Initial Taler stack with templated configs, db init script, caddy proxy

2025-12-11 12:22:48 +00:00 · 2025-12-11 12:22:48 +00:00 · d0b0722a7b
commit d0b0722a7b
16 changed files with 723 additions and 0 deletions
--- a/compose.yml
+++ b/compose.yml
@ -0,0 +1,115 @@
+services:
+  postgres:
+    image: postgres:16
+    environment:
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-taler}
+    volumes:
+      - pgdata:/var/lib/postgresql/data
+      - ./postgres/init:/docker-entrypoint-initdb.d:ro
+
+  exchange:
+    image: taler-stack:build
+    entrypoint: ["/usr/local/bin/with-dbinit.sh"]
+    command: ["taler-exchange-httpd", "-c", "/etc/taler/taler-exchange.conf"]
+    environment:
+      DB_NAME: ${TALER_EXCHANGE_DB:-talerexchange}
+      INIT_CMD: taler-exchange-dbinit -c /etc/taler/taler-exchange.conf
+      PGHOST: ${POSTGRES_HOST:-postgres}
+      PGUSER: ${POSTGRES_ADMIN_USER:-postgres}
+      PGPASSWORD: ${POSTGRES_PASSWORD:-taler}
+      EXCHANGE_BASE_URL: ${EXCHANGE_BASE_URL:-https://exchange.antifa.ltd/}
+      EXCHANGE_SHOPPING_URL: ${EXCHANGE_SHOPPING_URL:-https://exchange.antifa.ltd/}
+      OPEN_BANKING_GATEWAY_URL: ${OPEN_BANKING_GATEWAY_URL:-https://ob.antifa.ltd}
+      PAYTO_URI: ${PAYTO_URI:-payto://x-taler-bank/ob.antifa.ltd/demogeld?receiver-name=demogeld}
+      EXCHANGE_HOST: ${EXCHANGE_HOST:-exchange.antifa.ltd}
+      BANK_HOST: ${BANK_HOST:-ob.antifa.ltd}
+    depends_on: [postgres]
+    volumes:
+      - ./exchange/conf:/etc/taler
+      - ${EXCHANGE_SECRETS_PATH:-./exchange/secrets}:/etc/taler/secrets
+      - ./exchange/terms:/etc/taler-exchange/terms
+      - ./exchange/privacy:/etc/taler-exchange/privacy
+    ports:
+      - "8081:8081"   # intern, später via Reverse Proxy auf 443
+
+  exchange-account-init:
+    image: taler-stack:build
+    depends_on: [exchange]
+    environment:
+      ENABLE_EXCHANGE_ACCOUNT: ${ENABLE_EXCHANGE_ACCOUNT:-0}
+      PAYTO_URI: ${PAYTO_URI:-payto://x-taler-bank/ob.antifa.ltd/demogeld?receiver-name=demogeld}
+      EXCHANGE_CONFIG: /etc/taler/taler-exchange.conf
+      EXCHANGE_KEYS_URL: ${EXCHANGE_KEYS_URL:-http://exchange:8081/keys}
+      EXCHANGE_WAIT_RETRIES: ${EXCHANGE_WAIT_RETRIES:-60}
+      EXCHANGE_WAIT_INTERVAL: ${EXCHANGE_WAIT_INTERVAL:-2}
+      EXCHANGE_CURL_OPTS: ${EXCHANGE_CURL_OPTS:-}
+    volumes:
+      - ./exchange/conf:/etc/taler
+      - ${EXCHANGE_SECRETS_PATH:-./exchange/secrets}:/etc/taler/secrets
+      - ./exchange/terms:/etc/taler-exchange/terms
+      - ./exchange/privacy:/etc/taler-exchange/privacy
+    command: ["/usr/local/bin/enable-exchange-account.sh"]
+    restart: "no"
+
+  merchant:
+    image: taler-stack:build
+    entrypoint: ["/usr/local/bin/with-dbinit.sh"]
+    command: ["taler-merchant-httpd", "-c", "/etc/taler-merchant/merchant.conf"]
+    environment:
+      DB_NAME: ${TALER_MERCHANT_DB:-talermerchant}
+      INIT_CMD: taler-merchant-dbinit -c /etc/taler-merchant/merchant.conf
+      PGHOST: ${POSTGRES_HOST:-postgres}
+      PGUSER: ${POSTGRES_ADMIN_USER:-postgres}
+      PGPASSWORD: ${POSTGRES_PASSWORD:-taler}
+      EXCHANGE_BASE_URL: ${EXCHANGE_BASE_URL:-https://exchange.antifa.ltd/}
+      EXCHANGE_HOST: ${EXCHANGE_HOST:-exchange.antifa.ltd}
+    depends_on: [postgres, exchange]
+    volumes:
+      - ./merchant/conf:/etc/taler-merchant
+    ports:
+      - "9966:9966"
+
+  bank:
+    image: taler-stack:build
+    entrypoint: ["/usr/local/bin/with-dbinit.sh"]
+    command: ["libeufin-bank", "serve", "-c", "/etc/libeufin/bank.conf"]
+    environment:
+      DB_NAME: ${LIBEUFIN_DB_NAME:-libeufinbank}
+      INIT_CMD: libeufin-bank dbinit -c /etc/libeufin/bank.conf
+      PGHOST: ${POSTGRES_HOST:-postgres}
+      PGUSER: ${POSTGRES_ADMIN_USER:-postgres}
+      PGPASSWORD: ${POSTGRES_PASSWORD:-taler}
+      BANK_BASE_URL: ${BANK_BASE_URL:-https://ob.antifa.ltd/}
+      BANK_HOST: ${BANK_HOST:-ob.antifa.ltd}
+      EXCHANGE_BASE_URL: ${EXCHANGE_BASE_URL:-https://exchange.antifa.ltd/}
+      EXCHANGE_HOST: ${EXCHANGE_HOST:-exchange.antifa.ltd}
+      LIBEUFIN_ADMIN_USER: ${LIBEUFIN_ADMIN_USER:-admin}
+      LIBEUFIN_ADMIN_PASSWORD: ${LIBEUFIN_ADMIN_PASSWORD:-}
+      LIBEUFIN_USER: ${LIBEUFIN_USER:-demogeld}
+      LIBEUFIN_USER_PASSWORD: ${LIBEUFIN_USER_PASSWORD:-}
+    depends_on: [postgres]
+    volumes:
+      - ./bank/conf:/etc/libeufin
+    ports:
+      - "8080:8080"
+
+  caddy:
+    image: caddy:2
+    depends_on: [exchange, merchant, bank]
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ./caddy/Caddyfile:/etc/caddy/Caddyfile:ro
+      - caddy_data:/data
+      - caddy_config:/config
+    environment:
+      CADDY_ACME_EMAIL: ${CADDY_ACME_EMAIL:-ops@example.com}
+      BANK_HOST: ${BANK_HOST:-ob.antifa.ltd}
+      EXCHANGE_HOST: ${EXCHANGE_HOST:-exchange.antifa.ltd}
+      MERCHANT_HOST: ${MERCHANT_HOST:-merchant.antifa.ltd}
+
+volumes:
+  pgdata: {}
+  caddy_data: {}
+  caddy_config: {}