control (8675B)
1 Source: taler-exchange 2 Section: net 3 Priority: optional 4 Maintainer: Christian Grothoff <grothoff@gnu.org> 5 Build-Depends: 6 meson, 7 ninja-build, 8 bash, 9 gcc, 10 debhelper-compat (= 12), 11 gettext, 12 libgnunet-dev (>=0.27.0), 13 libcurl4-gnutls-dev (>=7.35.0) | libcurl4-openssl-dev (>= 7.35.0), 14 libgcrypt20-dev (>=1.8), 15 libgnutls28-dev (>=3.2.12), 16 libjansson-dev (>= 2.13), 17 libltdl-dev (>=2.2), 18 libmicrohttpd-dev (>=0.9.71), 19 libpq-dev (>=15), 20 libsodium-dev (>=1.0.11), 21 libunistring-dev (>=0.9.2), 22 po-debconf, 23 texinfo (>=5.2), 24 zlib1g-dev 25 Standards-Version: 4.5.0 26 Vcs-Git: https://salsa.debian.org/debian/taler-exchange.git 27 Vcs-Browser: https://salsa.debian.org/debian/taler-exchange 28 Homepage: https://taler.net/ 29 30 Package: libtalerexchange 31 Architecture: any 32 Pre-Depends: 33 ${misc:Pre-Depends} 34 Depends: 35 lsb-base, 36 netbase, 37 ${misc:Depends}, 38 ${shlibs:Depends} 39 Description: shared libraries to talk to a GNU Taler exchange 40 GNU Taler is the privacy-preserving digital payment system from the GNU 41 project. This package contains the shared C libraries used by clients 42 and services to interact with a Taler exchange via its REST API, to parse 43 and verify exchange-issued cryptographic objects (denomination keys, 44 signing keys, deposit confirmations, ...) and to handle Taler amounts. 45 . 46 Also included is taler-exchange-config, the command-line tool to read 47 and edit Taler configuration files, along with the base configuration 48 fragments and documentation shared by all Taler exchange components. 49 Every other taler-exchange-* and taler-auditor* package depends on this 50 one. 51 52 Package: taler-terms-generator 53 Architecture: any 54 Pre-Depends: 55 ${misc:Pre-Depends} 56 Depends: 57 libtalerexchange, 58 lsb-base, 59 pandoc, 60 groff, 61 ghostscript, 62 ${misc:Depends} 63 Description: generator for GNU Taler terms of service and privacy policy 64 taler-terms-generator converts a reStructuredText source document into 65 the bundle of HTML, Markdown, plain-text, EPUB and PDF renderings (and 66 multiple languages) that a Taler service expects to find on disk in 67 order to answer the /terms and /pp REST endpoints with the appropriate 68 content negotiation. 69 . 70 It is useful for GNU Taler exchange, merchant and auditor operators who 71 wish to publish or update their legal documents. Pandoc, groff and 72 Ghostscript are pulled in as runtime dependencies to perform the 73 conversions. 74 75 Package: taler-exchange-database 76 Architecture: any 77 Pre-Depends: 78 ${misc:Pre-Depends} 79 Depends: 80 lsb-base, 81 netbase, 82 ${misc:Depends}, 83 ${shlibs:Depends} 84 Description: database initialisation tool for the GNU Taler exchange 85 GNU Taler is the privacy-preserving digital payment system from the GNU 86 project. This package contains taler-exchange-dbinit together with the 87 SQL resource files it loads. The tool creates the schema, indices, 88 customisation hooks and (optionally) the auditor notification triggers 89 used by the exchange and the auditor in their PostgreSQL database, and 90 supports incremental garbage collection and shard-lock recovery after 91 crashes. 92 . 93 Both taler-exchange and taler-auditor depend on this package, as the 94 two services share a database layout and the same setup tooling. A 95 PostgreSQL server (>= 15) is required at runtime. 96 97 Package: taler-exchange 98 Architecture: any 99 Pre-Depends: 100 ${misc:Pre-Depends} 101 Depends: 102 libtalerexchange (= ${binary:Version}), 103 taler-exchange-database (= ${binary:Version}), 104 adduser, 105 lsb-base, 106 netbase, 107 zstd, 108 ucf, 109 ${misc:Depends}, 110 ${shlibs:Depends} 111 Recommends: 112 taler-exchange-offline (= ${binary:Version}), 113 taler-terms-generator, 114 taler-exchange-typst, 115 taler-exchange-aml-webui, 116 taler-exchange-kyc-webui, 117 apache2 | nginx | httpd, 118 robocop, 119 postgresql (>=15.0) 120 Description: GNU Taler payment system - exchange operator daemons 121 GNU Taler is the privacy-preserving digital payment system from the GNU 122 project. The exchange is the central service operated by a payment 123 service provider or bank to issue and redeem digital coins for a given 124 currency; at least one exchange must be operated per currency. 125 . 126 This package ships the daemons required to run an exchange in 127 production: 128 * taler-exchange-httpd, the public REST frontend talked to by wallets 129 and merchant backends; 130 * taler-exchange-secmod-rsa, -cs and -eddsa, the security modules that 131 hold the online signing keys and communicate with the HTTPD over 132 UNIX-domain sockets; 133 * taler-exchange-aggregator, -transfer, -wirewatch and -closer, which 134 drive the interaction with the bank (aggregating deposits, executing 135 outgoing wire transfers, observing incoming transfers, and refunding 136 abandoned reserves); 137 * taler-exchange-expire, -sanctionscheck and the KYC/AML pipeline 138 helpers (taler-exchange-kyc-* converters and triggers). 139 . 140 Running an exchange additionally requires the air-gapped offline-signing 141 tool packaged as taler-exchange-offline (recommended). It is also 142 recommended to run a taler-auditor to check the operation and determine 143 expected balance in the escrow account and profits from fees. 144 145 Package: taler-exchange-offline 146 Architecture: any 147 Pre-Depends: 148 ${misc:Pre-Depends} 149 Depends: 150 libtalerexchange (= ${binary:Version}), 151 adduser, 152 lsb-base, 153 netbase, 154 ${misc:Depends}, 155 ${shlibs:Depends} 156 Description: air-gapped signing tool for the GNU Taler exchange master key 157 A GNU Taler exchange uses a long-term offline master key to sign its 158 online signing keys, denomination keys, fee structure, bank account 159 details, auditor and partner-exchange registrations, AML staff entries 160 and key-revocation messages. The corresponding master public key forms 161 the root of the Taler PKI embedded in consumer wallets and merchant 162 backends, so the private key must be protected with great care. 163 . 164 This package contains taler-exchange-offline, the command-line tool 165 used to set up the master key, download future signing material from a 166 running exchange, inspect and sign it offline, and upload the resulting 167 signatures back to the exchange. It is recommended to install 168 this package on a dedicated machine that is never connected to the 169 Internet; it also must be installed on some online system to 170 download key material from the exchange and to upload signatures and 171 configuration data to the exchange. 172 173 Package: taler-exchange-typst 174 Architecture: any 175 Depends: 176 pdftk 177 Recommends: 178 typst 179 Description: Typst templates for GNU Taler exchange PDF generation 180 This package ships the Typst templates that the GNU Taler 181 exchange uses to render PDF artefacts (such as receipts and reports) 182 from structured data. 183 . 184 The pdftk dependency is required at runtime to assemble the resulting 185 PDFs; the typst compiler itself is recommended but kept optional as 186 distros still often lack a native Typst package and thus operators 187 are likely to supply a locally built or vendored Typst compiler. 188 189 Package: taler-auditor 190 Architecture: any 191 Pre-Depends: 192 ${misc:Pre-Depends} 193 Depends: 194 libtalerexchange (= ${binary:Version}), 195 taler-exchange-database (= ${binary:Version}), 196 taler-auditor-webui, 197 adduser, 198 zstd, 199 lsb-base, 200 netbase, 201 ${misc:Depends}, 202 ${shlibs:Depends} 203 Description: GNU Taler payment system - independent auditor 204 GNU Taler is the privacy-preserving digital payment system from the GNU 205 project. An auditor is an independent third party (or the exchange 206 operator themselves) that verifies the correct operation 207 of a Taler exchange: it checks all cryptographic signatures recorded in 208 the exchange's database, recomputes balances, and reconciles the 209 reported state against the bank account, alerting the operator to any 210 inconsistencies and computing expected balance, revenue and risk 211 exposure. 212 . 213 This package provides the taler-auditor incremental audit tool, the 214 long-running taler-auditor-httpd REST service, the taler-auditor-sync 215 helper that maintains a safe replica of the exchange database, and the 216 corresponding helper daemons. The offline-signing tool used 217 by the auditor is also included. 218 219 Package: libtalerexchange-dev 220 Section: libdevel 221 Architecture: any 222 Depends: 223 libtalerexchange (= ${binary:Version}), 224 libgnunet-dev (>=0.27.0), 225 libgcrypt20-dev (>=1.8), 226 libmicrohttpd-dev (>=0.9.71), 227 ${misc:Depends}, 228 ${shlibs:Depends} 229 Description: GNU Taler exchange client libraries - development files 230 This package contains the C header files, static libraries and 231 pkg-config files needed to build software against the GNU Taler 232 exchange client libraries shipped in libtalerexchange. 233 . 234 It also installs taler-fakebank-run, an in-memory implementation of the 235 Taler Wire Gateway API used by the Taler test suite. The fake bank is 236 not suitable for production use: all transaction state is kept in RAM 237 and lost on shutdown.