diff options
| author | Marcello Stanisci <marcello.stanisci@inria.fr> | 2016-11-21 15:39:54 +0100 |
|---|---|---|
| committer | Marcello Stanisci <marcello.stanisci@inria.fr> | 2016-11-21 15:39:54 +0100 |
| commit | fea08eba99def942c496ca307f731e67101ec136 (patch) | |
| tree | 4b74359e22959222f17d2e978453dd3cbee3c9d6 | |
| parent | 2a50a4ee8f54d1c5abceb4e99e40acf0e84060f2 (diff) | |
| parent | 8d4c0b8826b2a6e3154a08a12602743bfe71a267 (diff) | |
| download | deployment-fea08eba99def942c496ca307f731e67101ec136.tar.gz deployment-fea08eba99def942c496ca307f731e67101ec136.tar.bz2 deployment-fea08eba99def942c496ca307f731e67101ec136.zip | |
Merge branch 'master' of taler.net:deployment
32 files changed, 268 insertions, 563 deletions
diff --git a/bin/taler-deployment-config-generate b/bin/taler-deployment-config-generate new file mode 100755 index 0000000..deb20d4 --- /dev/null +++ b/bin/taler-deployment-config-generate @@ -0,0 +1,29 @@ +#!/bin/bash + +# (Re-)generate the taler configuration based on environment variables. +# These variables are usually defined in ~/activate. +# Some configuration files still need to be signed with taler-deployment-config-sign. + +set -eu + +base=$HOME + +export PATH="$base/deployment":$PATH + +if [[ -z ${TALER_CONFIG_ENV+x} ]]; then + echo "TALER_CONFIG_ENV not set" + exit 1 +fi + +if [[ -z ${TALER_CONFIG_CURRENCY+x} ]]; then + echo "TALER_CONFIG_CURRENCY not set" + exit 1 +fi + +exchange_pub=$(gnunet-ecc -p ~/shared-data/exchange/offline-keys/master.priv) + +~/deployment/config/generate-config \ + --exchange-pub "$exchange_pub" \ + --currency "$TALER_CONFIG_CURRENCY" \ + --outdir ~/.config \ + --envname "$TALER_CONFIG_ENV" diff --git a/bin/taler-deployment-config-sign b/bin/taler-deployment-config-sign new file mode 100755 index 0000000..0f6e082 --- /dev/null +++ b/bin/taler-deployment-config-sign @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +set -eu + +base=$HOME + +export PATH="$base/deployment":$PATH + +for f in ~/.config/taler/exchange/wire/*.unsigned.json; do + taler-exchange-wire -j "$(<"$f")" > "${f%.unsigned.json}.json" +done + diff --git a/bin/taler-deployment-keyup b/bin/taler-deployment-keyup new file mode 100755 index 0000000..5a44bba --- /dev/null +++ b/bin/taler-deployment-keyup @@ -0,0 +1,7 @@ +#!/usr/bin/env bash + +set -eu + +~/local/bin/taler-exchange-keyup -m shared-data/exchange/offline-keys/master.priv + +chmod -fR g+rw shared-data diff --git a/bin/taler-deployment-start b/bin/taler-deployment-start index 9acfe47..19b0fa9 100755 --- a/bin/taler-deployment-start +++ b/bin/taler-deployment-start @@ -8,6 +8,12 @@ ulimit -c $((100 * 1024)) cd $HOME +if [[ ! -e ~/.config/taler.conf ]]; then + taler-deployment-config-generate +fi + +taler-deployment-config-sign + taler-deployment-arm -s taler-deployment-arm -i taler-exchange taler-deployment-arm -i taler-merchant diff --git a/bootstrap-bluegreen b/bootstrap-bluegreen index 36bc7d9..8635f02 100755 --- a/bootstrap-bluegreen +++ b/bootstrap-bluegreen @@ -19,8 +19,7 @@ set -eu usage() { - ech "Usage:" - echo "$0: DEPLOYMENT_BASENAME" + echo "Usage: $0 ENVNAME" } if [ -z ${1+x} ]; then @@ -28,23 +27,27 @@ if [ -z ${1+x} ]; then exit 1 fi -DEPLOYMENT_BASENAME=$1 +ENVNAME=$1 BRANCH=master -case $DEPLOYMENT_BASENAME in +CURRENCY=PUDOS +case $ENVNAME in demo) BRANCH=stable + CURRENCY=KUDOS ;; esac cd $HOME if ! test -d $HOME/gnunet; then - svn checkout https://gnunet.org/svn/gnunet + git clone git://gnunet.org/gnunet.git + git -C ~/gnunet checkout -q tags/taler-0.2.0 fi if ! test -d $HOME/libmicrohttpd; then - svn checkout https://gnunet.org/svn/libmicrohttpd + git clone git://gnunet.org/libmicrohttpd.git + git -C ~/libmicrohttpd checkout -q tags/v0.9.52 fi for component in bank merchant gnurl landing exchange merchant-frontends deployment; do @@ -60,12 +63,20 @@ done cat >$HOME/activate <<EOL #!/bin/bash -export PATH="$HOME/local/bin:$HOME/deployment/bin:\$PATH" + +function taler-config-generate () { + echo "Command disabled. Clease use taler-deployment-config-generate instead." + return 1 +} +function taler-exchange-keyup () { + echo "Command disabled. Clease use taler-deployment-keyup instead." +} + + +export PATH="$HOME/deployment/bin:$HOME/local/bin:\$PATH" export TALER_CHECKDB="postgres:///talercheck-$USER" +export TALER_CONFIG_CURRENCY=$CURRENCY +export TALER_CONFIG_ENV=$ENVNAME EOL -mkdir -p $HOME/.config -ln -sft $HOME/.config "$HOME/deployment/config/$DEPLOYMENT_BASENAME.taler.net/taler.conf" -ln -sft $HOME/.config "$HOME/deployment/config/$DEPLOYMENT_BASENAME.taler.net/taler" - -ln -sf "/home/$DEPLOYMENT_BASENAME/shared-data" "$HOME" +ln -sf "/home/$ENVNAME/shared-data" "$HOME" diff --git a/bootstrap-standalone b/bootstrap-standalone index 620c392..1d44dce 100755 --- a/bootstrap-standalone +++ b/bootstrap-standalone @@ -1,33 +1,66 @@ #!/bin/bash -# Bootstrap a standalone Taler installation from source, -# on one single user account, without blue/green deployment. +# Bootstrap the Taler setup for the user account that +# is currently logged in. -set -eu +# Generates a setup for a single user, +# including a postgresql DB. -base=$HOME +set -eu -mkdir -p $base +ENVNAME=$USER +BRANCH=master +CURRENCY=$(echo "*KUDOS-$USER" | cut -c 1-13) -cd $base +cd $HOME -if ! test -d $base/gnunet; then - svn checkout https://gnunet.org/svn/gnunet +if ! test -d $HOME/gnunet; then + git clone git://gnunet.org/gnunet.git + git -C ~/gnunet checkout -q tags/taler-0.2.0 fi -if ! test -d $base/libmicrohttpd; then - svn checkout https://gnunet.org/svn/libmicrohttpd +if ! test -d $HOME/libmicrohttpd; then + git clone git://gnunet.org/libmicrohttpd.git + git -C ~/libmicrohttpd checkout -q tags/v0.9.52 fi for component in bank merchant gnurl landing exchange merchant-frontends deployment; do - if ! test -d $base/$component; then - git clone git://taler.net/$component + if ! test -d $HOME/$component; then + git clone /var/git/$component.git fi done -cat >$base/activate <<EOL +for component in bank merchant landing exchange merchant-frontends; do + echo "Checking out $component to $BRANCH" + git -C $HOME/$component checkout $BRANCH +done + +if ! test -d $HOME/talerdb; then + /usr/lib/postgresql/9.5/bin/initdb -D talerdb -U $USER +fi + +mkdir -p $HOME/sockets + +/usr/lib/postgresql/9.5/bin/postgres --single -D ~/talerdb -k $HOME/sockets -h "" postgres \ + >/dev/null <<< "create database taler" +/usr/lib/postgresql/9.5/bin/postgres --single -D ~/talerdb -k $HOME/sockets -h "" postgres \ + >/dev/null <<< "create database talercheck" + +cat >$HOME/activate <<EOL #!/bin/bash -export PATH="$base/local/bin:$base/deployment/bin:\$PATH" -EOL -mkdir -p $base/.config +function taler-config-generate () { + echo "Command disabled. Clease use taler-deployment-config-generate instead." + return 1 +} +function taler-exchange-keyup () { + echo "Command disabled. Clease use taler-deployment-keyup instead." +} + +export PATH="$HOME/deployment/bin:$HOME/local/bin:\$PATH" +export TALER_CHECKDB="postgresql:///talercheck?host=$HOME/sockets" +export TALER_CONFIG_CURRENCY=$CURRENCY +export TALER_CONFIG_ENV=$ENVNAME +export TALER_CONFIG_STANDALONE=1 +export TALER_CONFIG_DB="postgresql:///taler?host=$HOME/sockets" +EOL diff --git a/config/demo.taler.net/taler.conf b/config/demo.taler.net/taler.conf deleted file mode 100644 index a552ef1..0000000 --- a/config/demo.taler.net/taler.conf +++ /dev/null @@ -1,197 +0,0 @@ -[paths] -TALER_DEPLOYMENT_SHARED = ${HOME}/shared-data - - -[taler] -CURRENCY = KUDOS - - -[bank] -uwsgi_serve = unix -uwsgi_unixpath = $HOME/sockets/bank.uwsgi -uwsgi_unixpath_mode = 660 -database = talerdemo - - -[bank-admin] -uwsgi_serve = unix -uwsgi_unixpath = $HOME/sockets/bank-admin.uwsgi -uwsgi_unixpath_mode = 660 - - -[donations] -uwsgi_serve = unix -uwsgi_unixpath = $HOME/sockets/donations.uwsgi - - -[blog] -uwsgi_serve = unix -uwsgi_unixpath = $HOME/sockets/blog.uwsgi -instance = FSF - - -[merchant] -WIREFORMAT = test -SERVE = unix -UNIXPATH = $HOME/sockets/merchant.http -KEYFILE = ${TALER_DEPLOYMENT_SHARED}/merchant/merchant.priv -WIRE_TRANSFER_DELAY = 1 m - - -[merchantdb-postgres] -CONFIG = postgres:///talerdemo - - -[merchant-exchange-demo] -URI = https://exchange.demo.taler.net/ -MASTER_KEY = CQQZ9DY3MZ1ARMN5K1VKDETS04Y2QCKMMCFHZSWJWWVN82BTTH00 - - -[frontends] -BACKEND = https://shop.demo.taler.net/backend/ -FRACTION = 100000000 - - -[exchange] -SERVE = unix -UNIXPATH = $HOME/sockets/exchange.http -MASTER_PRIV_FILE = ${TALER_DEPLOYMENT_SHARED}/exchange/offline-keys/master.priv -MASTER_PUBLIC_KEY = CQQZ9DY3MZ1ARMN5K1VKDETS04Y2QCKMMCFHZSWJWWVN82BTTH00 -WIREFORMAT = test -KEYDIR = ${TALER_DEPLOYMENT_SHARED}/exchange/live-keys/ - -[exchange-admin] -SERVE = unix -UNIXPATH = $HOME/sockets/exchange-admin.http - -[exchangedb-postgres] -DB_CONN_STR = "postgres:///talerdemo" - - -[exchange-wire-outgoing-test] -BANK_URI = https://bank.demo.taler.net/ -BANK_ACCOUNT_NUMBER = 1 -EXCHANGE_ACCOUNT_NUMBER = 2 - - -[exchange_keys] -# how long is one signkey valid? -signkey_duration = 18 weeks - -# how long are the signatures with the signkey valid? -legal_duration = 2 years - -# how long do we generate denomination and signing keys -# ahead of time? -lookahead_sign = 32 weeks 1 day - -# how long do we provide to clients denomination and signing keys -# ahead of time? -lookahead_provide = 4 weeks 1 day - - -# Coin definitions are detected because the section -# name begins with "coin_". The rest of the -# name is free, but of course following the convention -# of "coin_$CURRENCY[_$SUBUNIT]_$VALUE" make sense. -[coin_pudos_ct_10] -value = KUDOS:0.10 -duration_overlap = 5 minutes -duration_withdraw = 32 years -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = KUDOS:0.01 -fee_deposit = KUDOS:0.01 -fee_refresh = KUDOS:0.01 -fee_refund = KUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_1] -value = KUDOS:1 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = KUDOS:0.01 -fee_deposit = KUDOS:0.01 -fee_refresh = KUDOS:0.01 -fee_refund = KUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_2] -value = KUDOS:2 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = KUDOS:0.01 -fee_deposit = KUDOS:0.01 -fee_refresh = KUDOS:0.01 -fee_refund = KUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_5] -value = KUDOS:5 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = KUDOS:0.01 -fee_deposit = KUDOS:0.01 -fee_refresh = KUDOS:0.01 -fee_refund = KUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_10] -value = KUDOS:10 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = KUDOS:0.01 -fee_deposit = KUDOS:0.01 -fee_refresh = KUDOS:0.01 -fee_refund = KUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_1000] -value = KUDOS:1000 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = KUDOS:0.01 -fee_deposit = KUDOS:0.01 -fee_refresh = KUDOS:0.01 -fee_refund = KUDOS:0.01 -rsa_keysize = 2048 - - -[merchant-instance-wireformat-Tor] -TEST_RESPONSE_FILE = ${TALER_CONFIG_HOME}/merchant/wire/tor.json - -[merchant-instance-wireformat-GNUnet] -TEST_RESPONSE_FILE = ${TALER_CONFIG_HOME}/merchant/wire/gnunet.json - -[merchant-instance-wireformat-Taler] -TEST_RESPONSE_FILE = ${TALER_CONFIG_HOME}/merchant/wire/taler.json - -[merchant-instance-wireformat-FSF] -TEST_RESPONSE_FILE = ${TALER_CONFIG_HOME}/merchant/wire/fsf.json - -[merchant-instance-Tor] -KEYFILE = ${TALER_DATA_HOME}/merchant/tor.priv - -[merchant-instance-GNUnet] -KEYFILE = ${TALER_DATA_HOME}/merchant/gnunet.priv - -[merchant-instance-Taler] -KEYFILE = ${TALER_DATA_HOME}/merchant/taler.priv - -[merchant-instance-FSF] -KEYFILE = ${TALER_DATA_HOME}/merchant/fsf.priv diff --git a/config/demo.taler.net/taler/exchange/wire/test.json b/config/demo.taler.net/taler/exchange/wire/test.json deleted file mode 100644 index 2180c80..0000000 --- a/config/demo.taler.net/taler/exchange/wire/test.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "sig": "Q5T9DZGDC4W4AAW77XXZ93M6ZAJYYQEWY80AGKWABA9DF87ZNA6KEEQMH33CE84A6N259CGN9TYS1H4DJ9YSZB6FBVRKCY1PSZNMW3G", - "name": "The exchange", - "account_number": 2, - "type": "test", - "bank_uri": "https://bank.demo.taler.net/", - "salt": "8VGKPF66ZNRX49W648EER6A53QAD6Q7ZAKHN6BGCVN1RE0F46J127V381K9AB4BNM0G5B44CGGY1DRB5843ACX8SWZFX2FQ2K4V8TBG" -} diff --git a/config/demo.taler.net/taler/merchant/wire/fsf.json b/config/demo.taler.net/taler/merchant/wire/fsf.json deleted file mode 100644 index 0a2126e..0000000 --- a/config/demo.taler.net/taler/merchant/wire/fsf.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.demo.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 6, - "salt": "SALT" -} diff --git a/config/demo.taler.net/taler/merchant/wire/gnunet.json b/config/demo.taler.net/taler/merchant/wire/gnunet.json deleted file mode 100644 index c37f31c..0000000 --- a/config/demo.taler.net/taler/merchant/wire/gnunet.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.demo.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 4, - "salt": "SALT" -} diff --git a/config/demo.taler.net/taler/merchant/wire/taler.json b/config/demo.taler.net/taler/merchant/wire/taler.json deleted file mode 100644 index e7c60c5..0000000 --- a/config/demo.taler.net/taler/merchant/wire/taler.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.demo.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 5, - "salt": "SALT" -} diff --git a/config/demo.taler.net/taler/merchant/wire/tor.json b/config/demo.taler.net/taler/merchant/wire/tor.json deleted file mode 100644 index 3c29fe4..0000000 --- a/config/demo.taler.net/taler/merchant/wire/tor.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.demo.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 3, - "salt": "SALT" -} diff --git a/config/demo.taler.net/taler/merchant/wire/tutorial.json b/config/demo.taler.net/taler/merchant/wire/tutorial.json deleted file mode 100644 index c37fb38..0000000 --- a/config/demo.taler.net/taler/merchant/wire/tutorial.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.demo.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 7, - "salt": "SALT" -} diff --git a/config/generate-config b/config/generate-config index 78d52c6..da6a236 100755 --- a/config/generate-config +++ b/config/generate-config @@ -18,17 +18,17 @@ def cfg_write(file): file.write(key + " = " + value + "\n") file.write("\n") -def coin(name, - currency, +def coin(currency, + name, value, d_overlap="5 minutes", d_withdraw="32 years", d_spend="5 years", d_legal="10 years", - f_withdraw="0.10", - f_deposit="0.10", - f_refresh="0.10", - f_refund="0.10", + f_withdraw="0.01", + f_deposit="0.01", + f_refresh="0.01", + f_refund="0.01", rsa_keysize="2048"): sec = "coin_"+currency+"_"+name cfg_put(sec, "value", currency+":"+value) @@ -36,25 +36,33 @@ def coin(name, cfg_put(sec, "duration_withdraw", d_withdraw) cfg_put(sec, "duration_spend", d_spend) cfg_put(sec, "duration_legal", d_legal) - cfg_put(sec, "fee_withdraw", f_withdraw) - cfg_put(sec, "fee_refresh", f_refresh) - cfg_put(sec, "fee_refund", f_refund) + cfg_put(sec, "fee_withdraw", currency+":"+f_withdraw) + cfg_put(sec, "fee_refresh", currency+":"+f_refresh) + cfg_put(sec, "fee_refund", currency+":"+f_refund) + cfg_put(sec, "fee_deposit", currency+":"+f_deposit) cfg_put(sec, "rsa_keysize", rsa_keysize) def config(currency, envname, exchange_pub): cfg_put("paths", "TALER_DEPLOYMENT_SHARED", "${HOME}/shared-data") + cfg_put("paths", "TALER_DEPLOYMENT_SHARED", "${HOME}/shared-data") - cfg_put("taler", "CURRENCY", "PUDOS") + cfg_put("taler", "CURRENCY", currency) cfg_put("bank", "uwsgi_serve", "unix") cfg_put("bank", "uwsgi_unixpath", "$HOME/sockets/bank.uwsgi") - cfg_put("bank", "database", "talertest") + cfg_put("bank", "uwsgi_unixpath_mode", "660") + cfg_put("bank", "database", "taler"+envname) + + cfg_put("bank-admin", "uwsgi_serve", "unix") + cfg_put("bank-admin", "uwsgi_unixpath", "$HOME/sockets/bank-admin.uwsgi") + cfg_put("bank-admin", "uwsgi_unixpath_mode", "660") cfg_put("donations", "uwsgi_serve", "unix") cfg_put("donations", "uwsgi_unixpath", "$HOME/sockets/donations.uwsgi") - cfg_put("blug", "uwsgi_serve", "unix") - cfg_put("blug", "uwsgi_unixpath", "$HOME/sockets/donations.uwsgi") + cfg_put("blog", "uwsgi_serve", "unix") + cfg_put("blog", "uwsgi_unixpath", "$HOME/sockets/shop.uwsgi") + cfg_put("blog", "instance", "FSF") cfg_put("merchant", "WIREFORMAT", "test") @@ -62,24 +70,26 @@ def config(currency, envname, exchange_pub): cfg_put("merchant", "UNIXPATH", "$HOME/sockets/merchant.http") cfg_put("merchant", "WIRE_TRANSFER_DELAY", "1 m") - cfg_put("merchantdb-postgres", "CONFIG", "postgres:///taler") + cfg_put("merchantdb-postgres", "CONFIG", "postgres:///taler{}".format(envname)) cfg_put("merchant-exchange-test", "URI", "https://exchange.{}.taler.net/".format(envname)) cfg_put("merchant-exchange-test", "MASTER_KEY", exchange_pub) cfg_put("frontends", "BACKEND", "https://shop.{}.taler.net/backend/".format(envname)) + cfg_put("frontends", "FRACTION", "100000000") cfg_put("exchange", "serve", "unix") cfg_put("exchange", "unixpath", "$HOME/sockets/exchange.http") cfg_put("exchange", "master_public_key", exchange_pub) cfg_put("exchange", "wireformat", "test") + cfg_put("exchange", "MASTER_PRIV_FILE", "${TALER_DEPLOYMENT_SHARED}/exchange/offline-keys/master.priv") cfg_put("exchange", "keydir", "${TALER_DEPLOYMENT_SHARED}/exchange/live-keys/") cfg_put("exchange-admin", "SERVE", "unix") cfg_put("exchange-admin", "unixpath", "$HOME/sockets/exchange-admin.http") - cfg_put("exchangedb-postgres", "DB_CONN_STR", "postgres:///talertest") + cfg_put("exchangedb-postgres", "DB_CONN_STR", "postgres:///taler{}".format(envname)) cfg_put("exchange-wire-outgoing-test", "bank_uri", "https://bank.{}.taler.net/".format(envname)) cfg_put("exchange-wire-outgoing-test", "bank_account_number", "1") @@ -97,14 +107,18 @@ def config(currency, envname, exchange_pub): cfg_put("exchange_keys", "lookahead_provide", "4 weeks 1 day") - cfg_put("Tor-wireformat", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/tor.json") - cfg_put("GNUnet-wireformat", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/gnunet.json") - cfg_put("Taler-wireformat", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/taler.json") + cfg_put("merchant-instance-FSF", "KEYFILE", "${TALER_DATA_HOME}/merchant/fsf.priv") cfg_put("merchant-instance-Tor", "KEYFILE", "${TALER_DATA_HOME}/merchant/tor.priv") cfg_put("merchant-instance-GNUnet", "KEYFILE", "${TALER_DATA_HOME}/merchant/gnunet.priv") cfg_put("merchant-instance-Taler", "KEYFILE", "${TALER_DATA_HOME}/merchant/taler.priv") + cfg_put("merchant-instance-tutorial", "KEYFILE", "${TALER_DATA_HOME}/merchant/tutorial.priv") + cfg_put("merchant-instance-wireformat-Tor", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/tor.json") + cfg_put("merchant-instance-wireformat-GNUnet", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/gnunet.json") + cfg_put("merchant-instance-wireformat-Taler", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/taler.json") + cfg_put("merchant-instance-wireformat-FSF", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/fsf.json") + cfg_put("merchant-instance-wireformat-tutorial", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/tutorial.json") coin(currency, "ct_10", "0.10") coin(currency, "1", "1") @@ -148,7 +162,8 @@ def main(currency, envname, outdir, exchange_pub): merchant_wf(envname, "gnunet", 4), merchant_wf(envname, "taler", 5), merchant_wf(envname, "tor", 3), - merchant_wf(envname, "test", 6), + merchant_wf(envname, "fsf", 6), + merchant_wf(envname, "tutorial", 7), ] exchange_wireformats = [ diff --git a/config/test.taler.net/taler.conf b/config/test.taler.net/taler.conf deleted file mode 100644 index 751d046..0000000 --- a/config/test.taler.net/taler.conf +++ /dev/null @@ -1,198 +0,0 @@ -[paths] -TALER_DEPLOYMENT_SHARED = ${HOME}/shared-data - - -[taler] -CURRENCY = PUDOS - - -[bank] -uwsgi_serve = unix -database = talertest -uwsgi_unixpath = $HOME/sockets/bank.uwsgi -uwsgi_unixpath_mode = 660 -fraction = 100000000 - - -[bank-admin] -uwsgi_serve = unix -uwsgi_unixpath = $HOME/sockets/bank-admin.uwsgi -uwsgi_unixpath_mode = 660 - -[donations] -uwsgi_serve = unix -uwsgi_unixpath = $HOME/sockets/donations.uwsgi - - -[blog] -uwsgi_serve = unix -uwsgi_unixpath = $HOME/sockets/blog.uwsgi -instance = FSF - - -[merchant] -WIREFORMAT = test -SERVE = unix -UNIXPATH = $HOME/sockets/merchant.http -# WARNING: The following line may be obsolete. -KEYFILE = ${TALER_DEPLOYMENT_SHARED}/merchant/merchant.priv -WIRE_TRANSFER_DELAY = 1 m - - -[merchantdb-postgres] -CONFIG = postgres:///talertest - - -[merchant-exchange-test] -URI = https://exchange.test.taler.net/ -MASTER_KEY = CQQZ9DY3MZ1ARMN5K1VKDETS04Y2QCKMMCFHZSWJWWVN82BTTH00 - - -[frontends] -BACKEND = https://shop.test.taler.net/backend/ -FRACTION = 100000000 - - -[exchange] -SERVE = unix -UNIXPATH = $HOME/sockets/exchange.http -MASTER_PRIV_FILE = ${TALER_DEPLOYMENT_SHARED}/exchange/offline-keys/master.priv -MASTER_PUBLIC_KEY = CQQZ9DY3MZ1ARMN5K1VKDETS04Y2QCKMMCFHZSWJWWVN82BTTH00 -WIREFORMAT = test -KEYDIR = ${TALER_DEPLOYMENT_SHARED}/exchange/live-keys/ - -[exchange-admin] -SERVE = unix -UNIXPATH = $HOME/sockets/exchange-admin.http - -[exchangedb-postgres] -DB_CONN_STR = "postgres:///talertest" - - -[exchange-wire-outgoing-test] -BANK_URI = https://bank.test.taler.net/ -BANK_ACCOUNT_NUMBER = 1 -EXCHANGE_ACCOUNT_NUMBER = 2 - - -[exchange_keys] -# how long is one signkey valid? -signkey_duration = 18 weeks - -# how long are the signatures with the signkey valid? -legal_duration = 2 years - -# how long do we generate denomination and signing keys -# ahead of time? -lookahead_sign = 32 weeks 1 day - -# how long do we provide to clients denomination and signing keys -# ahead of time? -lookahead_provide = 4 weeks 1 day - - -# Coin definitions are detected because the section -# name begins with "coin_". The rest of the -# name is free, but of course following the convention -# of "coin_$CURRENCY[_$SUBUNIT]_$VALUE" make sense. -[coin_pudos_ct_10] -value = PUDOS:0.10 -duration_overlap = 5 minutes -duration_withdraw = 32 years -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = PUDOS:0.01 -fee_deposit = PUDOS:1.01 -fee_refresh = PUDOS:0.01 -fee_refund = PUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_1] -value = PUDOS:1 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = PUDOS:0.01 -fee_deposit = PUDOS:0.01 -fee_refresh = PUDOS:0.01 -fee_refund = PUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_2] -value = PUDOS:2 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = PUDOS:0.01 -fee_deposit = PUDOS:0.01 -fee_refresh = PUDOS:0.01 -fee_refund = PUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_5] -value = PUDOS:5 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = PUDOS:0.01 -fee_deposit = PUDOS:0.01 -fee_refresh = PUDOS:0.01 -fee_refund = PUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_10] -value = PUDOS:10 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = PUDOS:0.01 -fee_deposit = PUDOS:0.01 -fee_refresh = PUDOS:0.01 -fee_refund = PUDOS:0.01 -rsa_keysize = 1024 - - -[coin_pudos_1000] -value = PUDOS:1000 -duration_overlap = 5 minutes -duration_withdraw = 17 weeks -duration_spend = 12 years -duration_legal = 3 years -fee_withdraw = PUDOS:0.01 -fee_deposit = PUDOS:0.01 -fee_refresh = PUDOS:0.01 -fee_refund = PUDOS:0.01 -rsa_keysize = 2048 - - -[merchant-instance-Tor] -KEYFILE = ${TALER_DATA_HOME}/merchant/tor.priv - -[merchant-instance-GNUnet] -KEYFILE = ${TALER_DATA_HOME}/merchant/gnunet.priv - -[merchant-instance-Taler] -KEYFILE = ${TALER_DATA_HOME}/merchant/taler.priv - -[merchant-instance-FSF] -KEYFILE = ${TALER_DATA_HOME}/merchant/fsf.priv - -[merchant-instance-wireformat-Tor] -TEST_RESPONSE_FILE = ${TALER_CONFIG_HOME}/merchant/wire/tor.json - -[merchant-instance-wireformat-GNUnet] -TEST_RESPONSE_FILE = ${TALER_CONFIG_HOME}/merchant/wire/gnunet.json - -[merchant-instance-wireformat-Taler] -TEST_RESPONSE_FILE = ${TALER_CONFIG_HOME}/merchant/wire/taler.json - -[merchant-instance-wireformat-FSF] -TEST_RESPONSE_FILE = ${TALER_CONFIG_HOME}/merchant/wire/fsf.json diff --git a/config/test.taler.net/taler/exchange/wire/test.json b/config/test.taler.net/taler/exchange/wire/test.json deleted file mode 100644 index d46c3c6..0000000 --- a/config/test.taler.net/taler/exchange/wire/test.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "sig": "JE0QWGH1GSTB5QTC6MJZHAKPQBD1FRMPTGB3B5E0Q7MWCSEVX95JDTDGKH1AQBJ9R17KDQ1CB0XBCCW420Z2CXW9CZXXFEQJ2BKSG3G", - "name": "The exchange", - "account_number": 2, - "bank_uri": "https://bank.test.taler.net/", - "type": "test", - "salt": "P3SBRJE7QW43GR44CW2V921M7N2WEESTRJS39ZECDK60ZJ8VBDJMQ1QQS5HSZBT06DGEDEK654T8WX2C7BGRT6A2798EYJFECME3B3G" -} diff --git a/config/test.taler.net/taler/merchant/wire/fsf.json b/config/test.taler.net/taler/merchant/wire/fsf.json deleted file mode 100644 index 3d62dc5..0000000 --- a/config/test.taler.net/taler/merchant/wire/fsf.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.test.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 6, - "salt": "SALT" -} diff --git a/config/test.taler.net/taler/merchant/wire/gnunet.json b/config/test.taler.net/taler/merchant/wire/gnunet.json deleted file mode 100644 index 66f7276..0000000 --- a/config/test.taler.net/taler/merchant/wire/gnunet.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.test.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 4, - "salt": "SALT" -} diff --git a/config/test.taler.net/taler/merchant/wire/taler.json b/config/test.taler.net/taler/merchant/wire/taler.json deleted file mode 100644 index 26ad2cb..0000000 --- a/config/test.taler.net/taler/merchant/wire/taler.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.test.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 5, - "salt": "SALT" -} diff --git a/config/test.taler.net/taler/merchant/wire/tor.json b/config/test.taler.net/taler/merchant/wire/tor.json deleted file mode 100644 index d80e9b9..0000000 --- a/config/test.taler.net/taler/merchant/wire/tor.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.test.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 3, - "salt": "SALT" -} diff --git a/config/test.taler.net/taler/merchant/wire/tutorial.json b/config/test.taler.net/taler/merchant/wire/tutorial.json deleted file mode 100644 index 700322d..0000000 --- a/config/test.taler.net/taler/merchant/wire/tutorial.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "type": "test", - "bank_uri": "https://bank.test.taler.net/", - "sig": "MERCHANTSIGNATURE", - "account_number": 7, - "salt": "SALT" -} diff --git a/etc/nginx/conf.d/demo.redirects b/etc/nginx/conf.d/demo.redirects index 143637c..a65172f 100644 --- a/etc/nginx/conf.d/demo.redirects +++ b/etc/nginx/conf.d/demo.redirects @@ -1,6 +1,7 @@ - rewrite ^/shop$ $scheme://shop.demo.taler.net/ redirect; - rewrite ^/blog$ $scheme://blog.demo.taler.net/ redirect; - rewrite ^/landing$ $scheme://demo.taler.net/ redirect; - rewrite ^/bank(.*)$ $scheme://bank.demo.taler.net/$1 redirect; - rewrite ^/exchange$ $scheme://exchange.demo.taler.net/ redirect; - rewrite ^/exchange/(.*)$ $scheme://exchange.demo.taler.net/$1 redirect; +rewrite ^/shop$ $scheme://shop.demo.taler.net/ redirect; +rewrite ^/donations$ $scheme://donations.demo.taler.net/ redirect; +rewrite ^/landing$ $scheme://demo.taler.net/ redirect; +rewrite ^/bank(.*)$ $scheme://bank.demo.taler.net/$1 redirect; +rewrite ^/exchange$ $scheme://exchange.demo.taler.net/ redirect; +rewrite ^/exchange/(.*)$ $scheme://exchange.demo.taler.net/$1 redirect; +rewrite ^/blog/track$ $scheme://blog.demo.taler.net/track redirect; diff --git a/etc/nginx/conf.d/test.redirects b/etc/nginx/conf.d/test.redirects index 4d62bf0..af56520 100644 --- a/etc/nginx/conf.d/test.redirects +++ b/etc/nginx/conf.d/test.redirects @@ -1,6 +1,7 @@ - rewrite ^/shop$ $scheme://shop.test.taler.net/ redirect; - rewrite ^/blog$ $scheme://blog.test.taler.net/ redirect; - rewrite ^/landing$ $scheme://test.taler.net/ redirect; - rewrite ^/bank(.*)$ $scheme://bank.test.taler.net/$1 redirect; - rewrite ^/exchange$ $scheme://exchange.demo.taler.net/ redirect; - rewrite ^/exchange/(.*)$ $scheme://exchange.demo.taler.net/$1 redirect; +rewrite ^/shop$ $scheme://shop.test.taler.net/ redirect; +rewrite ^/donations$ $scheme://donations.test.taler.net/ redirect; +rewrite ^/landing$ $scheme://test.taler.net/ redirect; +rewrite ^/bank(.*)$ $scheme://bank.test.taler.net/$1 redirect; +rewrite ^/exchange$ $scheme://exchange.demo.taler.net/ redirect; +rewrite ^/exchange/(.*)$ $scheme://exchange.demo.taler.net/$1 redirect; +rewrite ^/blog/track$ $scheme://blog.test.taler.net/track redirect; diff --git a/etc/nginx/sites-enabled/demo.site b/etc/nginx/sites-enabled/demo.site index c231f78..98f238f 100644 --- a/etc/nginx/sites-enabled/demo.site +++ b/etc/nginx/sites-enabled/demo.site @@ -1,7 +1,11 @@ server { listen 80; listen [::]:80; - server_name demo.taler.net *.demo.taler.net; + server_name demo.taler.net + bank.demo.taler.net + shop.demo.taler.net + exchange.demo.taler.net; + rewrite ^ https://$host$request_uri? permanent; } @@ -45,7 +49,9 @@ server { server { listen 443 ssl; + listen 80; listen [::]:443 ssl; + listen [::]:80; server_name backend.demo.taler.net; ssi on; include conf.d/test.redirects; @@ -61,14 +67,14 @@ server { server { listen 443 ssl; listen [::]:443 ssl; - server_name blog.demo.taler.net; + server_name shop.demo.taler.net; root /dev/null; include conf.d/demo.redirects; include conf.d/talerssl; ssi on; location / { - uwsgi_pass unix:/home/demo/sockets/blog.uwsgi; + uwsgi_pass unix:/home/demo/sockets/shop.uwsgi; include /etc/nginx/uwsgi_params; } @@ -86,7 +92,7 @@ server { server { listen 443 ssl; listen [::]:443 ssl; - server_name shop.demo.taler.net; + server_name donations.demo.taler.net; ssi on; include conf.d/demo.redirects; include conf.d/talerssl; diff --git a/etc/nginx/sites-enabled/docs-ssl.site b/etc/nginx/sites-enabled/docs-ssl.site new file mode 100644 index 0000000..b699cad --- /dev/null +++ b/etc/nginx/sites-enabled/docs-ssl.site @@ -0,0 +1,21 @@ +server { + listen 443 ssl; + listen [::]:443 ssl; ## listen for ipv4; this line is default and implied + # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 + + root /var/www/docs.taler.net/; + + # Make site accessible from http://localhost/ + server_name docs.taler.net; + server_name www.docs.taler.net; + + include conf.d/talerssl; + + location / { + autoindex off; + ssi off; +# ssi_last_modified on; + } + + include conf.d/favicon_robots; +} diff --git a/etc/nginx/sites-enabled/docs.site b/etc/nginx/sites-enabled/docs.site new file mode 100644 index 0000000..50cfdbe --- /dev/null +++ b/etc/nginx/sites-enabled/docs.site @@ -0,0 +1,19 @@ +server { + listen 80; + listen [::]:80; ## listen for ipv4; this line is default and implied + # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 + + root /var/www/docs.taler.net/; + + # Make site accessible from http://localhost/ + server_name docs.taler.net; + server_name www.docs.taler.net; + + location / { + autoindex off; + ssi off; +# ssi_last_modified on; + } + + include conf.d/favicon_robots; +} diff --git a/etc/nginx/sites-enabled/test.site b/etc/nginx/sites-enabled/test.site index 9de7af4..e7d829b 100644 --- a/etc/nginx/sites-enabled/test.site +++ b/etc/nginx/sites-enabled/test.site @@ -1,7 +1,10 @@ server { listen 80; listen [::]:80; - server_name test.taler.net *.test.taler.net; + server_name test.taler.net + bank.test.taler.net + shop.test.taler.net + exchange.test.taler.net; rewrite ^ https://$host$request_uri? permanent; } @@ -47,14 +50,14 @@ server { server { listen 443 ssl; listen [::]:443 ssl; - server_name blog.test.taler.net; + server_name shop.test.taler.net; root /dev/null; include conf.d/test.redirects; include conf.d/talerssl; ssi on; location / { - uwsgi_pass unix:/home/test/sockets/blog.uwsgi; + uwsgi_pass unix:/home/test/sockets/shop.uwsgi; include /etc/nginx/uwsgi_params; } @@ -69,7 +72,9 @@ server { server { listen 443 ssl; + listen 80; listen [::]:443 ssl; + listen [::]:80; server_name backend.test.taler.net; ssi on; include conf.d/test.redirects; @@ -85,7 +90,7 @@ server { server { listen 443 ssl; listen [::]:443 ssl; - server_name shop.test.taler.net; + server_name donations.test.taler.net; ssi on; include conf.d/test.redirects; include conf.d/talerssl; diff --git a/etc/nginx/sites-enabled/www-ssl.site b/etc/nginx/sites-enabled/www-ssl.site index 605f45e..7831d38 100644 --- a/etc/nginx/sites-enabled/www-ssl.site +++ b/etc/nginx/sites-enabled/www-ssl.site @@ -26,9 +26,25 @@ server { rewrite ^/wallet$ /wallet.html break; } + gzip on; + gzip_disable "msie6"; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript; + + + location ~* \.(png|jpg|jpeg|gif|ico|svg|js|css)$ { + root /var/www/taler.net; + expires 1y; + } + # Note: this will go to /var/www/(videos|releases), which we took out of Git location /videos { root /var/www; + expires max; } location /releases { diff --git a/taler-arm/taler-postgres-standalone.conf b/taler-arm/taler-postgres-standalone.conf new file mode 100644 index 0000000..d1e1da8 --- /dev/null +++ b/taler-arm/taler-postgres-standalone.conf @@ -0,0 +1,4 @@ +[taler-postgres-standalone] +TYPE = simple +BINARY = /usr/lib/postgresql/9.5/bin/postgres +OPTIONS = -D $HOME/talerdb -k $HOME/sockets -h "" diff --git a/taler-build/invalidate.sh b/taler-build/invalidate.sh index 5c1bc20..3c9a15b 100755 --- a/taler-build/invalidate.sh +++ b/taler-build/invalidate.sh @@ -8,7 +8,7 @@ set -eu -for component in deployment exchange merchant bank gnurl merchant-frontends landing; do +for component in deployment exchange merchant bank gnurl merchant-frontends landing gnunet libmicrohttpd; do cd $HOME/$component git fetch if git status -sb | grep behind; then @@ -16,13 +16,3 @@ for component in deployment exchange merchant bank gnurl merchant-frontends land rm -f $HOME/deployment/taler-build/$component-stamp fi done - -for component in gnunet libmicrohttpd; do - cd $HOME/$component - svnHead=$(svn info -r HEAD | awk '/^Revision/ {print $2}') - svnBase=$(svn info -r BASE | awk '/^Revision/ {print $2}') - if test $svnHead != $svnBase; then - echo "invalidating $component" - rm -f $HOME/deployment/taler-build/$component-stamp - fi -done diff --git a/taler-build/update_gnunet.sh b/taler-build/update_gnunet.sh index c1a013e..04ebb57 100755 --- a/taler-build/update_gnunet.sh +++ b/taler-build/update_gnunet.sh @@ -3,8 +3,13 @@ set -eu cd $HOME/gnunet/ -svn revert -R . -svn update +git clean -fdx + +# like "git pull", but robust against force pushes +# and local changes +git fetch +git reset --hard FETCH_HEAD + ./bootstrap ./configure --prefix=$HOME/local --enable-logging=verbose --with-libgnurl=$HOME/local --with-microhttpd=$HOME/local make diff --git a/taler-build/update_libmicrohttpd.sh b/taler-build/update_libmicrohttpd.sh index ba90b25..d02d853 100755 --- a/taler-build/update_libmicrohttpd.sh +++ b/taler-build/update_libmicrohttpd.sh @@ -1,8 +1,13 @@ #!/bin/bash cd $HOME/libmicrohttpd/ -svn revert -R . -svn update +git clean -fdx + +# like "git pull", but robust against force pushes +# and local changes +git fetch +git reset --hard FETCH_HEAD + ./bootstrap ./configure --prefix=$HOME/local make |