taler-docs

challenger.conf.5.rst (4264B)

---

 challenger.conf(5)
 ##################
 
 .. only:: html
 
    Name
    ====
 
    **challenger.conf** - Challenger configuration file
 
 
 Description
 ===========
 
 .. include:: ../frags/common-conf-syntax.rst
 
 Files containing default values for many of the options described below
 are installed under ``$PREFIX/share/challenger/config.d/``.
 The configuration file given with **-c** to Challenger binaries
 overrides these defaults.
 
 A configuration file may include another, by using the ``@INLINE@`` directive,
 for example, in ``main.conf``, you could write ``@INLINE@ sub.conf`` to
 include the entirety of ``sub.conf`` at that point in ``main.conf``.
 
 Be extra careful when using ``challenger-config -V VALUE`` to change configuration
 values: it will destroy all uses of ``@INLINE@`` and furthermore remove all
 comments from the configuration file!
 
 
 GLOBAL OPTIONS
 --------------
 
 The following options are from the “[challenger]” section.
 This is normally the only section in a challenger.conf file.
 
 SERVE
   Should the HTTP server listen on a UNIX domain socket (set option to "unix"), or on a TCP socket (set option to "tcp"), or be activated via systemd (set option to "systemd").
 
 PORT
   Port on which the HTTP server listens, e.g. 9967.
   Only used if ``SERVE`` is ``tcp``.
 
 BIND_TO
   Which IP address should we bind to?  E.g. ``127.0.0.1`` or ``::1``
   for loopback.  Can also be given as a hostname.  We will bind to
   the wildcard (dual-stack) if left empty.
   Only used if ``SERVE`` is ``tcp``.
 
 UNIXPATH
   Which unix domain path should we bind to?
   Only used if ``SERVE`` is ``unix``.
 
 UNIXPATH_MODE = 660
   What should be the file access permissions for ``UNIXPATH``?
   Only used if ``SERVE`` is ``unix``.
 
 DB
   Plugin to use for the database, e.g. “postgres”.
 
 VALIDATION_DURATION
   How long is a validation challenge valid. After this time period, a fresh random challenge code will be generated and the retry limit counter (against guessing attacks) will be reset (to 3).
 
 VALIDATION_EXPIRATION
   How long is a validation allowed to take (time from
   ``/setup`` to ``/token``). After this time, the garbage collection process can delete all associated data. (Note that tokens will always allow access to 1h after they have been issued, regardless of when the validation expires).
 
 AUTH_COMMAND
   Which command should we execute to transmit the challenge code to the address. The address is given as the first argument, while the message to send is provided on stdin. Templates (possibly without the necessary credentials) for such commands are provided as challenger-send-email.sh, challenger-send-post.sh and challenger-send-sms.sh.
 
 ADDRESS_TYPE
   Type of the address that is being collected, returned as part of the ``address_type`` in the ``/info`` endpoint. Examples include ``email`` or ``phone``.
 
 ADDRESS_HINT
   Hint to show to users for entering the address. Should be an example address in the right format.
 
 ADDRESS_RESTRICTIONS
   JSON object with a map of keys (names of the fields of the address to be entered by the user) to objects with a "regex" (string) containing an extended Posix regular expression for allowed address field values, and a "hint"/"hint_i18n" giving a human-readable explanation to display if the value entered by the user does not match the regex. Keys that are not mapped to such an object have no restriction on the value provided by the user. Examples would be '{"email":{"hint":"valid e-mail address required","regex":"^[a-zA-Z0-9\_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$"}' or '{"zip":{"hint":"numeric zip code required","regex":"^[0-9]+$"}'.
 
 MESSAGE_TEMPLATE_FILE
   Name of a file with a Mustach template to use to generate the challenge message for the customer. The template will be provided the PIN/TAN under ``{{pin}}``, the customer's address in JSON format under ``{{address}}`` and the URL of the challenger backend under ``{{challenger_url}}``.
 
 BASE_URL
   The base URL under which the challenger can be reached.
   Provided to message templates to remind users where they
   need to enter the challenge.
 
 
 SEE ALSO
 ========
 
 challenger-dbinit(1), challenger-httpd(1), challenger-config(1).
 
 
 BUGS
 ====
 
 Report bugs by using https://bugs.taler.net/ or by sending electronic
 mail to <taler@gnu.org>.