ansible-taler-exchange

Ansible playbook to deploy a production Taler Exchange
Log | Files | Refs | Submodules | README | LICENSE

test-public.yml (4308B)

      1 # What environment are we deploying?
      2 DEPLOYMENT_KIND: "tops"
      3 # Public variables for a "test" deployment
      4 # Deploy challenger?
      5 deploy_challenger: true
      6 # Disable restore from backup? MUST be set to "false" once in production!
      7 # This forces a backup to be provided *if* there is no database on the
      8 # target system already. If such a database exists, we will NOT restore
      9 # any backup even if this is 'false'. If no database exists on the target
     10 # system and this option is 'false', then a backup must have been provided
     11 # at the originating host (you get get it using the 'restore.sh' script).
     12 DISABLE_RESTORE_BACKUP: true
     13 # Main domain name.
     14 domain_name: "stage.taler-ops.ch"
     15 exchange_domain: "exchange.{{ domain_name }}"
     16 # Our internal hostname
     17 TARGET_HOST_NAME: "rusty.taler-ops.ch"
     18 # Suite for taler packages.
     19 taler_repo_suites: trixie-testing
     20 # Deploy EBICS configuration (true/false).
     21 use_ebics: false
     22 # Our currency.
     23 CURRENCY: CHF
     24 # Smallest unit of the currency for wire transfers.
     25 CURRENCY_ROUND_UNIT: "CHF:0.01"
     26 # Sanction list to use, comment out to disable
     27 SANCTION_LIST: sanctions-swiss.json
     28 # Base URL of the exchange REST API
     29 EXCHANGE_BASE_URL: "https://exchange.{{ domain_name }}/"
     30 # Base URL of the auditor REST API
     31 AUDITOR_BASE_URL: "https://auditor.{{ domain_name }}/"
     32 # Exchange offline master public key.
     33 EXCHANGE_MASTER_PUB: GT1ZRF6DT4RAETDEGW3KTWRH15RAKH9T0TK6ZJEYFGRX18B54AK0
     34 # Auditor offline public key.
     35 AUDITOR_PUB: P6B7ZS7Y1Y12S0VP0PAJ1GQGSHW8RE4NSBTP8PR254J18SK24MH0
     36 # URL with merchants accepting this exchange.
     37 EXCHANGE_SHOPPING_URL: "https://shops.taler-ops.ch/"
     38 # Name of Terms of service resource file
     39 EXCHANGE_TERMS_ETAG: "exchange-tos-v0"
     40 # Name of Privacy policy resource file
     41 EXCHANGE_PP_ETAG: "exchange-pp-v0"
     42 # Full BIC of exchange account
     43 EXCHANGE_BANK_ACCOUNT_BIC: "MAEBCHZZ"
     44 # Full Payto URI of exchange account (for credit and debit)
     45 EXCHANGE_BANK_ACCOUNT_IBAN: "CH6808573105529100001"
     46 # Full Payto URI of exchange account (for credit and debit)
     47 EXCHANGE_BANK_ACCOUNT_PAYTO: "payto://iban/{{ EXCHANGE_BANK_ACCOUNT_IBAN }}?receiver-name=Taler+Operations+AG"
     48 # Port to be used by libeufin-nexus for the taler-exchange-wire-gateway
     49 LIBEUFIN_PORT: 8082
     50 # Name of the exchange account at libeufin-nexus
     51 LIBEUFIN_EXCHANGE_ACCOUNT: "exchange"
     52 # Name of the bank dialect
     53 LIBEUFIN_NEXUS_BANK_DIALECT: "maerki_baumann"
     54 # SPA dialect (tops, gls, magnet, ...)
     55 EXCHANGE_SPA_DIALECT: "tops"
     56 # Business name of the exchange operator
     57 EXCHANGE_OPERATOR_LEGAL_NAME: "Taler Operations AG"
     58 # Where to send people after they passed KYC.
     59 KYC_THANK_YOU_URL: https://taler-ops.ch/thank-you-kyc
     60 # Template to use for identification of individuals with KYCAID
     61 KYCAID_TEMPLATE_INDIVIDUAL: tmpl_xxx
     62 # Template to use for identification of businesses with KYCAID
     63 KYCAID_TEMPLATE_BUSINESS: tmpl_xxx
     64 # Regex specifying allowed phone numbers for the SMS check
     65 EXCHANGE_AML_PROGRAM_TOPS_SMS_HINT: "Swiss number required"
     66 EXCHANGE_AML_PROGRAM_TOPS_SMS_EXAMPLE: "+41948224521"
     67 EXCHANGE_AML_PROGRAM_TOPS_SMS_REGEX: "\\\\+41[0-9]+"
     68 # Regex specifying allowed country names for the postal address check
     69 EXCHANGE_AML_PROGRAM_TOPS_POSTAL_COUNTRY_HINT: "Swiss address required"
     70 EXCHANGE_AML_PROGRAM_TOPS_POSTAL_EXAMPLE: "Max Mustermann\\nBahnhofsplatz 1\\n4201 Biel/Bienne"
     71 EXCHANGE_AML_PROGRAM_TOPS_POSTAL_COUNTRY_REGEX: "CH|Ch|ch"
     72 # Tool to use for sanction list checking
     73 EXCHANGE_SANCTION_HELPER: taler-exchange-helper-sanctions-dummy
     74 
     75 # If set to true, set up an additional user to allow faking wire transfers and
     76 # inspecting challenger auth codes.
     77 # This setting MUST NOT be enabled in production
     78 # deployments under any circumstance.
     79 dangerously_enable_devtesting: true
     80 
     81 devtesting_ssh_keys:
     82   - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINHSjJ/zPwQnqBrKp0qK+OdsZYfQ8DHY2dyJakNozBi7 fdold-work@sapota"
     83   - "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAoXKfSbPriOPoFRR+lMAJszH0/7jaPZOxdg85/URlRbe0ljm8fxbVmup1EjGPuKKJkyYqJIqGQCRHPNYeBt05APXYEO+4d5WAuPY6QOiTFGxB5RueWHAjFM5LVKtBH9Ozln+ngjeXlID48ueuBY2LO24hRuZtRmHYKN1AwQNA2XKtjteKINx99ljm3uwVV9IDYAJkRWKllolLrSFfqK6CHDS/IqlMNp3qNNhNXEW+/Vm5kMUPzKvhPXH/OsFr2KyKaO/+zVXptwje9imtaYaD5iEuRbEfP+6OsCKKpIlp6kyfOUPLuxK+RQfDRY3pyHeCKGriv3DGUpCYqtFVZlmsww== stibane@feh.com"
     84   - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPzMFKrnSNsRwS6eBInPx4WrJipQvsxFKNN48TGwXewb avalos@thinkpad"