ansible-taler-exchange

Ansible playbook to deploy a production Taler Exchange
Log | Files | Refs | Submodules | README | LICENSE
ModeNameSize
-rw-r--r--.ansible-lint9L
-rw-r--r--.gitignore17L
-rw-r--r--.gitmodules3L
-rw-r--r--COPYING661L
-rw-r--r--Containerfile26L
-rw-r--r--README236L
-rw-r--r--TIPS.md11L
-rw-r--r--TODO3L
-rw-r--r--ansible.cfg15L
-rwxr-xr-xbackup.sh16L
-rw-r--r--contrib/ci/Containerfile7L
-rwxr-xr-xcontrib/ci/ci.sh44L
-rwxr-xr-xcontrib/ci/jobs/001-build/build.sh44L
-rwxr-xr-xcontrib/ci/jobs/001-build/job.sh6L
-rwxr-xr-xcontrib/decrypt30L
-rwxr-xr-xcontrib/encrypt21L
-rwxr-xr-xdeploy.sh19L
-rwxr-xr-xextract-borg-key.sh12L
-rw-r--r--inventories/default20L
-rw-r--r--inventories/group_vars/all/defaults.yml30L
-rw-r--r--inventories/group_vars/testing/test-public.yml59L
-rw-r--r--inventories/group_vars/testing/test-secrets.yml31L
-rw-r--r--inventories/host_vars/fdold-acai-gls/prod-secrets.yml.gpg1166B
-rw-r--r--inventories/host_vars/fdold-acai-gls/test-public.yml63L
-rw-r--r--inventories/host_vars/fdold-acai-tops/test-public.yml71L
-rw-r--r--inventories/host_vars/fdold-acai-tops/test-secrets.yml31L
-rw-r--r--inventories/host_vars/fdold-guava-glsint/prod-secrets.yml.gpg1346B
-rw-r--r--inventories/host_vars/fdold-guava-glsint/test-public.yml73L
-rw-r--r--inventories/host_vars/podman-localhost/test-public.yml59L
-rw-r--r--inventories/host_vars/podman-localhost/test-secrets.yml29L
-rw-r--r--inventories/host_vars/rusty/.gitignore1L
-rw-r--r--inventories/host_vars/rusty/test-public.yml84L
-rw-r--r--inventories/host_vars/rusty/test-secrets.yml.gpg2446B
-rw-r--r--inventories/host_vars/spec/vars.yml118L
-rw-r--r--inventories/host_vars/spec/vault.yml88L
-rw-r--r--inventories/host_vars/taler-gls-test-01/config.yml108L
-rw-r--r--local.yml12L
-rw-r--r--playbooks/backup.yml6L
-rw-r--r--playbooks/borg-ssh-export.yml8L
-rw-r--r--playbooks/borg-start.yml11L
-rw-r--r--playbooks/pixel-borg.yml6L
-rw-r--r--playbooks/reboot.yml7L
-rw-r--r--playbooks/sanctionlist-check.yml6L
-rw-r--r--playbooks/setup.yml28L
-rwxr-xr-xreboot.sh15L
-rwxr-xr-xrestore.sh36L
-rw-r--r--roles/ansible_pull/tasks/main.yml60L
-rw-r--r--roles/ansible_pull/templates/ansible-on-boot.service12L
-rw-r--r--roles/ansible_pull/templates/ansible-pull.sh33L
-rw-r--r--roles/ansible_pull/templates/pull.fact13L
-rw-r--r--roles/ansible_pull/vars/main.yaml1L
-rw-r--r--roles/auditor/tasks/main.yml134L
-rw-r--r--roles/auditor/templates/etc/nginx/sites-available/auditor-http.conf.j214L
-rw-r--r--roles/auditor/templates/etc/nginx/sites-available/auditor-nginx.conf.j249L
-rw-r--r--roles/auditor/templates/etc/taler-auditor/conf.d/taler-auditor-master.conf.j233L
l---------roles/auditor/templates/etc/taler-auditor/secrets/auditor-accountcredentials-primary.secret.conf.j21L
-rw-r--r--roles/backup/handlers/main.yml4L
-rw-r--r--roles/backup/tasks/main.yml12L
-rw-r--r--roles/borg-ssh-export/tasks/main.yml30L
-rw-r--r--roles/borg-start/tasks/main.yml46L
-rw-r--r--roles/borg-start/templates/root/.ssh/config6L
-rw-r--r--roles/borg-start/templates/root/bin/borg-backup.sh91L
-rw-r--r--roles/cert/tasks/main.yml71L
-rw-r--r--roles/challenger/files/etc/challenger/email-message-template.txt1L
-rw-r--r--roles/challenger/files/etc/challenger/postal-message-template.txt20L
-rw-r--r--roles/challenger/files/etc/challenger/sms-message-template.txt1L
-rw-r--r--roles/challenger/files/etc/systemd/system/email-challenger-httpd.service19L
-rw-r--r--roles/challenger/files/etc/systemd/system/postal-challenger-httpd.service21L
-rw-r--r--roles/challenger/files/etc/systemd/system/sms-challenger-httpd.service21L
-rw-r--r--roles/challenger/files/etc/taler-exchange/conf.d/challenger.conf6L
-rw-r--r--roles/challenger/tasks/main.yml8L
-rw-r--r--roles/challenger/tasks/post-exchange.yml39L
-rw-r--r--roles/challenger/tasks/pre-exchange.yml358L
-rw-r--r--roles/challenger/templates/etc/challenger/challenger-email.conf.j245L
-rw-r--r--roles/challenger/templates/etc/challenger/challenger-postal.conf.j245L
-rw-r--r--roles/challenger/templates/etc/challenger/challenger-sms.conf.j239L
-rw-r--r--roles/challenger/templates/etc/challenger/postal-challenger.env.j26L
-rw-r--r--roles/challenger/templates/etc/challenger/sms-challenger.env.j29L
-rw-r--r--roles/challenger/templates/etc/nginx/conf.d/challenger-tls.conf.inc11L
-rw-r--r--roles/challenger/templates/etc/nginx/sites-available/email-challenger-http.conf.j215L
-rw-r--r--roles/challenger/templates/etc/nginx/sites-available/email-challenger-nginx.conf.j227L
-rw-r--r--roles/challenger/templates/etc/nginx/sites-available/postal-challenger-http.conf.j214L
-rw-r--r--roles/challenger/templates/etc/nginx/sites-available/postal-challenger-nginx.conf.j227L
-rw-r--r--roles/challenger/templates/etc/nginx/sites-available/sms-challenger-http.conf.j214L
-rw-r--r--roles/challenger/templates/etc/nginx/sites-available/sms-challenger-nginx.conf.j227L
-rw-r--r--roles/challenger/templates/etc/taler-exchange/secrets/challenger-email.secret.conf.j212L
-rw-r--r--roles/challenger/templates/etc/taler-exchange/secrets/challenger-postal.secret.conf.j212L
-rw-r--r--roles/challenger/templates/etc/taler-exchange/secrets/challenger-sms.secret.conf.j212L
-rw-r--r--roles/common_packages/files/dhparam_pregenerated.pem13L
-rw-r--r--roles/common_packages/files/etc/apt/keyrings/taler-systems-nightly.gpg1773B
-rw-r--r--roles/common_packages/files/etc/apt/keyrings/taler-systems.gpg1756B
-rw-r--r--roles/common_packages/files/etc/apt/preferences.d/limit-taler-repo3L
-rwxr-xr-xroles/common_packages/files/setup-challenger-client-id-fact23L
-rwxr-xr-xroles/common_packages/files/setup-secret-fact19L
-rw-r--r--roles/common_packages/tasks/main.yml128L
l---------roles/database/files/postgres-backup.sql.gz1L
-rw-r--r--roles/database/handlers/main.yml4L
-rw-r--r--roles/database/tasks/main.yml90L
-rw-r--r--roles/devtesting/tasks/files/etc/sudoers.d/devtesting1L
-rw-r--r--roles/devtesting/tasks/files/taler-devtesting111L
-rw-r--r--roles/devtesting/tasks/main.yml53L
-rw-r--r--roles/devtesting/tasks/templates/authorized_keys3L
-rw-r--r--roles/exchange-sanctionlist-import/tasks/main.yml31L
-rw-r--r--roles/exchange/defaults/main.yml1L
-rw-r--r--roles/exchange/files/var/lib/taler-exchange/sanctions-swiss.json179782L
-rw-r--r--roles/exchange/handlers/main.yml11L
-rw-r--r--roles/exchange/tasks/main.yml159L
-rw-r--r--roles/exchange/templates/etc/nginx/sites-available/exchange-http.conf.j214L
-rw-r--r--roles/exchange/templates/etc/nginx/sites-available/exchange-nginx.conf.j246L
-rw-r--r--roles/exchange/templates/etc/taler-exchange/conf.d/exchange-business.conf.j273L
-rw-r--r--roles/exchange/templates/etc/taler-exchange/secrets/exchange-accountcredentials-primary.secret.conf.j24L
l---------roles/exchange_gls1L
-rw-r--r--roles/exchange_tops/tasks/main.yml100L
-rw-r--r--roles/exchange_tops/templates/etc/taler-exchange/conf.d/denominations.conf.j2230L
-rw-r--r--roles/exchange_tops/templates/etc/taler-exchange/conf.d/kyc-rules.conf426L
-rw-r--r--roles/exchange_tops/templates/etc/taler-exchange/secrets/exchange-kyc-provider-business.secret.conf.j28L
-rw-r--r--roles/exchange_tops/templates/etc/taler-exchange/secrets/exchange-kyc-provider-individual.secret.conf.j28L
-rw-r--r--roles/exchange_tops/templates/etc/taler-exchange/taler-exchange.env.j29L
-rw-r--r--roles/libeufin-nexus/files/etc/sudoers.d/libeufin-nexus-export1L
-rw-r--r--roles/libeufin-nexus/files/etc/sudoers.d/libeufin-nexus-import1L
-rw-r--r--roles/libeufin-nexus/files/home/libeufin-nexus-export/.ssh/authorized_keys3L
-rw-r--r--roles/libeufin-nexus/files/home/libeufin-nexus-import/.ssh/authorized_keys3L
-rw-r--r--roles/libeufin-nexus/files/usr/local/bin/libeufin-nexus-export.sh2L
-rw-r--r--roles/libeufin-nexus/files/usr/local/bin/libeufin-nexus-import.sh2L
-rw-r--r--roles/libeufin-nexus/tasks/main.yml237L
-rw-r--r--roles/libeufin-nexus/templates/etc/libeufin/libeufin-nexus-ebics.conf.j216L
-rw-r--r--roles/libeufin-nexus/templates/etc/libeufin/libeufin-nexus.conf.j257L
-rw-r--r--roles/monitoring/files/etc/apt/keyrings/grafana.gpg1758B
-rw-r--r--roles/monitoring/files/etc/default/alloy9L
-rw-r--r--roles/monitoring/files/etc/default/prometheus5L
-rw-r--r--roles/monitoring/files/etc/default/prometheus-alertmanager5L
-rw-r--r--roles/monitoring/files/etc/default/prometheus-nginx-exporter69L
-rw-r--r--roles/monitoring/files/etc/default/prometheus-node-exporter5L
-rw-r--r--roles/monitoring/files/etc/default/prometheus-postgres-exporter13L
-rw-r--r--roles/monitoring/files/etc/keyrings/grafana.gpg1758B
-rw-r--r--roles/monitoring/files/etc/prometheus/alert_rules.yml29L
-rw-r--r--roles/monitoring/files/etc/prometheus/node-exporter-rules.yml311L
-rw-r--r--roles/monitoring/files/etc/prometheus/prometheus.yml57L
-rw-r--r--roles/monitoring/handlers/main.yml15L
-rw-r--r--roles/monitoring/tasks/main.yml232L
-rw-r--r--roles/monitoring/templates/etc/alloy/config.alloy337L
-rw-r--r--roles/monitoring/templates/etc/nginx/sites-available/monitoring-http.conf.j214L
-rw-r--r--roles/monitoring/templates/etc/nginx/sites-available/monitoring-nginx.conf.j2102L
-rw-r--r--roles/monitoring/templates/etc/prometheus/alertmanager.yml88L
-rw-r--r--roles/pixel_borg/files/home/borg/.ssh/authorized_keys1L
-rw-r--r--roles/pixel_borg/tasks/main.yml62L
-rw-r--r--roles/reboot/tasks/main.yml7L
-rw-r--r--roles/stop_services/tasks/main.yml41L
-rw-r--r--roles/webserver/files/etc/nginx/conf.d/log-format-apm.conf27L
-rw-r--r--roles/webserver/handlers/main.yml5L
-rw-r--r--roles/webserver/tasks/main.yml67L
-rwxr-xr-xsanction-check.sh25L
-rwxr-xr-xsetup-pixel-borg.sh19L
-rwxr-xr-xstage-activate.sh18L
-rw-r--r--stage-offline.conf10L
-rwxr-xr-xstart-borg-backups.sh23L
m---------taler-gls-deployment @ 0f755c8
-rw-r--r--test-master.priv32B
-rwxr-xr-xtest.sh27L
-rw-r--r--tops.conf37L
-rw-r--r--vault_pass.txt.gpg896B