diff options
author | Antoine A <> | 2024-02-19 20:15:04 +0100 |
---|---|---|
committer | Antoine A <> | 2024-02-19 20:15:43 +0100 |
commit | 4ec5d99a83a04937cbd15d5ee3a7fbea0339e860 (patch) | |
tree | 81908d1617cdf0e7e13c77e987bd714eec6ebc38 | |
parent | 844b169b49ba7d9d0f728c05f190e76f8b86fc9b (diff) | |
download | deployment-4ec5d99a83a04937cbd15d5ee3a7fbea0339e860.tar.gz deployment-4ec5d99a83a04937cbd15d5ee3a7fbea0339e860.tar.bz2 deployment-4ec5d99a83a04937cbd15d5ee3a7fbea0339e860.zip |
Telesign auto setup
-rwxr-xr-x | regional-currency/config_nginx.sh | 4 | ||||
-rwxr-xr-x | regional-currency/functions.sh | 20 | ||||
-rwxr-xr-x | regional-currency/main.sh | 3 | ||||
-rwxr-xr-x | regional-currency/setup-libeufin.sh | 17 |
4 files changed, 34 insertions, 10 deletions
diff --git a/regional-currency/config_nginx.sh b/regional-currency/config_nginx.sh index 745b3e4..c9bb3c2 100755 --- a/regional-currency/config_nginx.sh +++ b/regional-currency/config_nginx.sh @@ -30,10 +30,10 @@ if test "${ENABLE_TLS}" == "y"; then certbot --nginx -n --agree-tos -m ${TLS_EMAIL} \ -d backend."${DOMAIN_NAME}" \ -d bank."${DOMAIN_NAME}" \ - -d exchange."${DOMAIN_NAME}" + -d exchange."${DOMAIN_NAME}" &>> setup.log else sed -i "s/https:\/\/bank./http:\/\/bank./g" /etc/libeufin/settings.json fi say "Restarting Nginx with new configuration" -systemctl reload nginx +systemctl reload nginx &>> setup.log diff --git a/regional-currency/functions.sh b/regional-currency/functions.sh index 9acc3f1..961d7c5 100755 --- a/regional-currency/functions.sh +++ b/regional-currency/functions.sh @@ -92,6 +92,26 @@ function ask_questions() { echo "BANK_ADMIN_PASSWORD=$(printf '%q' "${BANK_ADMIN_PASSWORD}")" >>config/user.conf echo "" # force new line fi + if test -z "${DO_TELESIGN:-}"; then + read -r -p "Setup sms two-factor authentication using Telesign https://www.telesign.com? (y/n): " DO_TELESIGN + if test "${DO_TELESIGN:-y}" != n; then + read -r -p "Enter your Telesign Customer ID: " TELESIGN_CUSTOMER_ID + read -r -s -p "Enter your Telesign API Key: " TELESIGN_API_KEY + echo "" # force new line + read -r -p "Enter a phone number to test: " TELESIGN_PHONE + TELESIGN_AUTH_TOKEN=$(echo "$TELESIGN_CUSTOMER_ID:$TELESIGN_API_KEY" | base64 -w 0) + export AUTH_TOKEN=$TELESIGN_AUTH_TOKEN + echo "12345" | libeufin-tan-sms.sh $TELESIGN_PHONE + read -r -s -p "Enter the code received by $TELESIGN_PHONE : " TELESIGN_TEST_CODE + if test "${TELESIGN_TEST_CODE:-y}" != "12345"; then + say "Wrong code, rerun this script to enter the right Telesign auth info" + exit 1 + fi + echo "TELESIGN_AUTH_TOKEN=\"${TELESIGN_AUTH_TOKEN}\"" >>config/user.conf + fi + echo "DO_TELESIGN=${DO_TELESIGN}" >>config/user.conf + echo "" # force new line + fi } function check_dns() { diff --git a/regional-currency/main.sh b/regional-currency/main.sh index 1486aae..bca1d72 100755 --- a/regional-currency/main.sh +++ b/regional-currency/main.sh @@ -83,9 +83,6 @@ say "Congratulations, you have successfully installed GNU Taler" say "Your bank is at ${PROTO}://bank.${DOMAIN_NAME}/" say "A merchant is at ${PROTO}://backend.${DOMAIN_NAME}/" say "You should set credentials for the merchant soon." -say "For the SMS cash-out TAN, make sure that telesign-secret" -say "is found in the PATH and that it defines the CUSTOMER_ID" -say "and API_KEY environment variables." say "For currency conversion to work, you must manually complete" say "the EBICS configuration." diff --git a/regional-currency/setup-libeufin.sh b/regional-currency/setup-libeufin.sh index 3fbf316..04ca162 100755 --- a/regional-currency/setup-libeufin.sh +++ b/regional-currency/setup-libeufin.sh @@ -36,7 +36,7 @@ taler-config -s nexus-ebics -o currency \ say "Configuring libeufin-bank with ${CURRENCY}..." -cat <<EOF > /etc/libeufin/libeufin-bank.conf +cat >/etc/libeufin/libeufin-bank.conf <<EOF [libeufin-bank] CURRENCY=${CURRENCY} WIRE_TYPE=x-taler-bank @@ -45,10 +45,18 @@ SUGGESTED_WITHDRAWAL_EXCHANGE=${PROTO}://exchange.${DOMAIN_NAME} SERVE=tcp PORT=${BANK_PORT} ALLOW_CONVERSION=yes -FIAT_CURRENCY=${FIAT_CURRENCY} -TAN_SMS=libeufin-tan-sms.sh -TAN_EMAIL=libeufin-tan-email.sh +FIAT_CURRENCY=${FIAT_CURRENCY} ALLOW_EDIT_CASHOUT_PAYTO_URI=yes +EOF + +if test -n "$TELESIGN_AUTH_TOKEN"; then + cat >>/etc/libeufin/libeufin-bank.conf <<EOF +TAN_SMS=libeufin-tan-sms.sh +TAN_SMS_ENV="AUTH_TOKEN=$TELESIGN_AUTH_TOKEN" +EOF +fi + +cat >>/etc/libeufin/libeufin-bank.conf <<EOF [CURRENCY-NETZBON] enabled=yes @@ -58,7 +66,6 @@ fractional_input_digits=2 fractional_normal_digits=2 fractional_trailing_zero_digits=2 alt_unit_names={"0":"NETZBON"} - EOF say "Setting up libeufin database..." |