taler-directory.conf(5)

19.44. taler-directory.conf(5)#

19.44.1. Name#

taler-directory.conf - taler-directory configuration file

19.44.2. Description#

The configuration file is line-oriented. Blank lines and whitespace at the beginning and end of a line are ignored. Comments start with # or % in the first column (after any beginning-of-line whitespace) and go to the end of the line.

The file is split into sections. Every section begins with [SECTIONNAME] and contains a number of options of the form OPTION=VALUE. There may be whitespace around the = (equal sign). Section names and options are case-insensitive.

The values, however, are case-sensitive. In particular, boolean values are one of YES or NO. Values can include whitespace by surrounding the entire value with " (double quote). Note, however, that there are no escape characters in such strings; all characters between the double quotes (including other double quotes) are taken verbatim.

Values that represent a time duration are represented as a series of one or more NUMBER UNIT pairs, e.g. 60 s, 4 weeks 1 day, 5 years 2 minutes.

Values that represent an amount are in the usual amount syntax: CURRENCY:VALUE.FRACTION, e.g. EUR:1.50. The FRACTION portion may extend up to 8 places.

Values that represent filenames can begin with a /bin/sh-like variable reference. This can be simple, such as $TMPDIR/foo, or complex, such as ${TMPDIR:-${TMP:-/tmp}}/foo. The variables are expanded either using key-values from the [PATHS] section (see below) or from the environment (getenv()). The values from [PATHS] take precedence over those from the environment. If the variable name is found in neither [PATHS] nor the environment, a warning is printed and the value is left unchanged. Variables (including those from the environment) are expanded recursively, so if FOO=$BAR and BAR=buzz then the result is FOO=buzz. Recursion is bounded to at most 128 levels to avoid undefined behavior for mutually recursive expansions like if BAR=$FOO in the example above.

The [PATHS] section is special in that it contains paths that can be referenced using $ in other configuration values that specify filenames. Note that configuration options that are not specifically retrieved by the application as filenames will not see “$”-expressions expanded. To expand $-expressions when using taler-config, you must pass the -f command-line option.

The system automatically pre-populates the [PATHS] section with a few values at run-time (in addition to the values that are in the actual configuration file and automatically overwriting those values if they are present). These automatically generated values refer to installation properties from GNU autoconf. The values are usually dependent on an INSTALL_PREFIX which is determined by the --prefix option given to configure. The canonical values are:

  • LIBEXECDIR = $INSTALL_PREFIX/taler/libexec/

  • DOCDIR = $INSTALL_PREFIX/share/doc/taler/

  • ICONDIR = $INSTALL_PREFIX/share/icons/

  • LOCALEDIR = $INSTALL_PREFIX/share/locale/

  • PREFIX = $INSTALL_PREFIX/

  • BINDIR = $INSTALL_PREFIX/bin/

  • LIBDIR = $INSTALL_PREFIX/lib/taler/

  • DATADIR = $INSTALL_PREFIX/share/taler/

Note that on some platforms, the given paths may differ depending on how the system was compiled or installed, the above are just the canonical locations of the various resources. These automatically generated values are never written to disk.

Files containing default values for many of the options described below are installed under $PREFIX/share/taler-directory/config.d/. The configuration file given with -c to taler-directory binaries overrides these defaults.

A configuration file may include another, by using the @INLINE@ directive, for example, in main.conf, you could write @INLINE@ sub.conf to include the entirety of sub.conf at that point in main.conf.

Be extra careful when using taler-directory-config -V VALUE to change configuration values: it will destroy all uses of @INLINE@ and furthermore remove all comments from the configuration file!

19.44.2.1. GLOBAL OPTIONS#

The following options are from the “[taler-directory]” section.

BASE_URL

The base URL of the service. If your service is proxied, the external base URL this service is availiable at. Default: http://localhost:11000

CHALLENGE_BYTES

Number of bytes of the challenge. Default: 16

VALIDATION_INITIATION_MAX

Maximum number of pending validations for the same alias. Default: 3

SOLUTION_ATTEMPT_MAX

Maximum times a solution may be attempted for an active validation. Default: 3

VALIDATION_TIMEFRAME

Cooldown period between two successive validation requests (for the same alias). Default: 5m

SOLUTION_ATTEMPT_TIMEFRAME

Duration for which a solution must be provided for any given validation. Default: 1h

VALIDATION_EXPIRATION

Time until a pending validation expires Default: 24h

VALID_PAYMENT_SYSTEM_ADDRESS_REGEX

Defines valid payment system addresses that may be registered. Default: .*

MONTHLY_FEE

Cost for registration of a single month. Default: KUDOS:0

NAVIGATION

The navigation (header) HTML template file. If relative will be interpreted relative to DATADIR. Default: web/templates/nav.html

FOOTER

The footer HTML template file. If relative will be interpreted relative to DATADIR. Default: web/templates/footer.html

IMPRINT_PAGE

The imprint HTML template file. If relative will be interpreted relative to DATADIR. Default: web/templates/imprint.html

ABOUT_PAGE

The about HTML template file. If relative will be interpreted relative to DATADIR. Default: web/templates/about.html

LANDING_PAGE

The landing page HTML template file. If relative will be interpreted relative to DATADIR. Default: web/templates/landing.html

VALIDATION_LANDING

The validation landing HTML template file. If relative will be interpreted relative to DATADIR. Default: web/templates/validation_landing.html

LOOKUP_RESULT_PAGE

The lookup result HTML template file. If relative will be interpreted relative to DATADIR. Default: web/templates/validation_landing.html

The following options are from a “[taler-directory-<validator>]” section.

ENABLED

Is this validator enabled or disabled. Default: false

TYPE

What type of validator is this. Options: command, oidc. Default: command

CHALLENGE_FEE

What does the initiation of a challenge cost. Default: KUDOS:0

VALID_ALIAS_REGEX

Defines which aliases are valid in this validator context. Default: empty

COMMAND

Only when TYPE command. The command to execute. Must be set if TYPE is command. Default: unset

SENDER

What should the sender of the email be. Only read by the email validator. Default: unset

AUTHORIZATION_ENDPOINT

Only when TYPE oidc. The URI of the authorization endpoint. Default: unset

TOKEN_ENDPOINT

Only when TYPE oidc. The URI of the token endpoint. Default: unset

USERINFO_ENDPOINT

Only when TYPE oidc. The URI of the userinfo endpoint. Default: unset

CLIENT_ID

Only when TYPE oidc. The OAuth client_id. Default: unset

CLIENT_SECRET

Only when TYPE oidc. The OAuth client_secret. Default: unset

SCOPE

Only when TYPE oidc. The OAuth scope(s) to request. Default: unset

ALIAS_CLAIM

Only when TYPE oidc. The claim to read from the userinfo response. Must be equal to the alias that is being validated. Default: sub

The following options are from a “[taler-directory-<disseminator>]” section.

ENABLED

Is this disseminator enabled or disabled. Default: false

ZONE

The name (not ZEKY) of the local zone authoritative for publication of the directory. Default: unset

EXPIRATION

The relative expiration time of the record sets. Default: 1d

19.44.3. SEE ALSO#

taler-directory-dbinit(1), taler-directory-httpd(1), taler-directory-config(1).

19.44.4. BUGS#

Report bugs by using https://bugs.taler.net/ or by sending electronic mail to <taler@gnu.org>.