summaryrefslogtreecommitdiff
path: root/src/exchange/exchange.conf
blob: 58e57c82ecd675cd1ddca8bdb15a4de9397f9c69 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# This file is in the public domain.
#
[exchange]

# Master public key used to sign the exchange's various keys
# This must be adjusted to your actual installation.
# MASTER_PUBLIC_KEY = 98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG

# How long do we allow /keys to be cached at most? The actual
# limit is the minimum of this value and the first expected
# significant change in /keys based on the expiration times.
# Used to artificially reduce caching (addresses #5747).
MAX_KEYS_CACHING = forever

# After how many requests should the exchange auto-restart
# (to address potential issues with memory fragmentation)?
# If this option is not specified, auto-restarting is disabled.
# MAX_REQUESTS = 10000000

# How to access our database
DB = postgres

# Network configuration for the normal API/service HTTP server
# serve via tcp socket (on PORT)
SERVE = tcp

# Unix domain socket to listen on,
# only effective with "SERVE = unix"
UNIXPATH = ${TALER_RUNTIME_DIR}/exchange-httpd/exchange-http.sock
UNIXPATH_MODE = 660

# HTTP port the exchange listens to
PORT = 8081

# Base URL of the exchange (public-facing).  Due to reverse proxies,
# this may or may not match our port or hostname at all and can thus
# not be determined automatically. Note that a globally reachable name
# is required, so 'localhost' will not work except for testing.
# Required for wire transfers as we need to include it in the wire
# transfers to enable tracking.
BASE_URL = http://localhost:8081/

# Maximum number of requests this process should handle before
# committing suicide.
# MAX_REQUESTS =

# How long should the aggregator sleep if it has nothing to do?
AGGREGATOR_IDLE_SLEEP_INTERVAL = 60 s

# FIXME: document!
ROUTER_IDLE_SLEEP_INTERVAL = 60 s

# How big is an individual shard to be processed
# by taler-exchange-expire (in time).  It may take
# this much time for an expired purse to be really
# cleaned up and the coins refunded.
EXPIRE_SHARD_SIZE = 1 h

# How long should the transfer tool
# sleep if it has nothing to do?
TRANSFER_IDLE_SLEEP_INTERVAL = 60 s

# How long should the closer tool
# sleep if it has nothing to do?
CLOSER_IDLE_SLEEP_INTERVAL = 60 s

# Values of 0 or above 2^31 disable sharding, which
# is a sane default for most use-cases.
# When changing this value, you MUST stop all
# aggregators and manually run
#
# $ taler-exchange-dbinit -s
#
# against the exchange's database. Otherwise, the
# aggregation logic will break badly!
AGGREGATOR_SHARD_SIZE = 2147483648

# Values of 0 or above 2^31 disable sharding, which
# is a sane default for most use-cases.
# When changing this value, you MUST stop all
# aggregators and manually run
#
# $ taler-exchange-dbinit -s
#
# against the exchange's database. Otherwise, the
# aggregation logic will break badly!
ROUTER_SHARD_SIZE = 2147483648

# How long should wirewatch sleep if it has nothing to do?
# (Set very aggressively here for the demonstrators to be
# super fast.)
WIREWATCH_IDLE_SLEEP_INTERVAL = 1 s

# how long are the signatures with the signkey valid?
SIGNKEY_LEGAL_DURATION = 2 years

# Directory with our terms of service.
TERMS_DIR = $DATADIR/exchange/tos/

# Etag / filename for the terms of service.
TERMS_ETAG = 0

# Directory with our privacy policy.
PRIVACY_DIR = $DATADIR/exchange/pp/

# Etag / filename for the privacy policy.
PRIVACY_ETAG = 0

# Set to NONE to disable KYC checks.
# Set to "OAUTH2" to use OAuth 2.0 for KYC authorization.
KYC_MODE = NONE

# Balance threshold above which wallets are told
# to undergo a KYC check at the exchange. Optional,
# if not given there is no limit.
# KYC_WALLET_BALANCE_LIMIT = CURRENCY:150
#
# KYC_WITHDRAW_PERIOD = 1 month

[exchange-kyc-oauth2]

# URL of the OAuth endpoint for KYC checks
# KYC_OAUTH2_URL =

# URL of the "information" endpoint for KYC checks
# KYC_INFO_URL =

# KYC Oauth client ID.
# KYC_OAUTH2_CLIENT_ID =

# KYC Client secret used to obtain access tokens.
# KYC_OAUTH2_CLIENT_SECRET =

# Where to redirect clients after successful
# authorization?
# KYC_OAUTH2_POST_URL = https://bank.com/