diff options
| author | MS <ms@taler.net> | 2021-04-28 11:40:15 +0200 |
|---|---|---|
| committer | MS <ms@taler.net> | 2021-04-28 11:40:15 +0200 |
| commit | b242d68ccb2abe790dc517e6ff41168277f0ffd4 (patch) | |
| tree | 2bdac99b2f80683ab735b42ac372da7860b9595e | |
| parent | 8445a97d525eebaba3d7008f9bc15624446736b1 (diff) | |
| download | deployment-b242d68ccb2abe790dc517e6ff41168277f0ffd4.tar.gz deployment-b242d68ccb2abe790dc517e6ff41168277f0ffd4.tar.bz2 deployment-b242d68ccb2abe790dc517e6ff41168277f0ffd4.zip | |
config each instance with API token
| -rwxr-xr-x | bin/taler-deployment | 4 | ||||
| -rwxr-xr-x | bin/taler-deployment-config-generate | 3 | ||||
| -rwxr-xr-x | bin/taler-deployment-config-instances | 17 |
3 files changed, 13 insertions, 11 deletions
diff --git a/bin/taler-deployment b/bin/taler-deployment index 12e7087..695faed 100755 --- a/bin/taler-deployment +++ b/bin/taler-deployment @@ -646,7 +646,7 @@ def sync_repos() -> None: subprocess.run(["git", "-C", str(r_dir), "clean", "-fdx"], check=True) def generate_apitoken(): - return ''.join(random.choices(ascii_letters + ascii_uppercase, k=10)) + return "secret-token:" + ''.join(random.choices(ascii_letters + ascii_uppercase, k=10)) @cli.command() def bootstrap() -> None: @@ -678,7 +678,7 @@ def bootstrap() -> None: currency=currmap[envname], curr_path=":".join(path_list), coverage=1 if envname == "coverage" else 0, - frontends_apitoken="secret-token:{}".format(generate_apitoken()), + frontends_apitoken="{}".format(generate_apitoken()), **get_urls(envname) ) ) diff --git a/bin/taler-deployment-config-generate b/bin/taler-deployment-config-generate index 3f97fe7..36e8608 100755 --- a/bin/taler-deployment-config-generate +++ b/bin/taler-deployment-config-generate @@ -224,6 +224,7 @@ def config(obj): @click.option("--envname", default="demo") @click.option("--outdir", required=True) @click.option("--exchange-pub", required=True) +# Expected to contain already the 'secret-token:' scheme. @click.option("--frontends-apitoken", required=True) def main(currency, envname, outdir, exchange_pub, frontends_apitoken): @@ -234,7 +235,7 @@ def main(currency, envname, outdir, exchange_pub, frontends_apitoken): config_files = [] mc = ConfigFile(envname, currency, exchange_pub, "taler.conf") - mc.cfg_put("frontends", "backend_apikey", f"secret-token:{frontends_apitoken}") + mc.cfg_put("frontends", "backend_apikey", f"{frontends_apitoken}") config(mc) config_files.append(mc) diff --git a/bin/taler-deployment-config-instances b/bin/taler-deployment-config-instances index 5a9a8d2..3d6acda 100755 --- a/bin/taler-deployment-config-instances +++ b/bin/taler-deployment-config-instances @@ -24,6 +24,7 @@ def expect_env(name): MERCHANT_BACKEND_BASE_URL = expect_env("TALER_ENV_MERCHANT_BACKEND") TALER_ENV_NAME = expect_env("TALER_ENV_NAME") TALER_CONFIG_CURRENCY = expect_env("TALER_CONFIG_CURRENCY") +TALER_ENV_FRONTENDS_APITOKEN = expect_env("TALER_ENV_FRONTENDS_APITOKEN") def ensure_instance(instance_id, name, payto_uris, auth): # FIXME: Use auth once the default instance also uses token auth @@ -44,7 +45,7 @@ def ensure_instance(instance_id, name, payto_uris, auth): default_wire_transfer_delay=dict(d_ms="forever"), default_pay_delay=dict(d_ms="forever"), # FIXME: Eventually, this should be an actual secret token - auth=dict(method="token", token="secret-token:sandbox"), + auth=auth, ) create_resp = requests.post( urljoin(MERCHANT_BACKEND_BASE_URL, "private/instances"), json=req @@ -58,47 +59,47 @@ ensure_instance( "blog", name="Blog", payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/blog"], - auth=dict(method="token", token="secret-token:sandbox"), + auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), ) ensure_instance( "donations", name="Donations", payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/donations"], - auth=dict(method="token", token="secret-token:sandbox"), + auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), ) ensure_instance( "survey", name="Survey", payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/survey"], - auth=dict(method="token", token="secret-token:sandbox"), + auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), ) ensure_instance( "pos", name="PoS", payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/pos"], - auth=dict(method="token", token="secret-token:sandbox"), + auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), ) ensure_instance( "GNUnet", name="GNUnet", payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/GNUnet"], - auth=dict(method="token", token="secret-token:sandbox"), + auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), ) ensure_instance( "Taler", name="Taler", payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/Taler"], - auth=dict(method="token", token="secret-token:sandbox"), + auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), ) ensure_instance( "Tor", name="Tor", payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/Tor"], - auth=dict(method="token", token="secret-token:sandbox"), + auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), ) |