diff options
author | MS <ms@taler.net> | 2022-08-25 15:38:41 +0200 |
---|---|---|
committer | MS <ms@taler.net> | 2022-08-25 15:38:41 +0200 |
commit | d5eacca1d5b2e37ba2f869568cc010aab4037502 (patch) | |
tree | 803662f32c02e14f2c0376801d96cae891b79f9d | |
parent | 022eef39974a6e32e63ba41db523d6ec1781d0e3 (diff) | |
download | deployment-d5eacca1d5b2e37ba2f869568cc010aab4037502.tar.gz deployment-d5eacca1d5b2e37ba2f869568cc010aab4037502.tar.bz2 deployment-d5eacca1d5b2e37ba2f869568cc010aab4037502.zip |
remove obsolete scripts
-rwxr-xr-x | bin/taler-deployment | 786 | ||||
-rwxr-xr-x | bin/taler-deployment-arm | 11 | ||||
-rwxr-xr-x | bin/taler-deployment-auditor | 23 | ||||
-rwxr-xr-x | bin/taler-deployment-auth-token | 36 | ||||
-rwxr-xr-x | bin/taler-deployment-config-generate | 277 | ||||
-rwxr-xr-x | bin/taler-deployment-config-generate-sepa | 265 | ||||
-rwxr-xr-x | bin/taler-deployment-config-instances | 229 | ||||
-rwxr-xr-x | bin/taler-deployment-config-instances-iban | 163 | ||||
-rwxr-xr-x | bin/taler-deployment-config-tips | 24 | ||||
-rwxr-xr-x | bin/taler-deployment-dbstart | 24 | ||||
-rwxr-xr-x | bin/taler-deployment-prepare | 264 | ||||
-rwxr-xr-x | bin/taler-deployment-restart | 19 | ||||
-rwxr-xr-x | bin/taler-deployment-start | 43 | ||||
-rwxr-xr-x | bin/taler-deployment-stop | 12 | ||||
-rwxr-xr-x | bin/taler-log-adapter | 66 | ||||
-rw-r--r-- | bin/taler_urls.py | 58 |
16 files changed, 0 insertions, 2300 deletions
diff --git a/bin/taler-deployment b/bin/taler-deployment deleted file mode 100755 index 8a5ff9c..0000000 --- a/bin/taler-deployment +++ /dev/null @@ -1,786 +0,0 @@ -#!/usr/bin/env python3 - -# This file is part of GNU Taler. -# -# GNU Taler is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# GNU Taler is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with GNU Taler. If not, see <https://www.gnu.org/licenses/>. - -import click -import types -import os -import sys -import os.path -import subprocess -import time -import random -from pathlib import Path -from dataclasses import dataclass -from typing import List, Callable -from shutil import copy -from taler_urls import get_urls -from string import ascii_letters, ascii_uppercase - -activate_template = """\ -#!/bin/bash - -# Generated by taler-deployment-bootstrap - -if ! echo $PATH | tr ":" '\\n' | grep "$HOME/deployment/bin" > /dev/null -then - export PATH="{curr_path}" -fi -export PYTHONUSERBASE=$HOME/local -export TALER_BOOTSTRAP_TIMESTAMP={timestamp} -export TALER_CONFIG_CURRENCY={currency} -export TALER_ENV_NAME={envname} -export TALER_ENV_URL_INTRO="{landing}" -export TALER_ENV_URL_BANK="{bank}" -export TALER_ENV_URL_MERCHANT_BLOG="{blog}" -export TALER_ENV_URL_MERCHANT_DONATIONS="{donations}" -export TALER_ENV_URL_MERCHANT_SURVEY="{survey}" -export TALER_ENV_URL_AUDITOR="{auditor}" -export TALER_ENV_URL_BACKOFFICE="{backoffice}" -export TALER_ENV_URL_SYNC="{sync}" -export TALER_ENV_MERCHANT_BACKEND="{merchant_backend}" -export TALER_COVERAGE={coverage} -export TALER_ENV_FRONTENDS_APITOKEN="$(cat ~/merchant_auth_token)" -export LIBEUFIN_ENV_SANDBOX_ADMIN_PASSWORD="$(cat ~/libeufin_admin_password)" -export LIBEUFIN_NEXUS_DB_CONNECTION="jdbc:sqlite:$HOME/nexus.sqlite" -export LIBEUFIN_SANDBOX_DB_CONNECTION="jdbc:sqlite:$HOME/sandbox.sqlite" -export LIBEUFIN_SANDBOX_HOSTNAME=bank.{envname}.taler.net/eufin/sandbox -export LIBEUFIN_SANDBOX_CURRENCY={currency} -""" - -@dataclass -class Repo: - name: str - url: str - deps: List[str] - builder: Callable[["Repo", Path], None] - - -class EnvInfo: - def __init__(self, name, repos, cfg): - self.name = name - self.repos = [] - for r in repos: - tag = getattr(cfg, "tag_" + r.name.replace("-", "_")) - # This check skips all the components that are - # expected to be already installed; typically via - # a distribution package manager. - if not tag: - continue - self.repos.append(r) - -@click.group() -def cli(): - pass - - -# map from environment name to currency -currmap = { - "test": "TESTKUDOS", - "docs-builder": "TESTKUDOS", - "coverage": "TESTKUDOS", - "integrationtest": "TESTKUDOS", - "demo": "KUDOS", - "int": "INT", - "euro": "EUR", - "chf": "CHF", - "auditor-reporter-test": "TESTKUDOS", - "auditor-reporter-demo": "KUDOS", - "local": "LOCALKUDOS", - "tanker": "SEK" -} - -def generate_apitoken(): - return "secret-token:" + ''.join(random.choices(ascii_letters + ascii_uppercase, k=10)) - -def generate_password(): - return ''.join(random.choices(ascii_letters + ascii_uppercase, k=10)) - - -def update_checkout(r: Repo, p: Path): - """Clean the repository's working directory and - update it to the match the latest version of the upstream branch - that we are tracking.""" - subprocess.run(["git", "-C", str(p), "clean", "-fdx"], check=True) - subprocess.run(["git", "-C", str(p), "fetch"], check=True) - subprocess.run(["git", "-C", str(p), "reset"], check=True) - res = subprocess.run( - [ - "git", - "-C", - str(p), - "rev-parse", - "--abbrev-ref", - "--symbolic-full-name", - "@{u}", - ], - stderr=subprocess.DEVNULL, - stdout=subprocess.PIPE, - encoding="utf-8", - ) - if res.returncode != 0: - ref = "HEAD" - else: - ref = res.stdout.strip("\n ") - print(f"resetting {r.name} to ref {ref}") - subprocess.run(["git", "-C", str(p), "reset", "--hard", ref], check=True) - - -def default_configure(*extra): - pfx = Path.home() / "local" - extra_list = list(extra) - if int(os.environ.get("TALER_COVERAGE")): - extra_list.append("--enable-coverage") - subprocess.run(["./configure", f"--prefix={pfx}"] + extra_list, check=True) - -def default_configure_nc(*extra): - """Variant of default_configure() that does NEVER add --enable-coverage""" - pfx = Path.home() / "local" - extra_list = list(extra) - subprocess.run(["./configure", f"--prefix={pfx}"] + extra_list, check=True) - - -def pyconfigure(*extra): - """For python programs, --prefix doesn't work.""" - subprocess.run(["./configure"] + list(extra), check=True) - - -def build_libeufin(r: Repo, p: Path): - update_checkout(r, p) - subprocess.run(["./bootstrap"], check=True) - default_configure_nc() - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - -def build_libmicrohttpd(r: Repo, p: Path): - update_checkout(r, p) - subprocess.run(["./bootstrap"], check=True) - # Debian gnutls packages are too old ... - default_configure("--with-gnutls=/usr/local") - subprocess.run(["make"], check=True) - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - - -def build_gnunet(r: Repo, p: Path): - update_checkout(r, p) - subprocess.run(["./bootstrap"], check=True) - pfx = Path.home() / "local" - default_configure( - "--enable-logging=verbose", - f"--with-microhttpd={pfx}", - "--disable-documentation", - ) - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - - -def build_exchange(r: Repo, p: Path): - update_checkout(r, p) - subprocess.run(["./bootstrap"], check=True) - pfx = Path.home() / "local" - default_configure( - "CFLAGS=-ggdb -O0", - "--enable-logging=verbose", - f"--with-microhttpd={pfx}", - f"--with-gnunet={pfx}", - ) - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - - -def build_wallet(r, p): - update_checkout(r, p) - subprocess.run(["./bootstrap"], check=True) - default_configure_nc() - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - -def build_twister(r, p): - update_checkout(r, p) - subprocess.run(["./bootstrap"], check=True) - pfx = Path.home() / "local" - default_configure( - "CFLAGS=-ggdb -O0", - "--enable-logging=verbose", - f"--with-exchange={pfx}", - f"--with-gnunet={pfx}", - ) - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - - -def build_merchant(r, p): - update_checkout(r, p) - subprocess.run(["./bootstrap"], check=True) - pfx = Path.home() / "local" - default_configure( - "CFLAGS=-ggdb -O0", - "--enable-logging=verbose", - f"--with-microhttpd={pfx}", - f"--with-exchange={pfx}", - f"--with-gnunet={pfx}", - "--disable-doc", - ) - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - -def build_sync(r, p): - update_checkout(r, p) - subprocess.run(["./bootstrap"], check=True) - pfx = Path.home() / "local" - default_configure( - "CFLAGS=-ggdb -O0", - "--enable-logging=verbose", - f"--with-microhttpd={pfx}", - f"--with-exchange={pfx}", - f"--with-merchant={pfx}", - f"--with-gnunet={pfx}", - "--disable-doc", - ) - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - - -def build_demos(r, p): - update_checkout(r, p) - pfx = Path.home() / "local" - pyconfigure() - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - -def build_backoffice(r, p): - update_checkout(r, p) - subprocess.run(["./bootstrap"]) - subprocess.run(["./configure"]) - subprocess.run(["make", "build-single"]) - (p / "taler-buildstamp").touch() - -def build_docs(r, p): - update_checkout(r, p) - subprocess.run(["./bootstrap"], check=True) - pfx = Path.home() / "local" - subprocess.run(["make", "install"], check=True) - (p / "taler-buildstamp").touch() - - -def get_repos(envname): - """Get a list of repos (topologically sorted) that should be build for the - given environment""" - print(f"Loading return repositories for {envname}.", file=sys.stderr) - if envname in ("demochecker",): - return [] - if envname in ("docs-builder",): - return [ - Repo( - "libeufin", - "git://git.taler.net/libeufin.git", - [], - build_libeufin, - ), - Repo( - "libmicrohttpd", - "git://git.gnunet.org/libmicrohttpd.git", - [], - build_libmicrohttpd, - ), - Repo( - "docs", - "git://git.taler.net/docs", - [], - build_docs, - ), - Repo( - "wallet-core", - "git://git.taler.net/wallet-core", - [], - build_wallet, - ), - Repo( - "exchange", - "git://git.taler.net/exchange", - ["gnunet", "libmicrohttpd"], - build_exchange, - ), - Repo( - "merchant", - "git://git.taler.net/merchant", - ["exchange","libmicrohttpd","gnunet"], - build_merchant, - ), - Repo( - "sync", - "git://git.taler.net/sync", - ["exchange", "merchant","gnunet","libmicrohttpd"], - build_sync, - ), - ] - if envname in ("int", "coverage", "integrationtest",): - return [ - Repo( - "libeufin", - "git://git.taler.net/libeufin.git", - [], - build_libeufin, - ), - Repo( - "libmicrohttpd", - "git://git.gnunet.org/libmicrohttpd.git", - [], - build_libmicrohttpd, - ), - Repo( - "gnunet", - "git://git.gnunet.org/gnunet.git", - ["libmicrohttpd"], - build_gnunet), - Repo( - "wallet-core", - "git://git.taler.net/wallet-core", - [], - build_wallet, - ), - Repo( - "exchange", - "git://git.taler.net/exchange", - ["gnunet", "libmicrohttpd", "wallet-core"], - build_exchange, - ), - Repo( - "merchant", - "git://git.taler.net/merchant", - ["exchange", "libmicrohttpd", "gnunet"], - build_merchant, - ), - Repo( - "sync", - "git://git.taler.net/sync", - ["exchange", "merchant", "gnunet", "libmicrohttpd"], - build_sync, - ), - ] - - # Note: these are currently not in use! - if envname in ("euro", "chf"): - return [ - Repo( - "libeufin", - "git://git.taler.net/libeufin.git", - [], - build_libeufin, - ), - Repo( - "libmicrohttpd", - "git://git.gnunet.org/libmicrohttpd.git", - [], - build_libmicrohttpd, - ), - Repo( - "gnunet", - "git://git.gnunet.org/gnunet.git", - ["libmicrohttpd"], - build_gnunet, - ), - Repo( - "exchange", - "git://git.taler.net/exchange", - ["gnunet", "libmicrohttpd"], - build_exchange, - ), - Repo( - "merchant", - "git://git.taler.net/merchant", - ["exchange", "libmicrohttpd"], - build_merchant, - ), - Repo( - "taler-merchant-demos", - "git://git.taler.net/taler-merchant-demos", - [], - build_demos, - ), - ] - if envname in ("tanker", "local", "demo", "int", "test", "auditor-reporter-test", "auditor-reporter-demo"): - return [ - Repo( - "libeufin", - "git://git.taler.net/libeufin.git", - [], - build_libeufin, - ), - Repo( - "wallet-core", - "git://git.taler.net/wallet-core", - [], - build_wallet, - ), - Repo( - "libmicrohttpd", - "git://git.gnunet.org/libmicrohttpd.git", - [], - build_libmicrohttpd, - ), - Repo( - "gnunet", - "git://git.gnunet.org/gnunet.git", - ["libmicrohttpd"], - build_gnunet, - ), - Repo( - "twister", - "git://git.taler.net/twister", - ["gnunet", "libmicrohttpd"], - build_twister, - ), - Repo( - "exchange", - "git://git.taler.net/exchange", - ["gnunet", "libmicrohttpd", "twister", "wallet-core"], - build_exchange, - ), - Repo( - "merchant", - "git://git.taler.net/merchant", - ["exchange", "libmicrohttpd", "gnunet"], - build_merchant, - ), - Repo( - "sync", - "git://git.taler.net/sync", - ["exchange", "merchant", "gnunet", "libmicrohttpd"], - build_sync, - ), - Repo( - "taler-merchant-demos", - "git://git.taler.net/taler-merchant-demos", - [], - build_demos, - ), - ] - raise Exception(f"no repos defined for envname {envname}") - - -def ensure_activated(): - """Make sure that the environment variables have been - loaded correctly via the ~/activate script""" - ts = os.environ.get("TALER_BOOTSTRAP_TIMESTAMP") - if ts is None: - print("Please do 'source ~/activate' first.", file=sys.stderr) - sys.exit(1) - out = subprocess.check_output( - ["bash", "-c", "source ~/activate; echo $TALER_BOOTSTRAP_TIMESTAMP"], - encoding="utf-8", - ) - out = out.strip(" \n") - if out != ts: - print( - f"Please do 'source ~/activate'. Current ts={ts}, new ts={out}", - file=sys.stderr, - ) - sys.exit(1) - - -def update_repos(cfg, repos: List[Repo]) -> None: - for r in repos: - tag = getattr(cfg, "tag_" + r.name.replace("-", "_")) - if tag == "SKIP": - continue - r_dir = Path.home() / "sources" / r.name - subprocess.run(["git", "-C", str(r_dir), "fetch"], check=True) - res = subprocess.run( - ["git", "-C", str(r_dir), "status", "-sb"], - check=True, - stdout=subprocess.PIPE, - encoding="utf-8", - ) - if "behind" in res.stdout: - print(f"new commits in {r}") - s = r_dir / "taler-buildstamp" - if s.exists(): - s.unlink() - - -def get_stale_repos(repos: List[Repo]) -> List[Repo]: - timestamps = {} - stale = [] - for r in repos: - r_dir = Path.home() / "sources" / r.name - s = r_dir / "taler-buildstamp" - if not s.exists(): - timestamps[r.name] = time.time() - stale.append(r) - continue - ts = timestamps[r.name] = s.stat().st_mtime - for dep in r.deps: - if timestamps[dep] > ts: - stale.append(r) - break - return stale - - -allowed_envs = ( - "test", - "int", - "demo", - "auditor-reporter-test", - "auditor-reporter-demo", - "docs-builder", - "euro", - "chf", - "coverage", - "integrationtest", - "local", - "tanker" -) - -def load_apitoken(): - apitoken_path = Path.home() / "envcfg.py" - if not os.path.isfile(apitoken_path): - return None - with open(apitoken_path, "r") as f: - return f.readline() - -def load_envcfg(): - cfg = types.ModuleType("taler_deployment_cfg") - envcfg_path = Path.home() / "envcfg.py" - if not os.path.isfile(envcfg_path): - return None - print(f"Loading configuration from {envcfg_path}.", file=sys.stderr) - cfgtext = envcfg_path.read_text() - exec(cfgtext, cfg.__dict__) - return cfg - - -def get_env_info(cfg): - envname = getattr(cfg, "env") - if envname not in allowed_envs: - print(f"env '{envname}' not supported") - sys.exit(1) - repos = get_repos(envname) - return EnvInfo(envname, repos, cfg) - - -@cli.command() -def build() -> None: - """Build the deployment from source.""" - ensure_activated() - cfg = load_envcfg() - if not cfg: - print("Please create ~/envcfg.py (template in deployment.git can help)") - return 1 - env_info = get_env_info(cfg) - update_repos(cfg, env_info.repos) - stale = get_stale_repos(env_info.repos) - print(f"found stale repos: {stale}") - for r in stale: - tag = getattr(cfg, "tag_" + r.name.replace("-", "_")) - if tag == "SKIP": - continue - p = Path.home() / "sources" / r.name - os.chdir(str(p)) - r.builder(r, p) - - -# repos does not contain distro-installed components -def checkout_repos(cfg, repos): - """Check out repos to the version specified in envcfg.py""" - home = Path.home() - sources = home / "sources" - for r in repos: - r_dir = home / "sources" / r.name - tag = getattr(cfg, "tag_" + r.name.replace("-", "_")) - if tag == "SKIP": - continue - if not r_dir.exists(): - r_dir.mkdir(parents=True, exist_ok=True) - subprocess.run(["git", "-C", str(sources), "clone", r.url], check=True) - subprocess.run(["git", "-C", str(r_dir), "fetch"], check=True) - subprocess.run( - ["git", "-C", str(r_dir), "checkout", "-q", "-f", tag, "--"], check=True, - ) - - -@cli.command() -def sync_repos() -> None: - """Sync repos with the envcfg.py file.""" - home = Path.home() - cfg = load_envcfg() - if not cfg: - print("Please create ~/envcfg.py (template in deployment.git can help)") - return 1 - env_info = get_env_info(cfg) - repos = env_info.repos - checkout_repos(cfg, repos) - for r in repos: - r_dir = home / "sources" / r.name - subprocess.run(["git", "-C", str(r_dir), "clean", "-fdx"], check=True) - -@cli.command() -def bootstrap() -> None: - """Bootstrap a GNU Taler deployment.""" - home = Path.home() - cfg = load_envcfg() - if not cfg: - print("Please create ~/envcfg.py (template in deployment.git can help)") - return 1 - env_info = get_env_info(cfg) - repos = env_info.repos - envname = env_info.name - checkout_repos(cfg,repos) - - # Generate $PATH variable that will be set in the activate script. - local_path = str(Path.home() / "local" / "bin") - deployment_path = str(Path.home() / "deployment" / "bin") - path_list = os.environ["PATH"].split(":") - if local_path not in path_list: - path_list.insert(0, local_path) - if deployment_path not in path_list: - path_list.insert(0, deployment_path) - - token_file = Path.home() / "merchant_auth_token" - if not token_file.is_file(): - with token_file.open("w") as f: - f.write(generate_apitoken()) - print(f"Token file '{token_file}' created.") - - sandbox_admin_password_file = Path.home() / "libeufin_admin_password" - if not sandbox_admin_password_file.is_file(): - with sandbox_admin_password_file.open("w") as f: - f.write(generate_password()) - print(f"Libeufin Sandbox admin password file '{sandbox_admin_password_file}' created.") - - with (home / "activate").open("w") as f: - f.write( - activate_template.format( - envname=envname, - timestamp=str(time.time()), - currency=currmap[envname], - curr_path=":".join(path_list), - coverage=1 if envname == "coverage" else 0, - **get_urls(envname) - ) - ) - if envname != "local": - (home / "sockets").mkdir(parents=True, exist_ok=True) - - if envname in ("test", "int", "local"): - (home / "taler-data").mkdir(parents=True, exist_ok=True) - if envname == "demo": - setup_service("config-tips.timer") - create_bb_worker( - "tips-checker.service", "tips-checker-dir", - "tips-checker-worker", "tips-checker-pass" - ) - - if not (home / "taler-data").exists(): - (home / "taler-data").symlink_to("/home/demo/shared-data") - - if envname == "integrationtest": - create_bb_worker("buildbot-worker-wallet.service", "worker", "wallet-worker", "wallet-pass") - - if envname == "test": - create_bb_worker("buildbot-worker-taler.service", "bb-worker", "test-worker", "test-pass") - setup_service("config-tips.timer") - - elif envname in ("auditor-reporter-test", "auditor-reporter-demo"): - create_bb_worker("buildbot-worker-auditor.service", "worker", "auditor-worker", "auditor-pass") - elif envname == "demo-checker": - create_bb_worker("buildbot-worker-taler-healthcheck.service", "bb-worker", "demo-worker", "demo-pass") - elif envname == "coverage": - create_bb_worker("buildbot-worker-lcov.service", "worker", "lcov-worker", "lcov-pass") - - www_path = Path.home() / "www" - www_path.mkdir(exist_ok=True) - if not os.path.islink(www_path / "merchant"): - os.symlink( - Path.home() / "sources" / "merchant" / "coverage_report", - www_path / "merchant", - ) - if not os.path.islink(www_path / "exchange"): - os.symlink( - Path.home() / "sources" / "exchange" / "coverage_report", - www_path / "exchange", - ) - if not os.path.islink(www_path / "sync"): - os.symlink( - Path.home() / "sources" / "sync" / "coverage_report", - www_path / "sync", - ) - - print("Bootstrap finished.") - print("Please source the ~/activate file before proceeding.") - - -def create_bb_worker(systemd_unit, dirname, workername, workerpw): - home = Path.home() - bb_dir = home / dirname - if bb_dir.exists(): - return - subprocess.run( - [ - "buildbot-worker", - "create-worker", - "--umask=0o22", - str(bb_dir), - "localhost:9989", - workername, - workerpw, - ], - check=True, - ) - setup_service (systemd_unit) - -def setup_service(systemd_unit): - sc_path = Path.home() / ".config" / "systemd" / "user" - sc_path.mkdir(exist_ok=True,parents=True) - sc_unit = Path.home() / "deployment" / "systemd-services" / systemd_unit - copy(sc_unit, sc_path) - - # If a timer got just installed, the related service - # file needs to be installed now. - split_filename = systemd_unit.split(".") - if "timer" == split_filename[-1]: - copy(Path.home() / "deployment" / "systemd-services" / f"{split_filename[0]}.service", sc_path) - - subprocess.run( - [ - "systemctl", - "--user", - "daemon-reload", - ], - check=True, - ) - subprocess.run( - [ - "systemctl", - "--user", - "enable", - systemd_unit - ], - check=True, - ) - subprocess.run( - [ - "systemctl", - "--user", - "start", - systemd_unit - ], - check=True, - ) - -if __name__ == "__main__": - cli() diff --git a/bin/taler-deployment-arm b/bin/taler-deployment-arm deleted file mode 100755 index e1c2112..0000000 --- a/bin/taler-deployment-arm +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash - -set -eu - -export GNUNET_FORCE_LOG="util;;;;WARNING/taler;;;;DEBUG/twister;;;;DEBUG" -export GNUNET_BASE_CONFIG=$HOME/deployment/taler-arm -export PATH="$HOME/local/bin":$PATH - -ulimit -c $((100 * 1024)) -mkdir -p $HOME/logs -exec gnunet-arm -c $HOME/deployment/gnunet.conf "$@" diff --git a/bin/taler-deployment-auditor b/bin/taler-deployment-auditor deleted file mode 100755 index f90c7fb..0000000 --- a/bin/taler-deployment-auditor +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash - -# serve landing page via uwsgi - -base=$HOME - -export PATH="$base/deployment":$PATH - -ulimit -c $((100 * 1024)) - -mkdir -p $HOME/sockets - - -# redirect / to index.html, -# serve static files from $HOME/auditor -exec uwsgi \ - --mimefile /etc/mime.types \ - --socket $HOME/sockets/auditor.uwsgi \ - --chmod-socket=660 \ - --route "^/?$ redirect:index.html" \ - --route "^/(.+) addvar:FILE=$HOME/auditor/\$1" \ - --route-if "exists:\${FILE} static:\${FILE}" \ - --route "^/(.+) break:404 not found" diff --git a/bin/taler-deployment-auth-token b/bin/taler-deployment-auth-token deleted file mode 100755 index 03c0620..0000000 --- a/bin/taler-deployment-auth-token +++ /dev/null @@ -1,36 +0,0 @@ -#!/usr/bin/env python3 - -# This file is part of GNU Taler. -# -# GNU Taler is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# GNU Taler is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with GNU Taler. If not, see <https://www.gnu.org/licenses/>. - -import random -import os -import sys -from pathlib import Path -from string import ascii_letters, ascii_uppercase - -TOKEN_FILE = Path.home() / "merchant_auth_token" - -def generate_apitoken(): - return "secret-token:" + ''.join(random.choices(ascii_letters + ascii_uppercase, k=10)) - -if TOKEN_FILE.is_file(): - print("~/merchant_auth_token exists already. Not overwriting it!") - sys.exit(0) - -with TOKEN_FILE.open("w") as f: - f.write(generate_apitoken()) - -print(f"Token file '{TOKEN_FILE}' created") diff --git a/bin/taler-deployment-config-generate b/bin/taler-deployment-config-generate deleted file mode 100755 index 0db9ee7..0000000 --- a/bin/taler-deployment-config-generate +++ /dev/null @@ -1,277 +0,0 @@ -#!/usr/bin/env python3 -import click -import sys -from collections import OrderedDict -import json -import os -import urllib.parse -import stat -from taler_urls import get_urls, get_port - - -class ConfigFile: - def __init__(self, envname, currency, exchange_pub, filename): - self.sections = OrderedDict() - self.envname = envname - self.filename = filename - self.currency = currency - self.exchange_pub = exchange_pub - - def destroy(self): - del self.sections - self.sections = OrderedDict() - - def cfg_put(self, section_name, key, value): - s = self.sections[section_name] = self.sections.get(section_name, OrderedDict()) - s[key] = value - - def cfg_write(self, outdir): - - if outdir: - fstream = open(os.path.join(outdir, self.filename), "w") - else: - fstream = open(sys.stdout) - - for section_name, section in self.sections.items(): - fstream.write("[" + section_name + "]" + "\n") - for key, value in section.items(): - fstream.write(key + " = " + value + "\n") - fstream.write("\n") - fstream.close() - - -def coin( - obj, - name, - value, - d_withdraw="3 years", - d_spend="5 years", - d_legal="10 years", - f_withdraw="0.01", - f_deposit="0.01", - f_refresh="0.01", - f_refund="0.01", - rsa_keysize="2048", -): - sec = "coin_" + obj.currency + "_" + name - obj.cfg_put(sec, "cipher", "RSA") - obj.cfg_put(sec, "value", obj.currency + ":" + value) - obj.cfg_put(sec, "duration_withdraw", d_withdraw) - obj.cfg_put(sec, "duration_spend", d_spend) - obj.cfg_put(sec, "duration_legal", d_legal) - obj.cfg_put(sec, "fee_withdraw", obj.currency + ":" + f_withdraw) - obj.cfg_put(sec, "fee_refresh", obj.currency + ":" + f_refresh) - obj.cfg_put(sec, "fee_refund", obj.currency + ":" + f_refund) - obj.cfg_put(sec, "fee_deposit", obj.currency + ":" + f_deposit) - obj.cfg_put(sec, "rsa_keysize", rsa_keysize) - - -def config(obj): - urls = get_urls(obj.envname) - obj.cfg_put("paths", "TALER_DATA_HOME", "${HOME}/taler-data") - obj.cfg_put("paths", "TALER_RUNTIME_DIR", "${HOME}/taler-runtime") - obj.cfg_put("taler", "CURRENCY", obj.currency) - obj.cfg_put("taler", "CURRENCY_ROUND_UNIT", f"{obj.currency}:0.01") - - obj.cfg_put("kyc-provider-example-persona", "COST", "42"); - obj.cfg_put("kyc-provider-example-persona", "LOGIC", "persona"); - obj.cfg_put("kyc-provider-example-persona", "USER_TYPE", "INDIVIDUAL"); - obj.cfg_put("kyc-provider-example-persona", "PROVIDED_CHECKS", "DUMMY"); - obj.cfg_put("kyc-provider-example-persona", "PERSONA_VALIDITY", "forever"); - obj.cfg_put("kyc-provider-example-persona", "PERSONA_SUBDOMAIN", "taler"); - obj.cfg_put("kyc-provider-example-persona", "PERSONA_AUTH_TOKEN", "persona_sandbox_b1c70e49-b333-4f3c-b356-f0ed05029241"); - obj.cfg_put("kyc-provider-example-persona", "PERSONA_TEMPLATE_ID", "itmpl_Uj6X5J3GPT9kbuAZTLg7AUMx"); - obj.cfg_put("kyc-provider-example-persona", "KYC_POST_URL", "https://demo.taler.net/"); - - obj.cfg_put("kyc-legitimization-balance-high", "OPERATION_TYPE", "BALANCE"); - obj.cfg_put("kyc-legitimization-balance-high", "REQUIRED_CHECKS", "DUMMY"); - obj.cfg_put("kyc-legitimization-balance-high", "THRESHOLD", obj.currency + ":15"); - obj.cfg_put("kyc-legitimization-deposit-any", "OPERATION_TYPE", "DEPOSIT"); - obj.cfg_put("kyc-legitimization-deposit-any", "REQUIRED_CHECKS", "DUMMY"); - obj.cfg_put("kyc-legitimization-deposit-any", "THRESHOLD", obj.currency + ":15"); - obj.cfg_put("kyc-legitimization-deposit-any", "TIMEFRAME", "1d"); - obj.cfg_put("kyc-legitimization-withdraw", "OPERATION_TYPE", "WITHDRAW"); - obj.cfg_put("kyc-legitimization-withdraw", "REQUIRED_CHECKS", "DUMMY"); - obj.cfg_put("kyc-legitimization-withdraw", "THRESHOLD", obj.currency + ":15"); - obj.cfg_put("kyc-legitimization-withdraw", "TIMEFRAME", "1d"); - obj.cfg_put("kyc-legitimization-merge", "OPERATION_TYPE", "MERGE"); - obj.cfg_put("kyc-legitimization-merge", "REQUIRED_CHECKS", "DUMMY"); - obj.cfg_put("kyc-legitimization-merge", "THRESHOLD", obj.currency + ":15"); - obj.cfg_put("kyc-legitimization-merge", "TIMEFRAME", "1d"); - - obj.cfg_put("bank", "serve", "http") - obj.cfg_put("bank", "http_port", urls["libeufin"]) - obj.cfg_put("bank", "max_debt", "%s:500.0" % obj.currency) - obj.cfg_put("bank", "max_debt_bank", "%s:1000000000.0" % obj.currency) - obj.cfg_put("bank", "allow_registrations", "YES") - obj.cfg_put("bank", "base_url", urls["bank"]) - obj.cfg_put("bank", "database", "postgres:///taler{}".format(obj.envname)) - obj.cfg_put("bank", "suggested_exchange", urls["exchange"]) - - obj.cfg_put("donations", "serve", "uwsgi") - obj.cfg_put("donations", "uwsgi_serve", "unix") - obj.cfg_put("donations", "uwsgi_unixpath", "$HOME/sockets/donations.uwsgi") - obj.cfg_put("donations", "uwsgi_unixpath_mode", "660") - - obj.cfg_put("landing", "serve", "uwsgi") - obj.cfg_put("landing", "uwsgi_serve", "unix") - obj.cfg_put("landing", "uwsgi_unixpath", "$HOME/sockets/landing.uwsgi") - obj.cfg_put("landing", "uwsgi_unixpath_mode", "660") - - obj.cfg_put("blog", "serve", "uwsgi") - obj.cfg_put("blog", "uwsgi_serve", "unix") - obj.cfg_put("blog", "uwsgi_unixpath", "$HOME/sockets/shop.uwsgi") - obj.cfg_put("blog", "uwsgi_unixpath_mode", "660") - - obj.cfg_put("survey", "serve", "uwsgi") - obj.cfg_put("survey", "uwsgi_serve", "unix") - obj.cfg_put("survey", "uwsgi_unixpath", "$HOME/sockets/survey.uwsgi") - obj.cfg_put("survey", "uwsgi_unixpath_mode", "660") - obj.cfg_put("survey", "bank_password", "x") - - if obj.envname != "local": - obj.cfg_put("merchant", "serve", "unix") - obj.cfg_put("merchant", "unixpath", "$HOME/sockets/merchant.http") - else: - obj.cfg_put("merchant", "serve", "tcp") - obj.cfg_put("merchant", "port", get_port(urls["merchant_backend"])) - - obj.cfg_put("merchant", "wire_transfer_delay", "0 s") - obj.cfg_put("merchant", "default_max_wire_fee", obj.currency + ":" + "0.01") - obj.cfg_put("merchant", "default_max_deposit_fee", obj.currency + ":" + "0.05") - obj.cfg_put( - "merchantdb-postgres", "config", "postgres:///taler{}".format(obj.envname) - ) - - obj.cfg_put("frontends", "backend", urls["merchant_backend"]) - - obj.cfg_put( - "merchant-exchange-{}".format(obj.currency), "master_key", obj.exchange_pub - ) - obj.cfg_put("merchant-exchange-{}".format(obj.currency), "currency", obj.currency) - - obj.cfg_put( - "merchant-exchange-{}".format(obj.currency), - "exchange_base_url", - urls["exchange"], - ) - - obj.cfg_put("auditor", "serve", "unix") - obj.cfg_put("auditor", "base_url", urls["auditor"]) - obj.cfg_put("auditor", "auditor_url", urls["auditor"]) - obj.cfg_put("auditor", "unixpath", "$HOME/sockets/auditor.http") - obj.cfg_put("auditor", "tiny_amount", obj.currency + ":0.01") - - obj.cfg_put("taler-exchange-secmod-eddsa", "unixpath", "$HOME/sockets/taler-exchange-secmod-eddsa.sock") - obj.cfg_put("taler-exchange-secmod-rsa", "unixpath", "$HOME/sockets/taler-exchange-secmod-rsa.sock") - obj.cfg_put("taler-exchange-secmod-rsa", "sm_priv_key", "${TALER_DATA_HOME}/taler-exchange-secmod-rsa/secmod-private-key") - obj.cfg_put("taler-exchange-secmod-cs", "unixpath", "$HOME/sockets/taler-exchange-secmod-cs.sock") - obj.cfg_put("taler-exchange-secmod-cs", "sm_priv_key", "${TALER_DATA_HOME}/taler-exchange-secmod-cs/secmod-private-key") - - obj.cfg_put("exchange", "base_url", urls["exchange"]) - - if obj.envname != "local": - obj.cfg_put("exchange", "serve", "unix") - obj.cfg_put("exchange", "unixpath", "$HOME/sockets/exchange.http") - else: - obj.cfg_put("exchange", "serve", "tcp") - obj.cfg_put("exchange", "port", get_port(urls["exchange"])) - - obj.cfg_put("exchange", "master_public_key", obj.exchange_pub) - obj.cfg_put("exchange", "terms_etag", "0") - obj.cfg_put("exchange", "terms_dir", "$HOME/local/share/taler/exchange/tos") - obj.cfg_put("exchange", "privacy_etag", "0") - obj.cfg_put("exchange", "privacy_dir", "$HOME/local/share/taler/exchange/pp") - - - obj.cfg_put( - "exchangedb-postgres", "db_conn_str", "postgres:///taler{}".format(obj.envname) - ) - obj.cfg_put( - "exchangedb-postgres", "config", "postgres:///taler{}".format(obj.envname) - ) - obj.cfg_put( - "auditordb-postgres", "db_conn_str", "postgres:///taler{}".format(obj.envname) - ) - obj.cfg_put( - "auditordb-postgres", "config", "postgres:///taler{}".format(obj.envname) - ) - - bank_acct_url = "{}taler-wire-gateway/Exchange/".format(urls["bank"]) - - obj.cfg_put( - "exchange-account-1", "payto_uri", "{}Exchange".format(urls["talerbank_payto"]) - ) - obj.cfg_put("exchange-account-1", "enable_debit", "yes") - obj.cfg_put("exchange-account-1", "enable_credit", "yes") - obj.cfg_put("exchange-accountcredentials-1", "wire_gateway_auth_method", "basic") - obj.cfg_put("exchange-accountcredentials-1", "wire_gateway_url", bank_acct_url) - obj.cfg_put("exchange-accountcredentials-1", "username", "Exchange") - obj.cfg_put("exchange-accountcredentials-1", "password", "x") - - obj.cfg_put( - "merchant-account-merchant", - "payto_uri", - "{}Tutorial".format(urls["talerbank_payto"]), - ) - obj.cfg_put( - "merchant-account-merchant", - "wire_response", - "${TALER_DATA_HOME}/merchant/wire/merchant.json", - ) - obj.cfg_put("merchant-account-merchant", "wire_file_mode", "770") - - # The following block should be obsoleted by the new API to configure instances. - merchant_instance_names = ("default", "Tor", "GNUnet", "Taler", "FSF", "Tutorial") - for mi in merchant_instance_names: - obj.cfg_put("merchant-account-merchant", f"HONOR_{mi}", "YES") - obj.cfg_put("merchant-account-merchant", f"ACTIVE_{mi}", "YES") - - coin(obj, "ct_10", "0.10") - coin(obj, "1", "1") - coin(obj, "2", "2") - coin(obj, "5", "5") - coin(obj, "10", "10") - coin(obj, "1000", "1000") - - -@click.command() -@click.option("--currency", default="KUDOS") -@click.option("--envname", default="demo") -@click.option("--outdir", required=True) -@click.option("--exchange-pub", required=True) -# Expected to contain already the 'secret-token:' scheme. -@click.option("--frontends-apitoken", required=True) -def main(currency, envname, outdir, exchange_pub, frontends_apitoken): - - if envname not in ("tanker", "demo", "test", "int", "euro", "chf", "local"): - print("envname (%s) not demo/test/int, aborting config generation" % envname) - return - - config_files = [] - - mc = ConfigFile(envname, currency, exchange_pub, "taler.conf") - mc.cfg_put("frontends", "backend_apikey", f"{frontends_apitoken}") - config(mc) - config_files.append(mc) - - urls = get_urls(envname) - - sc = ConfigFile(envname, currency, exchange_pub, "sync.conf") - sc.cfg_put("taler", "currency", currency) - sc.cfg_put("sync", "serve", "unix") - sc.cfg_put("sync", "unixpath", "$HOME/sockets/sync.http") - sc.cfg_put("sync", "apikey", f"Bearer {frontends_apitoken}") - sc.cfg_put("sync", "annual_fee", f"{currency}:0.1") - sc.cfg_put("sync", "fulfillment_url", "taler://fulfillment-success/") - sc.cfg_put("sync", "payment_backend_url", urls["merchant_backend"] + "instances/Taler/") - sc.cfg_put("syncdb-postgres", "config", f"postgres:///taler{envname}") - config_files.append(sc) - - assert 0 < len(config_files) - for obj in config_files: - obj.cfg_write(outdir) - - -if __name__ == "__main__": - main() diff --git a/bin/taler-deployment-config-generate-sepa b/bin/taler-deployment-config-generate-sepa deleted file mode 100755 index e2ea83a..0000000 --- a/bin/taler-deployment-config-generate-sepa +++ /dev/null @@ -1,265 +0,0 @@ -#!/usr/bin/env python3 -import click -import sys -from collections import OrderedDict -import json -import os -import urllib.parse -import stat -from taler_urls import get_urls, get_port - - -class ConfigFile: - def __init__(self, envname, currency, exchange_pub, filename): - self.sections = OrderedDict() - self.envname = envname - self.filename = filename - self.currency = currency - self.exchange_pub = exchange_pub - - def destroy(self): - del self.sections - self.sections = OrderedDict() - - def cfg_put(self, section_name, key, value): - s = self.sections[section_name] = self.sections.get(section_name, OrderedDict()) - s[key] = value - - def cfg_write(self, outdir): - - if outdir: - fstream = open(os.path.join(outdir, self.filename), "w") - else: - fstream = open(sys.stdout) - - for section_name, section in self.sections.items(): - fstream.write("[" + section_name + "]" + "\n") - for key, value in section.items(): - fstream.write(key + " = " + value + "\n") - fstream.write("\n") - fstream.close() - - -def coin( - obj, - name, - value, - d_withdraw="3 years", - d_spend="5 years", - d_legal="10 years", - f_withdraw="0.01", - f_deposit="0.01", - f_refresh="0.01", - f_refund="0.01", - rsa_keysize="2048", -): - sec = "coin_" + obj.currency + "_" + name - obj.cfg_put(sec, "value", obj.currency + ":" + value) - obj.cfg_put(sec, "duration_withdraw", d_withdraw) - obj.cfg_put(sec, "duration_spend", d_spend) - obj.cfg_put(sec, "duration_legal", d_legal) - obj.cfg_put(sec, "fee_withdraw", obj.currency + ":" + f_withdraw) - obj.cfg_put(sec, "fee_refresh", obj.currency + ":" + f_refresh) - obj.cfg_put(sec, "fee_refund", obj.currency + ":" + f_refund) - obj.cfg_put(sec, "fee_deposit", obj.currency + ":" + f_deposit) - obj.cfg_put(sec, "rsa_keysize", rsa_keysize) - - -def config(obj): - urls = get_urls(obj.envname) - obj.cfg_put("paths", "TALER_DATA_HOME", "${HOME}/taler-data") - obj.cfg_put("paths", "TALER_RUNTIME_DIR", "${HOME}/taler-runtime") - obj.cfg_put("taler", "CURRENCY", obj.currency) - obj.cfg_put("taler", "CURRENCY_ROUND_UNIT", f"{obj.currency}:0.01") - if obj.envname != "local": - obj.cfg_put("bank", "serve", "uwsgi") - obj.cfg_put("bank", "uwsgi_serve", "unix") - obj.cfg_put("bank", "uwsgi_unixpath", "$HOME/sockets/bank.uwsgi") - obj.cfg_put("bank", "uwsgi_unixpath_mode", "660") - else: - obj.cfg_put("bank", "serve", "http") - obj.cfg_put("bank", "http_port", get_port(urls["bank"])) - - obj.cfg_put("bank", "database", "taler" + obj.envname) - obj.cfg_put("bank", "max_debt", "%s:500.0" % obj.currency) - obj.cfg_put("bank", "max_debt_bank", "%s:1000000000.0" % obj.currency) - obj.cfg_put("bank", "allow_registrations", "YES") - obj.cfg_put("bank", "base_url", urls["bank"]) - obj.cfg_put("bank", "database", "postgres:///taler{}".format(obj.envname)) - obj.cfg_put("bank", "suggested_exchange", urls["exchange"]) - - obj.cfg_put("bank-admin", "uwsgi_serve", "unix") - obj.cfg_put("bank-admin", "uwsgi_unixpath", "$HOME/sockets/bank-admin.uwsgi") - obj.cfg_put("bank-admin", "uwsgi_unixpath_mode", "660") - - obj.cfg_put("donations", "serve", "uwsgi") - obj.cfg_put("donations", "uwsgi_serve", "unix") - obj.cfg_put("donations", "uwsgi_unixpath", "$HOME/sockets/donations.uwsgi") - obj.cfg_put("donations", "uwsgi_unixpath_mode", "660") - - obj.cfg_put("landing", "serve", "uwsgi") - obj.cfg_put("landing", "uwsgi_serve", "unix") - obj.cfg_put("landing", "uwsgi_unixpath", "$HOME/sockets/landing.uwsgi") - obj.cfg_put("landing", "uwsgi_unixpath_mode", "660") - - obj.cfg_put("blog", "serve", "uwsgi") - obj.cfg_put("blog", "uwsgi_serve", "unix") - obj.cfg_put("blog", "uwsgi_unixpath", "$HOME/sockets/shop.uwsgi") - obj.cfg_put("blog", "uwsgi_unixpath_mode", "660") - - obj.cfg_put("survey", "serve", "uwsgi") - obj.cfg_put("survey", "uwsgi_serve", "unix") - obj.cfg_put("survey", "uwsgi_unixpath", "$HOME/sockets/survey.uwsgi") - obj.cfg_put("survey", "uwsgi_unixpath_mode", "660") - obj.cfg_put("survey", "bank_password", "x") - - obj.cfg_put("backoffice-all", "backend", urls["merchant_backend"]) - - # Keep only one back-office service for all instances, for simplicity. - obj.cfg_put("backoffice-all", "uwsgi_serve", "unix") - obj.cfg_put("backoffice-all", "uwsgi_unixpath_mode", "660") - obj.cfg_put("backoffice-all", "uwsgi_unixpath", "$HOME/sockets/backoffice.uwsgi") - obj.cfg_put("backoffice-all", "instances", "FSF default Tor") - - if obj.envname != "local": - obj.cfg_put("merchant", "serve", "unix") - obj.cfg_put("merchant", "unixpath", "$HOME/sockets/merchant.http") - else: - obj.cfg_put("merchant", "serve", "tcp") - obj.cfg_put("merchant", "port", get_port(urls["merchant_backend"])) - - obj.cfg_put("merchant", "wire_transfer_delay", "0 s") - obj.cfg_put("merchant", "default_max_wire_fee", obj.currency + ":" + "0.01") - obj.cfg_put("merchant", "default_max_deposit_fee", obj.currency + ":" + "0.05") - obj.cfg_put( - "merchantdb-postgres", "config", "postgres:///taler{}".format(obj.envname) - ) - - obj.cfg_put("frontends", "backend", urls["merchant_backend"]) - - obj.cfg_put( - "merchant-exchange-{}".format(obj.currency), "master_key", obj.exchange_pub - ) - obj.cfg_put("merchant-exchange-{}".format(obj.currency), "currency", obj.currency) - - obj.cfg_put( - "merchant-exchange-{}".format(obj.currency), - "exchange_base_url", - urls["exchange"], - ) - - obj.cfg_put("auditor", "serve", "unix") - obj.cfg_put("auditor", "base_url", urls["auditor"]) - obj.cfg_put("auditor", "auditor_url", urls["auditor"]) - obj.cfg_put("auditor", "unixpath", "$HOME/sockets/auditor.http") - obj.cfg_put("auditor", "tiny_amount", obj.currency + ":0.01") - - obj.cfg_put("taler-exchange-secmod-eddsa", "unixpath", "$HOME/sockets/taler-exchange-secmod-eddsa.sock") - obj.cfg_put("taler-exchange-secmod-rsa", "unixpath", "$HOME/sockets/taler-exchange-secmod-rsa.sock") - obj.cfg_put("taler-exchange-secmod-rsa", "sm_priv_key", "${TALER_DATA_HOME}/taler-exchange-secmod-rsa/secmod-private-key") - obj.cfg_put("taler-exchange-secmod-cs", "unixpath", "$HOME/sockets/taler-exchange-secmod-cs.sock") - obj.cfg_put("taler-exchange-secmod-cs", "sm_priv_key", "${TALER_DATA_HOME}/taler-exchange-secmod-cs/secmod-private-key") - - obj.cfg_put("exchange", "base_url", urls["exchange"]) - - if obj.envname != "local": - obj.cfg_put("exchange", "serve", "unix") - obj.cfg_put("exchange", "unixpath", "$HOME/sockets/exchange.http") - else: - obj.cfg_put("exchange", "serve", "tcp") - obj.cfg_put("exchange", "port", get_port(urls["exchange"])) - - obj.cfg_put("exchange", "master_public_key", obj.exchange_pub) - obj.cfg_put("exchange", "terms_etag", "0") - obj.cfg_put("exchange", "terms_dir", "$HOME/local/share/taler-exchange/tos") - obj.cfg_put("exchange", "privacy_etag", "0") - obj.cfg_put("exchange", "privacy_dir", "$HOME/local/share/taler-exchange/pp") - - - obj.cfg_put( - "exchangedb-postgres", "db_conn_str", "postgres:///taler{}".format(obj.envname) - ) - obj.cfg_put( - "exchangedb-postgres", "config", "postgres:///taler{}".format(obj.envname) - ) - obj.cfg_put( - "auditordb-postgres", "db_conn_str", "postgres:///taler{}".format(obj.envname) - ) - obj.cfg_put( - "auditordb-postgres", "config", "postgres:///taler{}".format(obj.envname) - ) - - bank_acct_url = "{}taler-wire-gateway/Exchange/".format(urls["bank"]) - - obj.cfg_put("exchange-account-1", "payto_uri", - "{}/EX00000000000000000000".format(urls["sepa_payto"]) - ) - obj.cfg_put("exchange-account-1", "enable_debit", "yes") - obj.cfg_put("exchange-account-1", "enable_credit", "yes") - obj.cfg_put("exchange-accountcredentials-1", "wire_gateway_auth_method", "basic") - obj.cfg_put("exchange-accountcredentials-1", "wire_gateway_url", bank_acct_url) - obj.cfg_put("exchange-accountcredentials-1", "username", "Exchange") - obj.cfg_put("exchange-accountcredentials-1", "password", "x") - - obj.cfg_put("merchant-account-merchant", "payto_uri", - "{}/ME00000000000000000000".format(urls["sepa_payto"]), - ) - obj.cfg_put("merchant-account-merchant", "wire_response", - "${TALER_DATA_HOME}/merchant/wire/merchant.json", - ) - obj.cfg_put("merchant-account-merchant", "wire_file_mode", "770") - - # The following block should be obsoleted by the new API to configure instances. - merchant_instance_names = ("default", "Tor", "GNUnet", "Taler", "FSF", "Tutorial") - for mi in merchant_instance_names: - obj.cfg_put("merchant-account-merchant", f"HONOR_{mi}", "YES") - obj.cfg_put("merchant-account-merchant", f"ACTIVE_{mi}", "YES") - - coin(obj, "ct_10", "0.10") - coin(obj, "1", "1") - coin(obj, "2", "2") - coin(obj, "5", "5") - coin(obj, "10", "10") - coin(obj, "1000", "1000") - - -@click.command() -@click.option("--currency", default="KUDOS") -@click.option("--envname", default="demo") -@click.option("--outdir", required=True) -@click.option("--exchange-pub", required=True) -# Expected to contain already the 'secret-token:' scheme. -@click.option("--frontends-apitoken", required=True) -def main(currency, envname, outdir, exchange_pub, frontends_apitoken): - - if envname not in ("tanker", "demo", "test", "int", "euro", "chf", "local"): - print("envname (%s) not demo/test/int, aborting config generation" % envname) - return - - config_files = [] - - mc = ConfigFile(envname, currency, exchange_pub, "taler.conf") - mc.cfg_put("frontends", "backend_apikey", f"{frontends_apitoken}") - config(mc) - config_files.append(mc) - - urls = get_urls(envname) - - sc = ConfigFile(envname, currency, exchange_pub, "sync.conf") - sc.cfg_put("taler", "currency", currency) - sc.cfg_put("sync", "serve", "unix") - sc.cfg_put("sync", "unixpath", "$HOME/sockets/sync.http") - sc.cfg_put("sync", "apikey", f"Bearer {frontends_apitoken}") - sc.cfg_put("sync", "annual_fee", f"{currency}:0.1") - sc.cfg_put("sync", "fulfillment_url", "taler://fulfillment-success/") - sc.cfg_put("sync", "payment_backend_url", urls["merchant_backend"] + "instances/Taler/") - sc.cfg_put("syncdb-postgres", "config", f"postgres:///taler{envname}") - config_files.append(sc) - - assert 0 < len(config_files) - for obj in config_files: - obj.cfg_write(outdir) - - -if __name__ == "__main__": - main() diff --git a/bin/taler-deployment-config-instances b/bin/taler-deployment-config-instances deleted file mode 100755 index e1005b4..0000000 --- a/bin/taler-deployment-config-instances +++ /dev/null @@ -1,229 +0,0 @@ -#!/usr/bin/env python3 - -""" -This script makes sure that the merchant backend instances used by the -test/demo environment are created. - -We assume that the merchant backend is running, and that the "~/activate" -file has been sourced to provide the right environment variables. -""" - -import requests -from os import environ, system -from sys import exit -from urllib.parse import urljoin -from subprocess import Popen -from time import sleep -import psutil -from getpass import getuser - -def expect_env(name): - val = environ.get(name) - if not val: - print(f"{name} not defined. Please source the ~/activate file.") - exit(1) - return val - -def wait_merchant_up(): - # Check it started correctly and it is ready to serve requests. - checks = 10 - url = urljoin(MERCHANT_BACKEND_BASE_URL, "/config") - print("Check URL: {}".format(url)) - while checks > 0: - - try: - resp = requests.get(url, timeout=5) - except Exception: - print("Merchant unreachable") - sleep(1) - checks -= 1 - continue - - if resp.status_code != 200: - sleep(1) - checks -= 1 - continue - - # Ready. - print("Merchant is up and running") - return True - - if checks == 0: - print("Merchant is not correctly serving requests.") - return False - - -MERCHANT_BACKEND_BASE_URL = expect_env("TALER_ENV_MERCHANT_BACKEND") -TALER_ENV_NAME = expect_env("TALER_ENV_NAME") -TALER_CONFIG_CURRENCY = expect_env("TALER_CONFIG_CURRENCY") -TALER_ENV_FRONTENDS_APITOKEN = expect_env("TALER_ENV_FRONTENDS_APITOKEN") -authorization_header = {"Authorization": f"Bearer {TALER_ENV_FRONTENDS_APITOKEN}"} - -def ensure_instance(instance_id, name, payto_uris, auth): - - resp = requests.get( - urljoin(MERCHANT_BACKEND_BASE_URL, f"management/instances/{instance_id}"), - headers = authorization_header - ) - - # Instance exists, we PATCH the auth just in case it changed. - if resp.status_code == 200: - if instance_id != "Tutorial": - print(f"Patching (auth of) instance '{instance_id}'") - patch_resp = requests.post( - urljoin(MERCHANT_BACKEND_BASE_URL, - f"management/instances/{instance_id}/auth"), - json=auth, - headers = authorization_header - ) - if patch_resp.status_code < 200 or patch_resp.status_code >= 300: - print(f"Failed to update auth of '{instance_id}', backend responds: {patch_resp.status_code}/{patch_resp.text}") - exit(1) - return - - print(f"Instance '{instance_id}' not found, trying to create it.") - req = dict( - id=instance_id, - name=name, - payto_uris=payto_uris, - address=dict(), - jurisdiction=dict(), - default_max_wire_fee=f"{TALER_CONFIG_CURRENCY}:1", - default_wire_fee_amortization=3, - default_max_deposit_fee=f"{TALER_CONFIG_CURRENCY}:1", - default_wire_transfer_delay=dict(d_us="forever"), - default_pay_delay=dict(d_us="forever"), - auth=auth, - ) - create_resp = requests.post( - urljoin(MERCHANT_BACKEND_BASE_URL, "management/instances"), - json=req, - headers = authorization_header - ) - if create_resp.status_code < 200 or create_resp.status_code >= 300: - print(f"Could not create instance '{instance_id}', backend responds: {create_resp.status_code}/{create_resp.text}") - exit(1) - - -def is_merchant_running(): - for proc in psutil.process_iter(): - if proc.name() == "taler-merchant-httpd" and proc.username() == getuser(): - return True - return False - - -def ensure_default_instance(): - # Assumed is managed by ARM - merchant_was_running = is_merchant_running() - if merchant_was_running: - print("Found running merchant, assuming is managed by ARM. Terminating it") - system("taler-deployment-arm -k taler-merchant") - - checks = 10 - while checks > 0: - if is_merchant_running(): - sleep(1) - checks -= 1 - continue - break - - if checks == 0: - print("Could not stop the running merchant.") - exit(1) - - print("Successfully terminating the merchant.") - # ARM is _not_ running the merchant at this point. - env_with_token = environ.copy() - env_with_token["TALER_MERCHANT_TOKEN"] = TALER_ENV_FRONTENDS_APITOKEN - - print("Starting the merchant outside ARM, passing the token into the environment.") - # Start the merchant natively. - merchant = Popen(["taler-merchant-httpd"], env=env_with_token) - - if not wait_merchant_up(): - merchant.terminate() - merchant.wait() - exit(1) - - print("Merchant started successfully, creating the default instance now.") - ensure_instance( - "default", - "default", - payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/Taler"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN) - ) - # Native process can be terminated now. - merchant.terminate() - merchant.wait() - print("Merchant terminated, restarting it via ARM now.") - - # Restarting the official ARM merchant. - if merchant_was_running: - system("taler-deployment-arm -i taler-merchant") - -ensure_default_instance() - -# Needs to wait here since the merchant got lastly restarted via ARM, -# in the previous operation. -if not wait_merchant_up(): - system("taler-deployment-arm -k taler-merchant") - exit(1) - -ensure_instance( - "blog", - name="Blog", - payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/blog"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), -) - -ensure_instance( - "donations", - name="Donations", - payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/donations"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), -) - -ensure_instance( - "survey", - name="Survey", - payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/survey"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), -) - -ensure_instance( - "pos", - name="PoS", - payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/pos"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), -) - -ensure_instance( - "GNUnet", - name="GNUnet", - payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/GNUnet"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), -) - -# This instance relate to both the donation receiver and the sync service. -ensure_instance( - "Taler", - name="Taler", - payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/Taler"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), -) - -ensure_instance( - "Tor", - name="Tor", - payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/Tor"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), -) - -# Note: this instance has a fixed secret-token, so as to allow anyone to easily -# run their tutorial. -ensure_instance( - "Tutorial", - name="Tutorial", - payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/Tutorial"], - auth=dict(method="token", token="secret-token:sandbox") -) diff --git a/bin/taler-deployment-config-instances-iban b/bin/taler-deployment-config-instances-iban deleted file mode 100755 index 69d32fb..0000000 --- a/bin/taler-deployment-config-instances-iban +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/env python3 - -""" -This script makes sure that the merchant backend instances used by the -test/demo environment are created. - -We assume that the merchant backend is running, and that the "~/activate" -file has been sourced to provide the right environment variables. -""" - -import requests -from os import environ, system -from sys import exit -from urllib.parse import urljoin -from subprocess import Popen -from time import sleep -import psutil -from getpass import getuser - -ibans = dict( - default = "ME00000000000000000000", - # Must match the IBAN given in the prepare script, called IBAN_MERCHANT. - blog = "ME00000000000000000001", -) - -def expect_env(name): - val = environ.get(name) - if not val: - print(f"{name} not defined. Please source the ~/activate file.") - exit(1) - return val - -def wait_merchant_up(): - # Check it started correctly and it is ready to serve requests. - checks = 10 - url = urljoin(MERCHANT_BACKEND_BASE_URL, "/config") - while checks > 0: - try: - resp = requests.get(url, timeout=5) - except Exception: - print("Merchant unreachable") - sleep(1) - checks -= 1 - continue - - if resp.status_code != 200: - sleep(1) - checks -= 1 - continue - - # Ready. - return True - - print("Merchant is not correctly serving requests.") - return False - -MERCHANT_BACKEND_BASE_URL = expect_env("TALER_ENV_MERCHANT_BACKEND") -TALER_ENV_NAME = expect_env("TALER_ENV_NAME") -TALER_CONFIG_CURRENCY = expect_env("TALER_CONFIG_CURRENCY") -TALER_ENV_FRONTENDS_APITOKEN = expect_env("TALER_ENV_FRONTENDS_APITOKEN") -authorization_header = {"Authorization": f"Bearer {TALER_ENV_FRONTENDS_APITOKEN}"} - - -def ensure_instance(instance_id, name, payto_uris, auth): - resp = requests.get( - urljoin(MERCHANT_BACKEND_BASE_URL, f"management/instances/{instance_id}"), - headers = authorization_header - ) - req = dict( - id=instance_id, - name=name, - payto_uris=payto_uris, - address=dict(), - jurisdiction=dict(), - default_max_wire_fee=f"{TALER_CONFIG_CURRENCY}:1", - default_wire_fee_amortization=3, - default_max_deposit_fee=f"{TALER_CONFIG_CURRENCY}:1", - default_wire_transfer_delay=dict(d_us="forever"), - default_pay_delay=dict(d_us="forever"), - auth=auth, - ) - http_method = requests.post - endpoint = "management/instances" - # Instance exists, patching it. - if resp.status_code == 200: - if instance_id != "Tutorial": - print(f"Patching instance '{instance_id}'") - http_method = requests.patch - endpoint = f"management/instances/{instance_id}" - resp = http_method( - urljoin(MERCHANT_BACKEND_BASE_URL, endpoint), - json=req, - headers = authorization_header - ) - if resp.status_code < 200 or resp.status_code >= 300: - print(f"Could not create (or patch) instance '{instance_id}', backend responds: {resp.status_code}/{resp.text}") - exit(1) - -def is_merchant_running(): - for proc in psutil.process_iter(): - if proc.name() == "taler-merchant-httpd" and proc.username() == getuser(): - return True - return False - - -def ensure_default_instance(): - # Assumed is managed by ARM - merchant_was_running = is_merchant_running() - if merchant_was_running: - print("Found running merchant, assuming is managed by ARM. Terminating it") - system("taler-deployment-arm -k taler-merchant") - - checks = 10 - while checks > 0: - if is_merchant_running(): - sleep(1) - checks -= 1 - continue - break - - if checks == 0: - print("Could not stop the running merchant.") - exit(1) - # ARM is _not_ running the merchant at this point. - env_with_token = environ.copy() - env_with_token["TALER_MERCHANT_TOKEN"] = TALER_ENV_FRONTENDS_APITOKEN - - print("Starting the merchant outside ARM to pass the token into the environment.") - # Start the merchant natively. - merchant = Popen(["taler-merchant-httpd"], env=env_with_token) - - if not wait_merchant_up(): - merchant.terminate() - merchant.wait() - exit(1) - - print("Merchant started successfully, creating the default instance now.") - ensure_instance( - "default", - "default", - payto_uris=[f"payto://sepa/bank.{TALER_ENV_NAME}.taler.net/{ibans.get('default')}"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN) - ) - # Native process can be terminated now. - merchant.terminate() - merchant.wait() - -ensure_default_instance() -print("Restarting merchant _with_ ARM, to create other non-default instances.") -system("taler-deployment-arm -s") -system("taler-deployment-arm -i taler-merchant") -wait_merchant_up() - -ensure_instance( - "blog", - name="Blog", - payto_uris=[f"payto://sepa/bank.{TALER_ENV_NAME}.taler.net/{ibans.get('blog')}"], - auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN), -) -print("Stopping the ARM merchant") -system("taler-deployment-arm -k taler-merchant") -# NOTE: ARM itself will be stopped by the main prepare script. -# Stopping here will result in indefinite wait at the caller. diff --git a/bin/taler-deployment-config-tips b/bin/taler-deployment-config-tips deleted file mode 100755 index 7baff4a..0000000 --- a/bin/taler-deployment-config-tips +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -set -eu - -function join_no_double_slash { - echo "$1$2" | sed -s 's/\([^:]\)\/\+/\1\//g' -} - -BANK_URL=$(taler-config -s bank -o base_url) -MERCHANT_URL=$(taler-config -s frontends -o backend) -CURRENCY=$(taler-config -s taler -o currency) -EXCHANGE_URL=$(taler-config -s exchange -o base_url) -WIRE_METHOD="x-taler-bank" -APIKEY=$(taler-config -s frontends -o backend_apikey) - -PAYTO_WITH_SUBJECT=$(taler-merchant-setup-reserve \ - --amount="${CURRENCY}:50" \ - --exchange-url=${EXCHANGE_URL} \ - --merchant-url=$(join_no_double_slash ${MERCHANT_URL} "/instances/survey/") \ - --wire-method=${WIRE_METHOD} \ - --apikey="Bearer ${APIKEY}") -echo "Merchant generated the following tip-reserve: $PAYTO_WITH_SUBJECT" -taler-bank-manage django wire_transfer_payto Survey x ${PAYTO_WITH_SUBJECT} "${CURRENCY}:50" -echo Paid for tip reserve. diff --git a/bin/taler-deployment-dbstart b/bin/taler-deployment-dbstart deleted file mode 100755 index 2b740ee..0000000 --- a/bin/taler-deployment-dbstart +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env bash - -# Start the local database used for Taler if necessary (because we're a -# standalone environment) and possible. - -set -eu - -base=$HOME - -export PATH="$base/deployment":$PATH - -ulimit -c $((100 * 1024)) - -cd $HOME - -if [[ ! -e ~/local/bin/gnunet-arm ]]; then - echo "not starting database, since gnunet-arm is not installed" - exit -fi - -if [ "${TALER_CONFIG_STANDALONE:-0}" = 1 ]; then - taler-deployment-arm -s - taler-deployment-arm -i taler-postgres-standalone -fi diff --git a/bin/taler-deployment-prepare b/bin/taler-deployment-prepare deleted file mode 100755 index fe7aadf..0000000 --- a/bin/taler-deployment-prepare +++ /dev/null @@ -1,264 +0,0 @@ -#!/bin/bash - -# Prepare a deployment for execution: -# * generate the configuration and setup database -# * put keys in the right place -# * set bank password for the exchange -# * sign the exchange's wire response -# * run some sanity checks (FIXME: not done yet!) - -set -eu - -source "$HOME/activate" - -# $1 = {yes,no} indicates WITH_DB_RESET. Defaults to no. -# Helps avoiding color Y destroying the DB while color X is in -# production. -WITH_DB_RESET=${1-no} - -if [[ -z ${TALER_ENV_NAME+x} ]]; then - echo "TALER_ENV_NAME not set" - exit 1 -fi - -if [[ -z ${TALER_CONFIG_CURRENCY+x} ]]; then - echo "TALER_CONFIG_CURRENCY not set" - exit 1 -fi - -# The script stops what started along the flow. -# This function should help against processes left -# somehow running. -function stop_running() { - taler-deployment-stop - for n in `jobs -p` - do - kill $n 2> /dev/null || true - done - wait -} - -trap "stop_running" EXIT - -function generate_config() { - EXCHANGE_PUB=$(gnunet-ecc -p "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv") - - mkdir -p "$HOME/.config" - - taler-deployment-config-generate \ - --exchange-pub "$EXCHANGE_PUB" \ - --currency "$TALER_CONFIG_CURRENCY" \ - --outdir "$HOME/.config" \ - --envname "$TALER_ENV_NAME" \ - --frontends-apitoken "$TALER_ENV_FRONTENDS_APITOKEN" -} - -## -## Step 1: Generate config -## - -case $TALER_ENV_NAME in - tanker|demo|test|int|local) - generate_config - ;; - *) - echo "Not generating config for env $TALER_ENV_NAME" - ;; -esac - -## -## Step 1b: initialize database -## - -if test $WITH_DB_RESET = yes; then - taler-exchange-dbinit --reset -else - taler-exchange-dbinit -fi - - - -## -## Step 2: Copy key material and update denom keys -## - -case $TALER_ENV_NAME in - demo|test|int|local) - EXCHANGE_PUB=$(gnunet-ecc -p "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv") - EXCHANGE_PRIV_FILE=$(taler-config -f -s exchange-offline -o master_priv_file) - if [[ -e "$EXCHANGE_PRIV_FILE" ]]; then - EXCHANGE_PUB2=$(gnunet-ecc -p "$EXCHANGE_PRIV_FILE") - if [[ "$EXCHANGE_PUB" != "$EXCHANGE_PUB2" ]]; then - echo "Warning: Different exchange private key already exists, not copying" - fi - else - mkdir -p "$(dirname "$EXCHANGE_PRIV_FILE")" - cp "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv" "$EXCHANGE_PRIV_FILE" - fi - ;; - *) - echo "Not copying key material for env $TALER_ENV_NAME" - ;; -esac - -EXCHANGE_MASTER_PUB=$(taler-config -s exchange -o master_public_key) -taler-auditor-exchange \ - -m "$EXCHANGE_MASTER_PUB" \ - -u "$(taler-config -s exchange -o base_url)" || true - -# Make configuration accessible to auditor -chmod 750 "$HOME/.config" - - -## -## Step 3: Set up the exchange key material -## - -taler-deployment-arm -s - -# Quickly start+shutdown exchange httpd and crypto SM helpers -taler-deployment-arm -i taler-exchange -taler-deployment-arm -i taler-exchange-secmod-rsa -taler-deployment-arm -i taler-exchange-secmod-cs -taler-deployment-arm -i taler-exchange-secmod-eddsa - -sleep 2 # FIXME: poll keys? -if ! taler-deployment-arm -I | grep "^taler-exchange" | grep "status=started" > /dev/null; then - echo "Exchange didn't start, cannot set up keys" - exit 1 -fi -if ! taler-deployment-arm -I | grep "^taler-exchange-secmod-rsa" | grep "status=started" > /dev/null; then - echo "Exchange (RSA module) didn't start, cannot set up keys." - exit 1 -fi - -if ! taler-deployment-arm -I | grep "^taler-exchange-secmod-eddsa" | grep "status=started" > /dev/null; then - echo "Exchange (EdDSA module) didn't start, cannot set up keys." - exit 1 -fi - -if ! taler-deployment-arm -I | grep "^taler-exchange-secmod-cs" | grep "status=started" > /dev/null; then - echo "Exchange (CS module) didn't start, cannot set up keys." - exit 1 -fi - -taler-exchange-offline download sign upload - -payto_uri=$(taler-config -s exchange-account-1 -o payto_uri) -taler-exchange-offline enable-account "$payto_uri" upload - -# Set up wire fees for next 5 years -year=$(date +%Y) -curr=$TALER_CONFIG_CURRENCY -for y in $(seq $year $((year + 5))); do - taler-exchange-offline wire-fee $y sepa "$curr:0.01" "$curr:0.01" "$curr:0.01" upload -done - -taler-deployment-arm -k taler-exchange -taler-deployment-arm -k taler-exchange-secmod-rsa -taler-deployment-arm -k taler-exchange-secmod-cs -taler-deployment-arm -k taler-exchange-secmod-eddsa - -# Give time to store to disk. -sleep 5 - -## -## Step 5: Adjust some permissions -## - -case $TALER_ENV_NAME in - demo|test|int) - # Make sure the web server can read ~/local - chmod og+rx ~/local - - # Make sure that shared files created by this user - # are group writable and readable. - find ~/taler-data/ -user "$USER" -exec chmod g+rw {} \; - ;; - *) - ;; -esac - -## -## Step 6: Set up merchant -## - -if test $WITH_DB_RESET = yes; then - taler-merchant-dbinit --reset -else - taler-merchant-dbinit -fi - -# Making sure ARM is not running yet. -taler-deployment-arm -e - -# Need the following services to config instances and tip reserve: -taler-deployment-arm -s -taler-deployment-arm -i taler-merchant -taler-deployment-arm -i libeufin-sandbox -taler-deployment-arm -i libeufin-nexus - -taler-deployment-arm -i taler-exchange -taler-deployment-arm -i taler-exchange-secmod-rsa -taler-deployment-arm -i taler-exchange-secmod-cs -taler-deployment-arm -i taler-exchange-secmod-eddsa -sleep 5 - -if ! taler-deployment-arm -I | grep "^taler-merchant" | grep "status=started" > /dev/null; then - echo "Merchant didn't start, cannot configure instances / create tip reserve." - exit 1 -fi - -if ! taler-deployment-arm -I | grep "^libeufin-sandbox" | grep "status=started" > /dev/null; then - echo "libeufin-sandbox didn't start, cannot create tip reserve." - exit 1 -fi -if ! taler-deployment-arm -I | grep "^libeufin-nexus" | grep "status=started" > /dev/null; then - echo "libeufin-nexus didn't start, cannot create tip reserve." - exit 1 -fi - -if ! taler-deployment-arm -I | grep "^taler-exchange" | grep "status=started" > /dev/null; then - echo "Exchange didn't start, cannot create tip reserve." - exit 1 -fi - -if ! taler-deployment-arm -I | grep "^taler-exchange-secmod-rsa" | grep "status=started" > /dev/null; then - echo "Exchange (RSA module) didn't start, cannot create tip reserve." - exit 1 -fi - -if ! taler-deployment-arm -I | grep "^taler-exchange-secmod-eddsa" | grep "status=started" > /dev/null; then - echo "Exchange (EDDSA module) didn't start, cannot create tip reserve." - exit 1 -fi - -if ! taler-deployment-arm -I | grep "^taler-exchange-secmod-cs" | grep "status=started" > /dev/null; then - echo "Exchange (CS module) didn't start, cannot create tip reserve." - exit 1 -fi - -echo "Configuring instances" -taler-deployment-config-instances - -echo "Creating tip reserve" -taler-deployment-config-tips - -taler-deployment-arm -k taler-merchant -taler-deployment-arm -k libeufin-nexus -taler-deployment-arm -k libeufin-sandbox -taler-deployment-arm -k taler-exchange -taler-deployment-arm -k taler-exchange-secmod-rsa -taler-deployment-arm -k taler-exchange-secmod-cs -taler-deployment-arm -k taler-exchange-secmod-eddsa -taler-deployment-arm -e - -## -## Step 8: Set up sync -## - -if test $WITH_DB_RESET = yes; then - sync-dbinit --reset -else - sync-dbinit -fi diff --git a/bin/taler-deployment-restart b/bin/taler-deployment-restart deleted file mode 100755 index 88eed4e..0000000 --- a/bin/taler-deployment-restart +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -set -eu - -base=$HOME - -export PATH="$base/deployment/bin":$PATH - -# might fail if invoked from another script with ulimit -ulimit -c $((100 * 1024)) &>/dev/null || true - -cd $HOME - -if taler-deployment-arm -T 300ms -I &>/dev/null; then - # looks like deployment is running, stop it - taler-deployment-arm -e -T 10s &>/dev/null -fi - -exec taler-deployment-start diff --git a/bin/taler-deployment-start b/bin/taler-deployment-start deleted file mode 100755 index f2a0e76..0000000 --- a/bin/taler-deployment-start +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash - -set -eu - -export PATH="$HOME/deployment":$PATH - -# might fail if invoked from another script with ulimit -ulimit -c $((100 * 1024)) &>/dev/null || true - -cd $HOME - -taler_config_file=$HOME/.config/taler.conf - -if [[ ! -e "$taler_config_file" ]]; then - echo "taler config file ($taler_config_file) missing" - exit 1 -fi - -taler-deployment-arm -s - -taler-deployment-arm -i taler-exchange -taler-deployment-arm -i taler-exchange-secmod-eddsa -taler-deployment-arm -i taler-exchange-secmod-rsa -taler-deployment-arm -i taler-exchange-secmod-cs -taler-deployment-arm -i taler-auditor -taler-deployment-arm -i taler-merchant -taler-deployment-arm -i taler-demobank -taler-deployment-arm -i taler-donations -taler-deployment-arm -i taler-blog -taler-deployment-arm -i taler-landing -taler-deployment-arm -i taler-survey -taler-deployment-arm -i taler-aggregator -taler-deployment-arm -i taler-exchange-wirewatch -taler-deployment-arm -i taler-sync -taler-deployment-arm -i taler-transfer - -if $(taler-config -s twister -o taler_deploy >& /dev/null); then - taler-deployment-arm -i taler-twister - taler-deployment-arm -i taler-twister-exchange - taler-deployment-arm -i taler-twister-bank -fi - -exit 0 diff --git a/bin/taler-deployment-stop b/bin/taler-deployment-stop deleted file mode 100755 index e08ee71..0000000 --- a/bin/taler-deployment-stop +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -base=$HOME - -export PATH="$base/deployment":$PATH - -# might fail if invoked from another script -ulimit -c $((100 * 1024)) &>/dev/null - -cd $HOME - -taler-deployment-arm -e -T 10s &>/dev/null diff --git a/bin/taler-log-adapter b/bin/taler-log-adapter deleted file mode 100755 index 07321fa..0000000 --- a/bin/taler-log-adapter +++ /dev/null @@ -1,66 +0,0 @@ -#!/usr/bin/env python3 -# This file is part of GNU TALER. -# Copyright (C) 2018 INRIA -# -# TALER is free software; you can redistribute it and/or modify it under the -# terms of the GNU Lesser General Public License as published by the Free Software -# Foundation; either version 2.1, or (at your option) any later version. -# -# TALER is distributed in the hope that it will be useful, but WITHOUT ANY -# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR -# A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public License along with -# GNU TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> -# -# @author Florian Dold - -""" -Wrapper for programs that log to stderr. Redirects logs to a file specified by -a path with strfmt-style placeholders in it. -""" - -from subprocess import Popen, PIPE -import sys -import os -import os.path -import signal -import time - -def handler(signum, frame): - if p: - os.kill(p.pid, signum) - else: - sys.exit(-1) - -def touchp(path): - dir = os.path.dirname(path) - if dir: - os.makedirs(dir, exist_ok=True) - -if len(sys.argv) < 3: - print("Usage: {} logfile prog_and_args...".format(sys.argv[0]), file=sys.stderr) - sys.exit(-1) - -p = None -catchable_sigs = set(signal.Signals) - {signal.SIGKILL, signal.SIGSTOP} -for sig in catchable_sigs: - signal.signal(sig, handler) -p = Popen(sys.argv[2:], stderr=PIPE, shell=False) - -log = sys.argv[1] -last_name = None - -while p.poll() is None: - full_name = time.strftime(log) - if full_name != last_name: - touchp(full_name) - last_name = full_name - last_read = p.stderr.readline() - if last_read == '': - break - with open(full_name, "ab") as f: - f.write(last_read) - -status = p.wait() -sys.exit(status) diff --git a/bin/taler_urls.py b/bin/taler_urls.py deleted file mode 100644 index ceb575b..0000000 --- a/bin/taler_urls.py +++ /dev/null @@ -1,58 +0,0 @@ -from urllib.parse import urlparse - -taler_urls = dict( - online = dict( - donations = "https://donations.{}.taler.net/", - blog = "https://shop.{}.taler.net/", - bank = "https://bank.{}.taler.net/", - libeufin = "http://bank.{}.taler.net:5582/", - backoffice = "https://backoffice.{}.taler.net/", - exchange = "https://exchange.{}.taler.net/", - merchant_backend = "https://backend.{}.taler.net/", - landing = "https://{}.taler.net/", - survey = "https://survey.{}.taler.net/", - auditor = "https://auditor.{}.taler.net/", - sync = "https://sync.{}.taler.net/", - talerbank_payto = "payto://x-taler-bank/bank.{}.taler.net/" - ), - offline = dict( - donations = "http://localhost:5880/", - blog = "http://localhost:5881/", - bank = "http://localhost:5882/", - libeufin = "http://localhost:5882/", - backoffice = "http://localhost:5883/", - exchange = "http://localhost:5884/", - merchant_backend = "http://localhost:5885/", - landing = "http://localhost:5886/", - survey = "http://localhost:5887/", - auditor = "http://localhost:5888/", - sync = "http://localhost:5889/", - talerbank_payto = "payto://x-taler-bank/localhost:5882/" - ) -) - -def get_urls(envname): - if envname == "tanker": - return dict( - donations = "https://donations.grumla.se/", - blog = "https://shop.grumla.se/", - auditor = "#", - bank = "https://bank.grumla.se/", - backoffice = "https://backoffice.grumla.se/", - exchange = "https://exchange.grumla.se/", - merchant_backend = "https://merchant-backend.grumla.se/", - landing = "https://grumla.se/", - survey = "https://survey.grumla.se/", - sync = "https://sync.grumla.se/", - talerbank_payto = "payto://x-taler-bank/bank.grumla.se/" - ) - if envname == "local": - return taler_urls["offline"] - return dict((k, v.format(envname)) - for k, v in taler_urls["online"].items() - ) - -def get_port(localhost_url): - parsed = urlparse(localhost_url) - assert(parsed.port) - return str(parsed.port) |