summaryrefslogtreecommitdiff
path: root/src/exchange/exchange.conf
blob: 7fe737b72e9710940fb913ab9947d17af944e9af (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
# This file is in the public domain.
#
[exchange]

# Where do we store the private keys the exchange needs at
# runtime? (Denomination and signing keys are then stored
# in respective subdirectories.)
KEYDIR = ${TALER_DATA_HOME}/exchange/live-keys/

# Directory where the exchange expects to find revocation
# certificates (and where taler-exchange-keyup will write them).
REVOCATION_DIR = ${TALER_DATA_HOME}/exchange/revocations/

# Master public key used to sign the exchange's various keys
# This must be adjusted to your actually installation.
# MASTER_PUBLIC_KEY = 98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG

# How long do we allow /keys to be cached at most? The actual
# limit is the minimum of this value and the first expected
# significant change in /keys based on the expiration times.
# Used to artifically reduce caching (addresses #5747).
MAX_KEYS_CACHING = forever

# How to access our database
DB = postgres

# Where do we store the offline master private key of the exchange?
MASTER_PRIV_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/master.priv


# Network configuration for the normal API/service HTTP server
# serve via tcp socket (on PORT)
SERVE = tcp

# Unix domain socket to listen on,
# only effective with "SERVE = unix"
UNIXPATH = ${TALER_RUNTIME_DIR}/exchange.http
UNIXPATH_MODE = 660

# HTTP port the exchange listens to
PORT = 8081

# Base URL of the exchange (public-facing).  Due to reverse proxies,
# this may or may not match our port or hostname at all and can thus
# not be determined automatically. Note that a globally reachable name
# is required, so 'localhost' will not work except for testing.
# Required for wire transfers as we need to include it in the wire
# transfers to enable tracking.
BASE_URL = http://localhost:8081/


# how long is one signkey valid?
SIGNKEY_DURATION = 4 weeks

# how long are the signatures with the signkey valid?
LEGAL_DURATION = 2 years

# how long do we generate denomination and signing keys
# ahead of time?
LOOKAHEAD_SIGN = 32 weeks 1 day

# how long do we provide to clients denomination and signing keys
# ahead of time?
LOOKAHEAD_PROVIDE = 4 weeks 1 day