ansible-taler-exchange

Ansible playbook to deploy a production Taler Exchange
Log | Files | Refs | Submodules | README | LICENSE

exchange-business.conf.j2 (2509B)

      1 # Configuration for business-level aspects of the exchange.
      2 
      3 [exchange]
      4 
      5 # Currency of this exchange.
      6 CURRENCY = {{ CURRENCY }}
      7 CURRENCY_ROUND_UNIT = {{ CURRENCY_ROUND_UNIT }}
      8 TINY_AMOUNT = {{ CURRENCY_ROUND_UNIT }}
      9 
     10 # Here you MUST add the master public key of the offline system
     11 # which you can get using `taler-exchange-offline setup`.
     12 MASTER_PUBLIC_KEY = {{ EXCHANGE_MASTER_PUB }}
     13 
     14 # Publicly visible base URL of the exchange.
     15 # BASE_URL = https://example.com/
     16 BASE_URL = {{ EXCHANGE_BASE_URL }}
     17 
     18 # Where to find accepting shops?
     19 SHOPPING_URL = {{ EXCHANGE_SHOPPING_URL }}
     20 
     21 AML_SPA_DIALECT = {{ EXCHANGE_SPA_DIALECT }}
     22 
     23 # Attribute encryption key for storing attributes encrypted
     24 # in the database. Should be a high-entropy nonce.
     25 ATTRIBUTE_ENCRYPTION_KEY = {{ EXCHANGE_ATTRIBUTE_ENCRYPTION_KEY }}
     26 
     27 # For your terms of service and privacy policy, you should specify
     28 # an Etag that must be updated whenever there are significant
     29 # changes to either document.  The format is up to you, what matters
     30 # is that the value is updated and never re-used. See the HTTP
     31 # specification on Etags.
     32 TERMS_ETAG = {{ EXCHANGE_TERMS_ETAG }}
     33 PRIVACY_ETAG = {{ EXCHANGE_PP_ETAG }}
     34 
     35 {% if DEPLOYMENT_KIND == "gls" %}
     36 BANK_COMPLIANCE_LANGUAGE = gls
     37 {% endif %}
     38 
     39 
     40 # Bank accounts used by the exchange should be specified here:
     41 [exchange-account-primary]
     42 
     43 ENABLE_CREDIT = YES
     44 ENABLE_DEBIT = YES
     45 
     46 # Account identifier in the form of an RFC-8905 payto:// URI.
     47 # For SEPA, looks like payto://sepa/$IBAN?receiver-name=$NAME
     48 # Make sure to URL-encode spaces in $NAME!
     49 PAYTO_URI = {{ EXCHANGE_BANK_ACCOUNT_PAYTO }}
     50 
     51 WIRE_METHOD = iban
     52 
     53 {% if SANCTION_LIST is defined %}
     54 [exchange-sanctionscheck]
     55 RATER_COMMAND = /usr/bin/robocop /var/lib/taler-exchange/{{ SANCTION_LIST }}
     56 
     57 # Name where we store the sanctions check offset.
     58 MIN_ROW_FILENAME = ${HOME}/.cache/sanctionscheck-offset.bin
     59 {% endif %}
     60 
     61 # Credentials to access the account are in a separate
     62 # config file with restricted permissions.
     63 @inline-secret@ exchange-accountcredentials-primary ../secrets/exchange-accountcredentials-primary.secret.conf
     64 
     65 # Credentials to access KYC providers are in separate
     66 # config files with restricted permissions.
     67 @inline-secret@ kyc-provider-kycaid-individual ../secrets/exchange-kyc-provider-individual.secret.conf
     68 @inline-secret@ kyc-provider-kycaid-business ../secrets/exchange-kyc-provider-business.secret.conf
     69 
     70 {% if RESERVE_CLOSING_DELAY is defined %}
     71 [exchangedb]
     72 IDLE_RESERVE_EXPIRATION_TIME = {{ RESERVE_CLOSING_DELAY }}
     73 {% endif %}