--timetravel**\ \ *USEC*] +[**-t** | **--test**] +[**-v** | **--version**] + +Description +=========== + +**taler-merchant-exchange** is a background job that reconciles +wire transfers that credit the merchant's bank account with +the respective contracts that have been paid by asking the +exchange to provide a list of all deposits that were aggregated +into a wire transfer. + +The tool is part of a set of processes that allow a merchant backend to +validate that the exchange paid the merchant correctly. + +Its options are as follows: + +**-c** *FILENAME* \| **--config=**\ \ *FILENAME* + Use the configuration and other resources for the merchant to operate + from *FILENAME*. + +**-h** \| **--help** + Print short help on options. + +**-L** *LOGLEVEL* \| **--loglevel=**\ \ *LOGLEVEL* + Specifies the log level to use. Accepted values are: ``DEBUG``, ``INFO``, + ``WARNING``, ``ERROR``. + +**-l** *FILENAME* \| **--logfile=**\ \ *FILENAME* + Send logging output to *FILENAME*. + +**-T** *USEC* \| **--timetravel=**\ \ *USEC* + Modify the system time by *USEC* microseconds. + *USEC* may be prefixed with ``+`` or ``-`` (e.g. ``-T +300``). + This option is intended for debugging/testing only. + +**-t** \| **--test** + Run in test mode. Only runs until the current list of bank + transactions have all been checked. + +**-v** \| **–version** + Print version information. + +See Also +======== + +taler-merchant-depositcheck(1), taler-merchant-wirewatch(1), taler.conf(5). + +Bugs +==== + +Report bugs by using https://bugs.taler.net or by sending electronic +mail to <taler@gnu.org>. diff --git a/manpages/taler-merchant-setup-reserve.1.rst b/manpages/taler-merchant-setup-reserve.1.rst deleted file mode 100644 index 73fa2a0c..00000000 --- a/manpages/taler-merchant-setup-reserve.1.rst +++ /dev/null @@ -1,119 +0,0 @@ -taler-merchant-setup-reserve(1) -############################### - - -.. only:: html - - Name - ==== - - **taler-merchant-setup-reserve** - setup reserve for rewards - - -Synopsis -======== - -**taler-merchant-setup-reserve** -[**-A** *USERNAME:PASSWORD* | **--auth=**\ \ *USERNAME:PASSWORD*] -[**-a** *VALUE* | **--amount=**\ \ *VALUE*] -[**-C** *CERTFILE* | **--cert=**\ \ *CERTFILE*] -[**-c** *FILENAME* | **--config=**\ \ *FILENAME*] -[**-e** *URL* | **--exchange-url=**\ \ *URL*] -[**-h** | **--help**] -[**-k** *KEYFILE* | **--key=**\ \ *KEYFILE*] -[**-L** *LOGLEVEL* | **--loglevel=**\ \ *LOGLEVEL*] -[**-l** *FILENAME* | **--logfile=**\ \ *FILENAME*] -[**-m** *URL* | **--merchant-url=**\ \ *URL*] -[**-p** *KEYFILEPASSPHRASE* | **--pass=**\ \ *KEYFILEPASSPHRASE*] -[**-t** *CERTTYPE* | **--type=**\ \ *CERTTYPE*] -[**-w** *METHOD* | **--wire-method=**\ \ *METHOD*] -[**-v** | **--version**] - - -Description -=========== - -**taler-merchant-setup-reserve** is a command-line tool to setup a reserve -(creating the private reserve key) and obtaining the wire transfer information -from the exchange needed to fill the reserve. - - -Options -======= - -**-A** *USERNAME:PASSWORD* \| **--auth=**\ \ *USERNAME:PASSWORD* - Use ``USERNAME`` and ``PASSWORD`` for HTTP client authentication. - The ":" must be present as a separator. - Note that this form of authentication has nothing to do with the TLS client - certificate authentication supported with the ``-C``, ``-k`` and ``-p`` options. - The ``PASSWORD`` given to this option is given to the server! - -**-a** *VALUE* \| **--amount=**\ \ *VALUE* - Mandatory. - Amount to be transferred to the reserve. - -**-C** *CERTFILE* \| **--cert=**\ \ *CERTFILE* - The specified ``CERTFILE`` contains a TLS client certificate to be used to - authenticate the client. See also ``-t``. - -**-c** *FILENAME* \| **--config=**\ \ *FILENAME* - Use the configuration and other resources for the merchant to - operate from ``FILENAME``. - -**-e** *URL* \| **--exchange-url=**\ \ *URL* - Mandatory. - Use ``URL`` for the exchange base URL. - This is the exchange where the reserve will be created. - The currency used in the amount specification must be offered by this exchange. - -**-h** \| **--help** - Print short help on options. - -**-k** *KEYFILE* \| **--key=**\ \ *KEYFILE* - The specified ``KEYFILE`` contains a TLS client private key to be used to - authenticate the client. See also ``-p`` and ``-C``. - -**-L** *LOGLEVEL* \| **--loglevel=**\ \ *LOGLEVEL* - Specifies the log level to use. Accepted values are: ``DEBUG``, ``INFO``, - ``WARNING``, ``ERROR``. - -**-l** *FILENAME* \| **--logfile=**\ \ *FILENAME* - Send logging output to *FILENAME*. - -**-m** *URL* \| **--merchant-url=**\ \ *URL* - Mandatory. - Use ``URL`` as the merchant base URL. - Should include the path to the instance if the reserve is to be - created for a non-default instance. - -**-p** *KEYFILEPASSPHRASE* \| **--pass=**\ \ *KEYFILEPASSPHRASE* - The specified ``KEYFILEPASSPHRASE`` is to be used to decrypt the KEYFILE. - See also ``-k``. Not to be confused with ``-A``. - The ``KEYFILEPASSPHRASE`` given here is only used locally to decrypt the KEYFILE. - -**-t** *CERTTYPE* \| **--type=**\ \ *CERTTYPE* - The specified CERTFILE contains a TLS client certificate of ``CERTTYPE``. - Default is ``PEM``. See also ``-C``. - -**-w** *METHOD* \| **--wire-method=**\ \ *METHOD* - Mandatory. - Which wire method should be used. - Needed to select the wire transfer method of the exchange. - The method must be supported by the exchange. - Typical values would be ``iban`` or ``x-taler-bank``. - -**-v** \| **--version** - Print version information. - - -See Also -======== - -taler-merchant-dbinit(1), taler.conf(5) - - -Bugs -==== - -Report bugs by using https://bugs.taler.net/ or by sending electronic -mail to <taler@gnu.org>. diff --git a/manpages/taler-merchant-webhook.1.rst b/manpages/taler-merchant-webhook.1.rst index 314c574a..c3a71509 100644 --- a/manpages/taler-merchant-webhook.1.rst +++ b/manpages/taler-merchant-webhook.1.rst @@ -17,6 +17,7 @@ Synopsis [**-h** | **--help**] [**-L** *LOGLEVEL* | **--loglevel=**\ \ *LOGLEVEL*] [**-l** *FILENAME* | **--logfile=**\ \ *FILENAME*] +[**-T** *USEC* | **--timetravel**\ \ *USEC*] [**-t** | **--test**] [**-v** | **--version**] @@ -43,6 +44,11 @@ Its options are as follows: **-l** *FILENAME* \| **--logfile=**\ \ *FILENAME* Send logging output to *FILENAME*. +**-T** *USEC* \| **--timetravel=**\ \ *USEC* + Modify the system time by *USEC* microseconds. + *USEC* may be prefixed with ``+`` or ``-`` (e.g. ``-T +300``). + This option is intended for debugging/testing only. + **-t** \| **--test** Run in test mode. Only runs until there are no more webhooks to be executed. diff --git a/manpages/taler-merchant-wirewatch.1.rst b/manpages/taler-merchant-wirewatch.1.rst index 54daa767..e2f9d1df 100644 --- a/manpages/taler-merchant-wirewatch.1.rst +++ b/manpages/taler-merchant-wirewatch.1.rst @@ -17,6 +17,8 @@ Synopsis [**-h** | **--help**] [**-L** *LOGLEVEL* | **--loglevel=**\ \ *LOGLEVEL*] [**-l** *FILENAME* | **--logfile=**\ \ *FILENAME*] +[**-p** | **--persist**] +[**-T** *USEC* | **--timetravel**\ \ *USEC*] [**-t** | **--test**] [**-v** | **--version**] @@ -44,11 +46,19 @@ Its options are as follows: **-l** *FILENAME* \| **--logfile=**\ \ *FILENAME* Send logging output to *FILENAME*. +**-p** \| **--persist** + Run in persist mode. Does not exit when the account configuration changes. Useful when not running under systemd. + **-s** *SECTION* \| **--section=**\ \ *SECTION* Configuration section to use. Default is taler-merchant-wirewatch. Needed if different processes are used to watch multiple bank accounts (for the same instance or different instances). +**-T** *USEC* \| **--timetravel=**\ \ *USEC* + Modify the system time by *USEC* microseconds. + *USEC* may be prefixed with ``+`` or ``-`` (e.g. ``-T +300``). + This option is intended for debugging/testing only. + **-t** \| **--test** Run in test mode. Only runs until the current list of bank transactions are all imported. diff --git a/manpages/taler-terms-generator.1.rst b/manpages/taler-terms-generator.1.rst index c95221d5..d6c22411 100644 --- a/manpages/taler-terms-generator.1.rst +++ b/manpages/taler-terms-generator.1.rst @@ -47,6 +47,9 @@ Description **-l** *LANGUAGE* Add the given *LANGUAGE* to the list of translations for the current *INPUT*. *LANGUAGE* must be a two-letter language code (like "de" or "it"). This will generate or update the respective ".po" files to translate the *INPUT* terms to this *LANGUAGE*. +**-L** *LOCALE_DIR* + Specify locale/ directory where GNU gettext resources for translating the input are located. If "-l" is given, this directory is where fresh or updated ".po" files will be placed, and otherwise this directory will be scanned for translations of the ".rst" input file. + **-o** *OUTPUT* Specifies where to write the output. This should be the directory where the service expects to find the generated resources. Unless you changed the default configuration, you probably do not have to specify this value. diff --git a/manpages/taler-unified-setup.1.rst b/manpages/taler-unified-setup.1.rst index 02d09879..fe60d1e5 100644 --- a/manpages/taler-unified-setup.1.rst +++ b/manpages/taler-unified-setup.1.rst @@ -21,6 +21,7 @@ Synopsis [**-e**] [**-f**] [**-h**] +[**-k**] [**-l** *FILENAME*] [**-m**] [**-n**] @@ -64,6 +65,9 @@ systemd and not via this tool. **-h** \| **--help** Prints a compiled-in help text. +**-k** + Start challenger (KYC service) + **-L** *LOGLEVEL* Specifies the log level to use. Accepted values are: ``DEBUG``, ``INFO``, ``WARNING``, ``ERROR``. @@ -97,7 +101,7 @@ See Also ======== taler-exchange-dbinit(1), taler-exchange-offline(1), taler-merchant-benchmark(1), -taler-exchange-httpd(1), taler-unified-setup(1), taler.conf(5) +taler-exchange-httpd(1), taler.conf(5) Bugs ==== diff --git a/manpages/taler-wallet-cli.1.rst b/manpages/taler-wallet-cli.1.rst index 2d35bb87..dad790f5 100644 --- a/manpages/taler-wallet-cli.1.rst +++ b/manpages/taler-wallet-cli.1.rst @@ -46,8 +46,6 @@ for testing. **withdraw-uri** URI -**reward-uri** URI - **refund-uri** URI **pay-uri** [**-y** | **--yes**] URI diff --git a/manpages/taler.conf.5.rst b/manpages/taler.conf.5.rst index fb443f80..3748b673 100644 --- a/manpages/taler.conf.5.rst +++ b/manpages/taler.conf.5.rst @@ -98,10 +98,6 @@ NAME Long human-readable name for the currency. No restrictions, but should match the official name in English. -DECIMAL_SEPARATOR - What symbol should be used to separate fractional digits. - Typical values are "." or ",". - FRACTIONAL_INPUT_DIGITS Number of fractional digits that users are allowed to enter manually in the user interface. @@ -117,11 +113,6 @@ FRACTIONAL_TRAILING_ZERO_DIGITS even if these digits are all zero. For example, use 2 to render 1 USD as $1.00. -IS_CURRENCY_NAME_LEADING - When rendering amounts, should the currency name or symbol - be before the amount ("$10") or after ("3,50 €"). Use "YES" - to render the symbol before, "NO" to render it afterwards. - ALT_UNIT_NAMES JSON map determining how to encode very large or very tiny amounts in this currency. Maps a base10 logarithm to the @@ -160,7 +151,9 @@ BIND_TO MASTER_PUBLIC_KEY Crockford Base32-encoded master public key, public version of the - exchange's long-time offline signing key. + exchange's long-time offline signing key. This configuration option + is also used by the **auditor** to determine the public key of the + exchange which it is auditing. AML_THRESHOLD Largest amount in this currency that can be transferred per month without @@ -169,15 +162,8 @@ AML_THRESHOLD KYC_AML_TRIGGER Program to run on KYC attribute data to decide whether we should immediately flag an account for AML review. Program must return 0 if a manual AML review is not needed, and non-zero to trigger an AML review. The KYC attribute data of the new user will be passed on standard-input. -ENABLE_REWARDS - This option can be used to announce that an exchange does not allow - the use of the reserves for rewards. The default is YES which means - that rewards are allowed. The option merely announces that - rewards is enabled or disabled, and protocol-compliant merchant - backends will then enable or disable the feature accordingly. - STEFAN_ABS - Absolte amount to add as an offset in the STEFAN fee approximation + Absolute amount to add as an offset in the STEFAN fee approximation curve (see DD47). Defaults to CURRENCY:0 if not specified. STEFAN_LOG @@ -287,7 +273,7 @@ KYC_OAUTH2_VALIDITY Duration (e.g. "12 months") of the validity of the performed KYC check. Can be "forever". KYC_OAUTH2_AUTHORIZE_URL - URL of the OAuth2 endpoint to be used for KYC checks. The authorize URL is where the exchange will redirect the client to begin the authorization process. Example: "http://localhost:8888/oauth/v2/authorize". To use the plugin in combination with the Challenger service's ``/setup`` step, append "#setup", thus "https://challenger.example.com/authorize#setup". Here, "#setup" is not a fragment but merely a hint to the logic to determine the full authorization URL via the ``/setup`` handler. + URL of the OAuth2 endpoint to be used for KYC checks. The authorize URL is where the exchange will redirect the client to begin the authorization process. Example: "http://localhost:8888/oauth/v2/authorize". To use the plugin in combination with the Challenger service's ``/setup`` step, append "#setup", thus "https://challenger.example.com/authorize#setup". Here, "#setup" is not a fragment but merely a hint to the logic to determine the full authorization URL via the ``/setup/$CLIENT_ID`` handler. KYC_OAUTH2_TOKEN_URL URL of the OAuth2 endpoint to be used for KYC checks. This is where the server will ultimately send the authorization token from the client and obtain its access token (which currently must be a "bearer" token). Example: "http://localhost:8888/oauth/v2/token" (or just "/token") @@ -304,6 +290,15 @@ KYC_OAUTH2_CLIENT_SECRET KYC_OAUTH2_POST_URL URL to which the exchange will redirect the client's browser after successful authorization/login for the KYC process. Example: "http://example.com/thank-you" +KYC_OAUTH2_CONVERTER_HELPER + Helper to convert JSON with KYC data returned by the OAuth2.0 info endpoint into GNU Taler internal format. Specific to the OAuth 2.0 provider. + +KYC_OAUTH2_DEBUG_MODE + Set to YES to allow error responses to include potentially + sensitive private information (such as full responses + from the OAuth 2.0 server) that might aid in debugging + problems. Should be set to "NO" in production. + EXCHANGE KYC KYCAID OPTIONS ^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -664,6 +659,9 @@ DB SERVE Should the HTTP server listen on a UNIX domain socket (set option to "unix") or on a TCP socket (set option to "tcp")? +BASE_URL + Which base URL should the merchant backend assume for itself in the protocol. Optional. If not given, the base URL will be constructed from X-Forwarded-Host, X-Forwarded-Port and X-Forwarded-Prefix headers that a reverse-proxy should be setting. + UNIXPATH Path to listen on if we "SERVE" is set to "unix". @@ -787,6 +785,51 @@ RAM_LIMIT This gives the number of transactions to keep in memory. Older transactions will be overwritten and history requests for overwritten transactions will fail. +Taler-mdb Options +----------------- + +Taler-mdb is a component to run GNU Taler as a payment system on +vending machines using the multi-drop bus protocol. These options +are thus not useful for most users. Note that right now, the +cancel button is hard-coded to be using GPIO pin 23. + +ADVERTISEMENT_COMMAND + Program to run while not vending, possibly useful to show advertisements on the screen (optional). +ESSID + ESSID to advertise to wallets for use as an open WiFi to make payments (optional). +FULFILLMENT_MSG + Message shown to users by their wallets upon successful payment. If "${PRODUCT_DESCRIPTION}" appears in the message, it will be replaced with the description of the product that was sold. +BACKEND_BASE_URL + Base URL (possibly including instance) for the Taler merchant backend used to process payments. +BACKEND_AUTHORIZATION + Full HTTP "Authorization" header (usually with a Bearer token) to be send to the merchant backend for authorization of requests. Mandatory. +FRAMEBUFFER_BACKLIGHT + Name of the file used to control brightness of the display. Optional. Defaults to "/sys/class/backlight/soc:backlight/brightness" if not given. +FRAMEBUFFER_DEVICE + Name of the framebuffer device to use. Defaults to "/dev/fb1" if not given. +UART_DEVICE + Name of the UART device to use. Defaults to "/dev/ttyAMA0" if not given. +FAIL_COMMAND + Command to run to display a failure to the user. If not given, errors will not be properly shown. + +Each products being sold must be configured in a section where the name starts with "product-". +In these sections, the options that must be provided are: + +NUMBER + Number identifying the slot in the vending machine that corresponds to this product. +INSTANCE + Instance to use for the payment. Optional. If not given, the BACKEND_BASE_URL from "[taler-mdb]" will be used. +BACKEND_AUTHORIZATION + Full HTTP "Authorization" header (usually with a Bearer token) to be send to the merchant backend for authorization of requests. Optional, will use global BACKEND_AUTHORIZATION setting from "[taler-mdb]" if missing. +DESCRIPTION + Human-readable description of the product. Use "empty" if the product is known to be sold out (only effective if selling out is enabled via command-line). +PRICE + Actual price of the product, as a Taler amount ("$CURRENCY:$VALUE.$FRACTION"). +KEY + Key used to select the product from the console during testing. Optional. +THUMBNAIL + Name of a filename with a preview image of the product to be given to the wallet. Optional. Only ".png", ".jpg", ".jpeg" and ".svg" are supported at this time. + SEE ALSO ======== |