summaryrefslogtreecommitdiff
path: root/src/exchange/exchange.conf
blob: 3bcea08fb5d32d89c9eb60f661f00057b461c225 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# This file is in the public domain.
#
[exchange]

# Master public key used to sign the exchange's various keys
# This must be adjusted to your actual installation.
# MASTER_PUBLIC_KEY = 98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG

# How long do we allow /keys to be cached at most? The actual
# limit is the minimum of this value and the first expected
# significant change in /keys based on the expiration times.
# Used to artificially reduce caching (addresses #5747).
MAX_KEYS_CACHING = forever

# After how many requests should the exchange auto-restart
# (to address potential issues with memory fragmentation)?
# If this option is not specified, auto-restarting is disabled.
# MAX_REQUESTS = 10000000

# How to access our database
DB = postgres

# Network configuration for the normal API/service HTTP server
# serve via tcp socket (on PORT)
SERVE = tcp

# Unix domain socket to listen on,
# only effective with "SERVE = unix"
UNIXPATH = ${TALER_RUNTIME_DIR}/exchange-httpd/exchange-http.sock
UNIXPATH_MODE = 660

# HTTP port the exchange listens to
PORT = 8081

# Base URL of the exchange (public-facing).  Due to reverse proxies,
# this may or may not match our port or hostname at all and can thus
# not be determined automatically. Note that a globally reachable name
# is required, so 'localhost' will not work except for testing.
# Required for wire transfers as we need to include it in the wire
# transfers to enable tracking.
BASE_URL = http://localhost:8081/


# How long should the aggregator sleep if it has nothing to do?
AGGREGATOR_IDLE_SLEEP_INTERVAL = 60 s

# How long should the transfer tool
# sleep if it has nothing to do?
TRANSFER_IDLE_SLEEP_INTERVAL = 60 s

# How long should the closer tool
# sleep if it has nothing to do?
CLOSER_IDLE_SLEEP_INTERVAL = 60 s

# Values of 0 or above 2^31 disable sharding, which
# is a sane default for most use-cases.
# When changing this value, you MUST stop all
# aggregators and manually run
#
# $ taler-exchange-dbinit -s
#
# against the exchange's database. Otherwise, the
# aggregation logic will break badly!
AGGREGATOR_SHARD_SIZE = 2147483648

# How long should wirewatch sleep if it has nothing to do?
# (Set very aggressively here for the demonstrators to be
# super fast.)
WIREWATCH_IDLE_SLEEP_INTERVAL = 1 s

# how long are the signatures with the signkey valid?
SIGNKEY_LEGAL_DURATION = 2 years

# Directory with our terms of service.
TERMS_DIR = $DATADIR/exchange/tos/

# Etag / filename for the terms of service.
TERMS_ETAG = 0

# Directory with our privacy policy.
PRIVACY_DIR = $DATADIR/exchange/pp/

# Etag / filename for the privacy policy.
PRIVACY_ETAG = 0

# Set to NONE to disable KYC checks.
# Set to "OAUTH2" to use OAuth 2.0 for KYC authorization.
KYC_MODE = NONE

# Balance threshold above which wallets are told
# to undergo a KYC check at the exchange. Optional,
# if not given there is no limit.
# KYC_WALLET_BALANCE_LIMIT = 150:CURRENCY

[exchange-kyc-oauth2]

# URL of the OAuth endpoint for KYC checks
# KYC_OAUTH2_URL =

# KYC Oauth client ID.
# KYC_OAUTH2_CLIENT_ID =

# KYC Client secret used to obtain access tokens.
# KYC_OAUTH2_CLIENT_SECRET =

# Where to redirect clients after successful
# authorization?
# KYC_OAUTH_POST_URL = https://bank.com/