aboutsummaryrefslogtreecommitdiff
path: root/debian/etc-taler-exchange
diff options
context:
space:
mode:
authorFlorian Dold <florian@dold.me>2021-08-04 13:31:25 +0200
committerFlorian Dold <florian@dold.me>2021-08-04 13:32:02 +0200
commit95df47ae4e2b858b298a9c99af9df2f9884f8e40 (patch)
tree676ce1179d3668296b473895a72689cf08a6799b /debian/etc-taler-exchange
parent36164914e6f74e87cb1cd6e3f26ce77e2105f3c5 (diff)
debian: adopt new accountcredentials config structure
Diffstat (limited to 'debian/etc-taler-exchange')
-rw-r--r--debian/etc-taler-exchange/taler/conf.d/exchange-business.conf12
-rw-r--r--debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials.secret.conf17
-rw-r--r--debian/etc-taler-exchange/taler/secrets/exchange-accounts.secret.conf21
3 files changed, 29 insertions, 21 deletions
diff --git a/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf b/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf
index 3fae902ea..4a6b16df8 100644
--- a/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf
+++ b/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf
@@ -19,3 +19,15 @@ BASE_URL =
# specification on Etags.
# TERMS_ETAG =
# PRIVACY_ETAG =
+
+
+# Bank accounts used by the exchange should be specified here:
+[exchange-accounts-1]
+
+enable_credit = yes
+enable_debit = yes
+payto_uri =
+
+# Credentials to access the account are in a separate
+# config file with restricted permissions.
+@inline-secret@ exchange-accountcredentials-1 ../exchange-accountcredentials.secret.conf
diff --git a/debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials.secret.conf b/debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials.secret.conf
new file mode 100644
index 000000000..8c8d14320
--- /dev/null
+++ b/debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials.secret.conf
@@ -0,0 +1,17 @@
+# This file contains the secret credentials
+# to access the Taler Wire Gateway API (usually
+# provided by LibEuFin) for the exchange accounts.
+#
+# Each exchange-account-* section should have a matching
+# exchange-accountcredentials-* section here.
+#
+# Each of those sections must be imported via @inline-secret@,
+# usually in conf.d/exchange-business.conf.
+
+[exchange-accountcredentials-1]
+
+wire_gateway_auth_method = basic
+password =
+username =
+wire_gateway_url =
+
diff --git a/debian/etc-taler-exchange/taler/secrets/exchange-accounts.secret.conf b/debian/etc-taler-exchange/taler/secrets/exchange-accounts.secret.conf
deleted file mode 100644
index 7b6c649fd..000000000
--- a/debian/etc-taler-exchange/taler/secrets/exchange-accounts.secret.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-# This file should contain the wire account access information which is needed
-# by the Taler exchange to talk to LibEuFin to interact with the bank.
-# The file SHOULD only be readable for the "taler-exchange-wire" user,
-# as other users/services have no business talking to the bank.
-
-
-[exchange-account-1]
-enable_credit = yes
-
-enable_debit = yes
-
-wire_gateway_auth_method = basic
-
-password =
-
-username =
-
-wire_gateway_url =
-
-payto_uri =
-