30 files changed, 310 insertions, 67 deletions

diff --git a/debian/changelog b/debian/changelog
index c151d9ba..c147a0d5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,75 @@
+taler-exchange (0.9.3-4) unstable; urgency=low
+
+  * Minor hot-fixes to the database setup automation script.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Fri, 1 Dec 2023 10:50:12 -0800
+
+taler-exchange (0.9.3-3) unstable; urgency=low
+
+  * This packages the v0.9.3b bugfix release.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Wed, 29 Nov 2023 03:50:12 +0200
+
+taler-exchange (0.9.3-2) unstable; urgency=low
+
+  * This packages the v0.9.3a bugfix release.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Wed, 29 Nov 2023 03:50:12 +0200
+
+taler-exchange (0.9.3-1) unstable; urgency=low
+
+  * Actual v0.9.3 release.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Wed, 27 Sep 2023 03:50:12 +0200
+
+taler-exchange (0.9.3) unstable; urgency=low
+
+  * First work towards packaging v0.9.3.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Thu, 7 Sep 2023 23:50:12 +0200
+
+taler-exchange (0.9.2-3) unstable; urgency=low
+
+  * Improvements to timeout handling when DB is not available yet.
+
+ -- Florian Dold <dold@taler.net>  Tue, 14 Mar 2023 12:30:15 +0100
+
+taler-exchange (0.9.2-2) unstable; urgency=low
+
+  * Further improvements to Debian package.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Sat, 3 Mar 2023 23:50:12 +0200
+
+taler-exchange (0.9.2-1) unstable; urgency=low
+
+  * Minor improvements to Debian package, also adds age-withdraw REST APIs.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Sat, 3 Mar 2023 13:50:12 +0200
+
+taler-exchange (0.9.2) unstable; urgency=low
+
+  * Packaging latest release.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Tue, 21 Feb 2023 13:50:12 +0200
+
+taler-exchange (0.9.1) unstable; urgency=low
+
+  * Packaging latest release.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Tue, 17 Jan 2023 11:50:12 +0200
+
+taler-exchange (0.9.0) unstable; urgency=low
+
+  * Packaging latest release.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Sat, 5 Nov 2022 11:50:12 +0200
+
+taler-exchange (0.8.99-2) unstable; urgency=low
+
+  * Packaging latest pre-release from Git.
+
+ -- Christian Grothoff <grothoff@gnu.org>  Mon, 26 Sep 2022 09:50:12 +0200
+
 taler-exchange (0.8.99-1) unstable; urgency=low
 
   * Updating to latest pre-release from Git.
diff --git a/debian/control b/debian/control
index 3f55173e..fe80f9cf 100644
--- a/debian/control
+++ b/debian/control
@@ -7,17 +7,18 @@ Build-Depends:
  automake (>=1.11.1),
  autopoint,
  bash,
+ gcc-12,
  debhelper-compat (= 12),
  gettext,
- libgnunet-dev (>=0.17.1),
+ libgnunet-dev (>=0.21),
  libcurl4-gnutls-dev (>=7.35.0) | libcurl4-openssl-dev (>= 7.35.0),
  libgcrypt20-dev (>=1.8),
  libgnutls28-dev (>=3.2.12),
  libidn2-dev,
- libjansson-dev,
+ libjansson-dev (>= 2.13),
  libltdl-dev (>=2.2),
  libmicrohttpd-dev (>=0.9.71),
- libpq-dev (>=13),
+ libpq-dev (>=14),
  libsodium-dev (>=1.0.11),
  libunistring-dev (>=0.9.2),
  python3-jinja2,
@@ -39,7 +40,15 @@ Depends:
  netbase,
  ${misc:Depends},
  ${shlibs:Depends}
-Description: libraries to talk to a GNU Taler exchange
+Recommends:
+ python3-sphinx,
+ python3-sphinx-rtd-theme
+Description: Libraries to talk to a GNU Taler exchange.
+  The package also contains various files fundamental
+  to all GNU Taler installations, such as the
+  taler-config configuration command-line tool,
+  various base configuration files and associated
+  documentation.
 
 Package: taler-exchange-database
 Architecture: any
@@ -50,7 +59,10 @@ Depends:
  netbase,
  ${misc:Depends},
  ${shlibs:Depends}
-Description: programs and libraries to manage a GNU Taler exchange database
+Description: Programs and libraries to manage a GNU Taler exchange database.
+ This package contains only the code to setup the
+ (Postgresql) database interaction (taler-exchange-dbinit
+ and associated resource files).
 
 Package: taler-exchange
 Architecture: any
@@ -63,13 +75,28 @@ Depends:
  lsb-base,
  netbase,
  ucf,
- dbconfig-pgsql | dbconfig-no-thanks,
  ${misc:Depends},
  ${shlibs:Depends}
 Recommends:
   taler-exchange-offline (= ${binary:Version}),
-  postgresql (>=13.0)
-Description: GNU's payment system operator
+  apache2 | nginx | httpd,
+  postgresql (>=14.0)
+Description: GNU's payment system operator.
+  GNU Taler is the privacy-preserving digital payment
+  system from the GNU project. This package contains the
+  core logic that must be run by the payment service
+  provider or bank to offer payments to consumers and
+  merchants.  At least one exchange must be operated
+  per currency.
+  In addition to the core logic, an exchange operator
+  must also have a system running the "offline" logic
+  which is packaged as taler-exchange-offline. It is
+  recommended to keep the "offline" logic on a system
+  that is never connected to the Internet. However, it
+  is also possible to run the "offline" logic directly
+  on the production system, especially for testing.
+  Finally, an exchange operator should also be prepared
+  to run a taler-auditor.
 
 Package: taler-exchange-offline
 Architecture: any
@@ -82,7 +109,14 @@ Depends:
  netbase,
  ${misc:Depends},
  ${shlibs:Depends}
-Description: tools for managing the GNU Taler exchange offline keys
+Description: Tools for managing the GNU Taler exchange offline keys.
+ A GNU Taler exchange uses an offline key to sign its online
+ keys, fee structure, bank routing information and other meta
+ data. The offline signing key is the root of the Taler PKI
+ that is then embedded in consumer wallets and merchant backends.
+ This package includes the tool to download material to sign
+ from the exchange, create signatures, and upload the resulting
+ signatures to the exchange.
 
 Package: taler-auditor
 Architecture: any
@@ -94,18 +128,25 @@ Depends:
  adduser,
  lsb-base,
  netbase,
- dbconfig-pgsql | dbconfig-no-thanks,
  python3-jinja2,
  ${misc:Depends},
  ${shlibs:Depends}
-Description: GNU's payment system auditor
+Description: GNU's payment system auditor.
+  GNU Taler is the privacy-preserving digital payment
+  system from the GNU project. This package contains the
+  auditor logic. It verifies that the taler-exchange run
+  by a payment service provider is correctly performing
+  its bank transactions and thus has the correct balance
+  in its escrow account.  Each exchange operator is
+  expected to make use of one or more auditors as part
+  of its regulatory compliance.
 
 Package: libtalerexchange-dev
 Section: libdevel
 Architecture: any
 Depends:
  libtalerexchange (= ${binary:Version}),
- libgnunet-dev (>=0.17.1),
+ libgnunet-dev (>=0.21),
  libgcrypt20-dev (>=1.8),
  libmicrohttpd-dev (>=0.9.71),
  ${misc:Depends},
diff --git a/debian/etc-libtalerexchange/taler/taler.conf b/debian/etc-libtalerexchange/taler/taler.conf
index 71663be5..2cf81565 100644
--- a/debian/etc-libtalerexchange/taler/taler.conf
+++ b/debian/etc-libtalerexchange/taler/taler.conf
@@ -30,14 +30,16 @@
 # systems is always rounded to this unit.
 #currency_round_unit = KUDOS:0.01
 
+# Monthly amount that mandatorily triggers an AML check
+#AML_THRESHOLD = KUDOS:10000000
 
 [paths]
 
-TALER_HOME = /var/lib/taler
-TALER_RUNTIME_DIR = /run/taler
-TALER_CACHE_HOME = /var/cache/taler
-TALER_CONFIG_HOME = /etc/taler
-TALER_DATA_HOME = /var/lib/taler
+TALER_HOME = /var/lib/taler/
+TALER_RUNTIME_DIR = /run/taler/
+TALER_CACHE_HOME = /var/cache/taler/
+TALER_CONFIG_HOME = /etc/taler/
+TALER_DATA_HOME = /var/lib/taler/
 
 
 # Inline configurations from all Taler components.
diff --git a/debian/etc-taler-auditor/nginx/sites-available/taler-auditor b/debian/etc-taler-auditor/nginx/sites-available/taler-auditor
index 3fdffdad..f74035d5 100644
--- a/debian/etc-taler-auditor/nginx/sites-available/taler-auditor
+++ b/debian/etc-taler-auditor/nginx/sites-available/taler-auditor
@@ -1,7 +1,18 @@
-location /taler-auditor/ {
-         proxy_pass http://unix:/var/lib/taler-auditor/auditor.sock;
-         proxy_redirect off;
-         proxy_set_header Host $host;
-         proxy_set_header X-Forwarded-Host "example.com";
-         proxy_set_header X-Forwarded-Proto "https";
+server {
+
+  listen 80;
+  listen [::]:80;
+
+  server_name localhost;
+
+  access_log /var/log/nginx/auditor.log;
+  error_log /var/log/nginx/auditor.err;
+
+  location /taler-auditor/ {
+    proxy_pass http://unix:/var/lib/taler-auditor/auditor.sock;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+    proxy_set_header X-Forwarded-Host "localhost";
+    #proxy_set_header X-Forwarded-Proto "https";
+  }
 }
\ No newline at end of file
diff --git a/debian/etc-taler-exchange/nginx/sites-available/taler-exchange b/debian/etc-taler-exchange/nginx/sites-available/taler-exchange
index 13ab8863..9b61a32d 100644
--- a/debian/etc-taler-exchange/nginx/sites-available/taler-exchange
+++ b/debian/etc-taler-exchange/nginx/sites-available/taler-exchange
@@ -2,13 +2,16 @@ server {
   listen 80;
   listen [::]:80;
 
-  #server_name example.com;
+  server_name localhost;
+
+  access_log /var/log/nginx/exchange.log;
+  error_log /var/log/nginx/exchange.err;
 
   location /taler-exchange/ {
      proxy_pass http://unix:/run/taler/exchange-httpd/exchange-http.sock:/;
      proxy_redirect off;
      proxy_set_header Host $host;
-     #proxy_set_header X-Forwarded-Host "example.com";
+     proxy_set_header X-Forwarded-Host "localhost";
      #proxy_set_header X-Forwarded-Proto "https";
   }
 }
diff --git a/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf b/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf
index 554852a1..d5938f2b 100644
--- a/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf
+++ b/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf
@@ -6,11 +6,19 @@
 # which you can get using `taler-exchange-offline setup`.
 # This is just an example, your key will be different!
 # MASTER_PUBLIC_KEY = YE6Q6TR1EDB7FD0S68TGDZGF1P0GHJD2S0XVV8R2S62MYJ6HJ4ZG
-MASTER_PUBLIC_KEY =
+# MASTER_PUBLIC_KEY =
 
 # Publicly visible base URL of the exchange.
 # BASE_URL = https://example.com/
-BASE_URL =
+# BASE_URL =
+
+# Here you MUST configure the amount above which transactions are
+# always subject to manual AML review.
+# AML_THRESHOLD = 
+
+# Attribute encryption key for storing attributes encrypted
+# in the database. Should be a high-entropy nonce.
+ATTRIBUTE_ENCRYPTION_KEY = SET_ME_PLEASE
 
 # For your terms of service and privacy policy, you should specify
 # an Etag that must be updated whenever there are significant
@@ -20,18 +28,23 @@ BASE_URL =
 # TERMS_ETAG =
 # PRIVACY_ETAG =
 
+SERVE = unix
+UNIXPATH_MODE = 666
 
 # Bank accounts used by the exchange should be specified here:
 [exchange-account-1]
 
-enable_credit = yes
-enable_debit = yes
+ENABLE_CREDIT = NO
+ENABLE_DEBIT = NO
 
 # Account identifier in the form of an RFC-8905 payto:// URI.
 # For SEPA, looks like payto://sepa/$IBAN?receiver-name=$NAME
 # Make sure to URL-encode spaces in $NAME!
-payto_uri =
+PAYTO_URI =
 
 # Credentials to access the account are in a separate
 # config file with restricted permissions.
-@inline-secret@ exchange-accountcredentials-1 ../secrets/exchange-accountcredentials.secret.conf
+@inline-secret@ exchange-accountcredentials-1 ../secrets/exchange-accountcredentials-1.secret.conf
+
+
+
diff --git a/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf b/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf
index 75c670f7..4ad7e06f 100644
--- a/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf
+++ b/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf
@@ -8,3 +8,6 @@
 
 # Only supported database is Postgres right now.
 DATABASE = postgres
+
+
+
diff --git a/debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials.secret.conf b/debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials-1.secret.conf
index 8c8d1432..8c8d1432 100644
--- a/debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials.secret.conf
+++ b/debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials-1.secret.conf
diff --git a/debian/etc-taler-exchange/taler/secrets/exchange-db.secret.conf b/debian/etc-taler-exchange/taler/secrets/exchange-db.secret.conf
index 596dcc92..a7a727b6 100644
--- a/debian/etc-taler-exchange/taler/secrets/exchange-db.secret.conf
+++ b/debian/etc-taler-exchange/taler/secrets/exchange-db.secret.conf
@@ -4,7 +4,7 @@
 
 # Typically, there should only be a single line here, of the form:
 
-CONFIG=postgres:///DATABASE
+# CONFIG=postgres:///DATABASE
 
 # The details of the URI depend on where the database lives and how
 # access control was configured.
diff --git a/debian/libtalerexchange-dev.install b/debian/libtalerexchange-dev.install
index e2197350..5d8edd3b 100644
--- a/debian/libtalerexchange-dev.install
+++ b/debian/libtalerexchange-dev.install
@@ -1,14 +1,23 @@
 # Benchmarks, only install them for the dev package.
 usr/bin/taler-aggregator-benchmark
+usr/bin/taler-bank-benchmark
 usr/bin/taler-exchange-benchmark
+usr/bin/taler-exchange-kyc-tester
 usr/bin/taler-fakebank-run
-usr/bin/taler-bank-benchmark
+usr/bin/taler-unified-setup.sh
 
 # Only used in test cases.  Maybe these
 # shouldn't even be installed?
-usr/bin/taler-nexus-prepare
 usr/bin/taler-bank-manage-testing
 
+# Man pages
+usr/share/man/man1/taler-exchange-kyc-tester*
+usr/share/man/man1/taler-aggregator-benchmark*
+usr/share/man/man1/taler-bank-benchmark*
+usr/share/man/man1/taler-exchange-benchmark*
+usr/share/man/man1/taler-unified-setup*
+
+
 # Headers
 usr/include/taler/*
 
@@ -22,5 +31,4 @@ usr/lib/*/libtalertesting.so
 usr/lib/*/libtalerfakebank.so
 
 # Documentation
-usr/share/man/man1/taler-exchange-benchmark*
 usr/share/info/taler-developer-manual*
diff --git a/debian/libtalerexchange.install b/debian/libtalerexchange.install
index 62dd84a6..56b69e6d 100644
--- a/debian/libtalerexchange.install
+++ b/debian/libtalerexchange.install
@@ -5,6 +5,6 @@ usr/share/taler/config.d/paths.conf
 usr/share/taler/config.d/taler.conf
 debian/etc-libtalerexchange/* etc/
 usr/bin/taler-config
-usr/bin/taler-crypto-worker
+usr/bin/taler-terms-generator
 usr/share/man/man5/taler.conf.5
 usr/share/man/man1/taler-config*
diff --git a/debian/libtalerexchange.postinst b/debian/libtalerexchange.postinst
new file mode 100644
index 00000000..40b4be06
--- /dev/null
+++ b/debian/libtalerexchange.postinst
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+set -e
+
+. /usr/share/debconf/confmodule
+
+case "${1}" in
+configure)
+
+  if ! dpkg-statoverride --list /etc/taler/taler.conf >/dev/null 2>&1; then
+    dpkg-statoverride --add --update \
+      root root 644 \
+      /etc/taler/taler.conf
+  fi
+
+  ;;
+
+abort-upgrade | abort-remove | abort-deconfigure) ;;
+
+*)
+  echo "postinst called with unknown argument \`${1}'" >&2
+  exit 1
+  ;;
+esac
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/rules b/debian/rules
index fa259625..aef4bf5f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -8,7 +8,7 @@ include /usr/share/dpkg/architecture.mk
 	dh ${@}
 
 override_dh_builddeb:
-    dh_builddeb -- -Zgzip
+	dh_builddeb -- -Zgzip
 
 override_dh_auto_configure-arch:
 	dh_auto_configure -- --disable-rpath --with-microhttpd=yes $(shell dpkg-buildflags --export=configure)
diff --git a/debian/taler-auditor.install b/debian/taler-auditor.install
index 0d7d941a..82941fb1 100644
--- a/debian/taler-auditor.install
+++ b/debian/taler-auditor.install
@@ -1,4 +1,5 @@
 usr/bin/taler-auditor
+usr/bin/taler-auditor-dbconfig
 usr/bin/taler-auditor-dbinit
 usr/bin/taler-auditor-exchange
 usr/bin/taler-auditor-httpd
diff --git a/debian/taler-auditor.postinst b/debian/taler-auditor.postinst
index 4e89be22..847e4aac 100644
--- a/debian/taler-auditor.postinst
+++ b/debian/taler-auditor.postinst
@@ -20,9 +20,10 @@ configure)
     adduser --quiet --system --ingroup ${_GROUPNAME} --no-create-home --home ${TALER_HOME} ${_USERNAME}
   fi
 
-  if ! dpkg-statoverride --list /etc/taler/secrets/auditor-db.secret.conf >/dev/null 2>&1; then
+  if ! dpkg-statoverride --list /etc/taler/secrets/auditor-db.secret.conf >/dev/null 2>&1
+  then
     dpkg-statoverride --add --update \
-      ${_USERNAME} ${_GROUPNAME} 660 \
+      ${_USERNAME} ${_GROUPNAME} 640 \
       /etc/taler/secrets/auditor-db.secret.conf
   fi
 
diff --git a/debian/taler-auditor.postrm b/debian/taler-auditor.postrm
index 752510e6..639e3241 100644
--- a/debian/taler-auditor.postrm
+++ b/debian/taler-auditor.postrm
@@ -6,9 +6,16 @@ if [ -f /usr/share/debconf/confmodule ]; then
   . /usr/share/debconf/confmodule
 fi
 
+_USERNAME=taler-auditor-httpd
+_GROUPNAME=taler-auditor-httpd
+
 case "${1}" in
 purge)
-  ;;
+    dpkg-statoverride --remove \
+      /etc/taler/secrets/auditor-db.secret.conf || true
+    deluser --system --quiet ${_USERNAME} || true
+    delgroup --only-if-empty --quiet ${_GROUPNAME} || true
+    ;;
 
 remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear) ;;
 *)
diff --git a/debian/taler-exchange-database.install b/debian/taler-exchange-database.install
index 56332366..da8b0dc4 100644
--- a/debian/taler-exchange-database.install
+++ b/debian/taler-exchange-database.install
@@ -1,5 +1,7 @@
+usr/bin/taler-exchange-dbconfig
 usr/bin/taler-exchange-dbinit
 usr/lib/*/taler/libtaler_plugin_exchange*.so
+usr/share/man/man1/taler-exchange-dbconfig.1
 usr/share/man/man1/taler-exchange-dbinit.1
 usr/share/taler/sql/exchange/*
 usr/share/taler/config.d/exchangedb.conf
diff --git a/debian/taler-exchange-offline.postinst b/debian/taler-exchange-offline.postinst
index e22ad592..337bfa5d 100644
--- a/debian/taler-exchange-offline.postinst
+++ b/debian/taler-exchange-offline.postinst
@@ -4,20 +4,21 @@ set -e
 
 . /usr/share/debconf/confmodule
 
-TALER_HOME="/var/lib/taler"
-
 case "${1}" in
 configure)
 
   if ! getent group taler-exchange-offline >/dev/null; then
-    addgroup --quiet --system taler-exchange-offline
+    addgroup --quiet taler-exchange-offline
   fi
 
   if ! getent passwd taler-exchange-offline >/dev/null; then
-    adduser --quiet --system \
+    adduser --quiet \
+      --disabled-password \
+      --system \
+      --shell /bin/bash \
+      --home /home/taler-exchange-offline \
       --ingroup taler-exchange-offline \
-      --no-create-home \
-      --home ${TALER_HOME} taler-exchange-offline
+      taler-exchange-offline
   fi
 
   ;;
diff --git a/debian/taler-exchange.install b/debian/taler-exchange.install
index 0af0788a..9c3cd8f4 100644
--- a/debian/taler-exchange.install
+++ b/debian/taler-exchange.install
@@ -1,6 +1,6 @@
 usr/bin/taler-exchange-aggregator
 usr/bin/taler-exchange-closer
-usr/bin/taler-exchange-dbinit
+usr/bin/taler-exchange-drain
 usr/bin/taler-exchange-expire
 usr/bin/taler-exchange-httpd
 usr/bin/taler-exchange-router
@@ -10,9 +10,11 @@ usr/bin/taler-exchange-secmod-rsa
 usr/bin/taler-exchange-transfer
 usr/bin/taler-exchange-wirewatch
 usr/bin/taler-exchange-wire-gateway-client
+usr/lib/*/taler/libtaler_plugin_kyclogic_*.so
+usr/lib/*/taler/libtaler_extension_*.so
 usr/share/man/man1/taler-exchange-aggregator*
 usr/share/man/man1/taler-exchange-closer*
-usr/share/man/man1/taler-exchange-dbinit*
+usr/share/man/man1/taler-exchange-drain*
 usr/share/man/man1/taler-exchange-expire*
 usr/share/man/man1/taler-exchange-httpd*
 usr/share/man/man1/taler-exchange-router*
@@ -26,9 +28,13 @@ usr/share/man/man1/taler-exchange-wire-gateway-client*
 usr/share/info/taler-bank*
 usr/share/info/taler-exchange*
 usr/share/taler/config.d/*
+usr/share/taler/exchange/templates/*.must
+usr/share/taler/exchange/spa/*
 
 # configuration files in /etc/taler
 debian/etc-taler-exchange/* etc/
 
-usr/share/taler/exchange/pp/*/*
-usr/share/taler/exchange/tos/*/*
+# Terms of service / privacy policy templates
+usr/share/taler/terms/*.rst
+# Translations of ToS/PP
+usr/share/locale/*/LC_MESSAGES/*.po
diff --git a/debian/taler-exchange.postinst b/debian/taler-exchange.postinst
index b68ee19f..6278dac1 100644
--- a/debian/taler-exchange.postinst
+++ b/debian/taler-exchange.postinst
@@ -30,6 +30,7 @@ configure)
   if ! getent passwd ${_EUSERNAME} >/dev/null; then
     adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_EUSERNAME}
     adduser --quiet ${_EUSERNAME} ${_DBGROUPNAME}
+    adduser --quiet ${_EUSERNAME} ${_GROUPNAME}
   fi
   if ! getent passwd ${_RSECUSERNAME} >/dev/null; then
     adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_RSECUSERNAME}
@@ -53,15 +54,15 @@ configure)
     adduser --quiet ${_AGGRUSERNAME} ${_DBGROUPNAME}
   fi
 
-  if ! dpkg-statoverride --list /etc/taler/secrets/exchange-accountcredentials.secret.conf >/dev/null 2>&1; then
+  if ! dpkg-statoverride --list /etc/taler/secrets/exchange-accountcredentials-1.secret.conf >/dev/null 2>&1; then
     dpkg-statoverride --add --update \
-      ${_WIREUSERNAME} root 460 \
-      /etc/taler/secrets/exchange-accountcredentials.secret.conf
+      ${_WIREUSERNAME} root 640 \
+      /etc/taler/secrets/exchange-accountcredentials-1.secret.conf
   fi
 
   if ! dpkg-statoverride --list /etc/taler/secrets/exchange-db.secret.conf >/dev/null 2>&1; then
     dpkg-statoverride --add --update \
-      root ${_DBGROUPNAME} 660 \
+      root ${_DBGROUPNAME} 640 \
       /etc/taler/secrets/exchange-db.secret.conf
   fi
 
diff --git a/debian/taler-exchange.postrm b/debian/taler-exchange.postrm
index 6488d268..9edf548a 100644
--- a/debian/taler-exchange.postrm
+++ b/debian/taler-exchange.postrm
@@ -2,6 +2,17 @@
 
 set -e
 
+_GROUPNAME=taler-exchange-secmod
+_DBGROUPNAME=taler-exchange-db
+_EUSERNAME=taler-exchange-httpd
+_CLOSERUSERNAME=taler-exchange-closer
+_CSECUSERNAME=taler-exchange-secmod-cs
+_RSECUSERNAME=taler-exchange-secmod-rsa
+_ESECUSERNAME=taler-exchange-secmod-eddsa
+_AGGRUSERNAME=taler-exchange-aggregator
+_WIREUSERNAME=taler-exchange-wire
+
+
 if [ -f /usr/share/debconf/confmodule ]; then
   . /usr/share/debconf/confmodule
 fi
@@ -9,6 +20,19 @@ fi
 case "${1}" in
 purge)
     rm -rf /var/lib/taler/exchange-offline /var/lib/taler/exchange-secmod-*
+    dpkg-statoverride --remove \
+       /etc/taler/secrets/exchange-accountcredentials-1.secret.conf || true
+    dpkg-statoverride --remove \
+                      /etc/taler/secrets/exchange-db.secret.conf || true
+    deluser --quiet --system ${_CSECUSERNAME} || true
+    deluser --quiet --system ${_RSECUSERNAME} || true
+    deluser --quiet --system ${_ESECUSERNAME} || true
+    deluser --quiet --system ${_AGGRUSERNAME} || true
+    deluser --quiet --system ${_WIREUSERNAME} || true
+    deluser --quiet --system ${_CLOSERUSERNAME} || true
+    deluser --quiet --system ${_EUSERNAME} || true
+    delgroup --only-if-empty --quiet ${_DBGROUPNAME} || true
+    delgroup --only-if-empty --quiet ${_GROUPNAME} || true
     ;;
 
 remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear)
diff --git a/debian/taler-exchange.taler-exchange-aggregator.service b/debian/taler-exchange.taler-exchange-aggregator.service
index aa4f32e3..246cad5c 100644
--- a/debian/taler-exchange.taler-exchange-aggregator.service
+++ b/debian/taler-exchange.taler-exchange-aggregator.service
@@ -1,12 +1,13 @@
 [Unit]
 Description=GNU Taler payment system exchange aggregator service
 PartOf=taler-exchange.target
+After=postgres.service
 
 [Service]
 User=taler-exchange-aggregator
 Type=simple
 Restart=always
-RestartSec=100ms
+RestartSec=1s
 ExecStart=/usr/bin/taler-exchange-aggregator -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
@@ -14,3 +15,4 @@ PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
+RuntimeMaxSec=3600s
diff --git a/debian/taler-exchange.taler-exchange-aggregator@.service b/debian/taler-exchange.taler-exchange-aggregator@.service
index aa4f32e3..bfc44a9a 100644
--- a/debian/taler-exchange.taler-exchange-aggregator@.service
+++ b/debian/taler-exchange.taler-exchange-aggregator@.service
@@ -6,7 +6,7 @@ PartOf=taler-exchange.target
 User=taler-exchange-aggregator
 Type=simple
 Restart=always
-RestartSec=100ms
+RestartSec=1s
 ExecStart=/usr/bin/taler-exchange-aggregator -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
@@ -14,3 +14,4 @@ PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
+RuntimeMaxSec=3600s
diff --git a/debian/taler-exchange.taler-exchange-closer.service b/debian/taler-exchange.taler-exchange-closer.service
index d3a654cc..97a385c1 100644
--- a/debian/taler-exchange.taler-exchange-closer.service
+++ b/debian/taler-exchange.taler-exchange-closer.service
@@ -1,12 +1,13 @@
 [Unit]
 Description=GNU Taler payment system exchange closer service
 PartOf=taler-exchange.target
+After=network.target postgres.service
 
 [Service]
 User=taler-exchange-closer
 Type=simple
 Restart=always
-RestartSec=100ms
+RestartSec=1s
 ExecStart=/usr/bin/taler-exchange-closer -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
@@ -14,3 +15,4 @@ PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
+RuntimeMaxSec=3600s
diff --git a/debian/taler-exchange.taler-exchange-expire.service b/debian/taler-exchange.taler-exchange-expire.service
index e4432f23..250f210f 100644
--- a/debian/taler-exchange.taler-exchange-expire.service
+++ b/debian/taler-exchange.taler-exchange-expire.service
@@ -1,12 +1,13 @@
 [Unit]
 Description=GNU Taler payment system exchange expire service
 PartOf=taler-exchange.target
+After=postgres.service
 
 [Service]
 User=taler-exchange-expire
 Type=simple
 Restart=always
-RestartSec=100ms
+RestartSec=1s
 ExecStart=/usr/bin/taler-exchange-expire -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
@@ -14,3 +15,4 @@ PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
+RuntimeMaxSec=3600s
diff --git a/debian/taler-exchange.taler-exchange-httpd.service b/debian/taler-exchange.taler-exchange-httpd.service
index 98d76f6f..3671bdc7 100644
--- a/debian/taler-exchange.taler-exchange-httpd.service
+++ b/debian/taler-exchange.taler-exchange-httpd.service
@@ -8,11 +8,19 @@ PartOf=taler-exchange.target
 [Service]
 User=taler-exchange-httpd
 Type=simple
-# Depending on the configuration, the service suicides and then
-# needs to be restarted.
+
+# Depending on the configuration, the service process kills itself and then
+# needs to be restarted. Thus no significant delay on restarts.
 Restart=always
-# Do not dally on restarts.
 RestartSec=1ms
+
+# Disable the service if more than 5 restarts are encountered within 5s.
+# These are usually the systemd defaults, but can be overwritten, thus we set
+# them here explicitly, as the exchange code assumes StartLimitInterval
+# to be >=5s.
+StartLimitBurst=5
+StartLimitInterval=5s
+
 ExecStart=/usr/bin/taler-exchange-httpd -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
diff --git a/debian/taler-exchange.taler-exchange-transfer.service b/debian/taler-exchange.taler-exchange-transfer.service
index c7187b30..e26af20d 100644
--- a/debian/taler-exchange.taler-exchange-transfer.service
+++ b/debian/taler-exchange.taler-exchange-transfer.service
@@ -1,13 +1,13 @@
 [Unit]
 Description=Taler Exchange Transfer Service
-After=network.target
+After=network.target postgres.service
 PartOf=taler-exchange.target
 
 [Service]
 User=taler-exchange-wire
 Type=simple
 Restart=always
-RestartSec=100ms
+RestartSec=1s
 ExecStart=/usr/bin/taler-exchange-transfer -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
@@ -15,3 +15,4 @@ PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
+RuntimeMaxSec=3600s
diff --git a/debian/taler-exchange.taler-exchange-wirewatch.service b/debian/taler-exchange.taler-exchange-wirewatch.service
index e4947214..7b74737b 100644
--- a/debian/taler-exchange.taler-exchange-wirewatch.service
+++ b/debian/taler-exchange.taler-exchange-wirewatch.service
@@ -1,13 +1,14 @@
 [Unit]
 Description=GNU Taler payment system exchange wirewatch service
-After=network.target
+After=network.target postgres.service
 PartOf=taler-exchange.target
 
 [Service]
 User=taler-exchange-wire
 Type=simple
 Restart=always
-RestartSec=100ms
+RestartSec=1s
+RuntimeMaxSec=3600s
 ExecStart=/usr/bin/taler-exchange-wirewatch -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
diff --git a/debian/taler-exchange.taler-exchange-wirewatch@.service b/debian/taler-exchange.taler-exchange-wirewatch@.service
index e4947214..85bb9268 100644
--- a/debian/taler-exchange.taler-exchange-wirewatch@.service
+++ b/debian/taler-exchange.taler-exchange-wirewatch@.service
@@ -7,7 +7,7 @@ PartOf=taler-exchange.target
 User=taler-exchange-wire
 Type=simple
 Restart=always
-RestartSec=100ms
+RestartSec=1s
 ExecStart=/usr/bin/taler-exchange-wirewatch -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
@@ -15,3 +15,4 @@ PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
+RuntimeMaxSec=3600s
diff --git a/debian/taler-exchange.tmpfiles b/debian/taler-exchange.tmpfiles
index 79554ccf..c2a79653 100644
--- a/debian/taler-exchange.tmpfiles
+++ b/debian/taler-exchange.tmpfiles
@@ -1,7 +1,8 @@
 #Type Path        Mode UID  GID  Age Argument
 d /run/taler/exchange-secmod-rsa 0755 taler-exchange-secmod-rsa taler-exchange-secmod  - -
+d /run/taler/exchange-secmod-cs 0755 taler-exchange-secmod-cs taler-exchange-secmod  - -
 d /run/taler/exchange-secmod-eddsa 0755 taler-exchange-secmod-eddsa taler-exchange-secmod  - -
 d /run/taler/exchange-httpd 0750 taler-exchange-httpd www-data  - -
-d /var/lib/taler/exchange-offline 0700 taler-exchange-offline taler-exchange-offline  - -
+d /var/lib/taler/exchange-secmod-cs 0700 taler-exchange-secmod-cs taler-exchange-secmod  - -
 d /var/lib/taler/exchange-secmod-rsa 0700 taler-exchange-secmod-rsa taler-exchange-secmod  - -
 d /var/lib/taler/exchange-secmod-eddsa 0700 taler-exchange-secmod-eddsa taler-exchange-secmod  - -