use prepare script

author: Florian Dold <florian.dold@gmail.com> 2020-01-22 15:03:13 +0100
committer: Florian Dold <florian.dold@gmail.com> 2020-01-22 15:03:13 +0100
commit: a03ef9cc605629d2bd38b707d037b4b2890718d5 (patch)
tree: 75cc16b7a362ad50c61015981052bc70567e7e97 /bin
parent: 5f74af3124f2d7088800a7904aa5a9a2c1a0eae3 (diff)
download: deployment-a03ef9cc605629d2bd38b707d037b4b2890718d5.tar.gz
deployment-a03ef9cc605629d2bd38b707d037b4b2890718d5.tar.bz2
deployment-a03ef9cc605629d2bd38b707d037b4b2890718d5.zip
4 files changed, 69 insertions, 206 deletions
diff --git a/bin/taler-deployment-config-generate b/bin/taler-deployment-config-generate
deleted file mode 100755
index 73de882..0000000
--- a/bin/taler-deployment-config-generate
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/bash
-
-# Generate the taler configuration based on environment variables.
-# These variables are usually defined in $HOME/activate.
-# Some configuration files still need to be signed with taler-deployment-config-sign.
-# It overwrites previous config files.
-#
-#
-
-set -eu
-
-if [[ -z ${TALER_ENV_NAME+x} ]]; then
-  echo "TALER_ENV_NAME not set"
-  exit 1
-fi
-
-if [[ -z ${TALER_CONFIG_CURRENCY+x} ]]; then
-  echo "TALER_CONFIG_CURRENCY not set"
-  exit 1
-fi
-
-EXCHANGE_PUB=$(gnunet-ecc -p $HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv)
-
-mkdir -p $HOME/.config
-
-$HOME/deployment/config/generate-config \
-  --exchange-pub "$EXCHANGE_PUB" \
-  --currency "$TALER_CONFIG_CURRENCY" \
-  --outdir $HOME/.config \
-  --envname "$TALER_ENV_NAME"
diff --git a/bin/taler-deployment-keyup b/bin/taler-deployment-keyup
deleted file mode 100755
index dc8c62c..0000000
--- a/bin/taler-deployment-keyup
+++ /dev/null
@@ -1,136 +0,0 @@
-#!/usr/bin/env bash
-
-# Generate denomination keys and get them
-# signed by the auditor.
-
-set -eu
-
-if test -z $TALER_ENV_NAME; then
-  echo Please run 'source $HOME/activate' first.
-  exit 1
-fi
-
-if ! test -f $HOME/.config/taler.conf; then
-  echo "Please generate config file first (taler-deployment-config-generate)"
-  exit 1
-fi
-
-DATESALT=$(date +%s%N)
-AUDITOR_REQUEST_DIR=$(taler-config -s exchangedb -o auditor_inputs -f)
-AUDITOR_BASE_DIR=$(taler-config -s exchangedb -o auditor_base_dir -f)
-AUDITOR_PRIV=$(taler-config -s auditor -o auditor_priv_file -f)
-EXCHANGE_PUB=$(taler-config -s exchange -o master_public_key)
-EXCHANGE_URL=$(taler-config -s exchange -o base_url)
-EXCHANGE_LIVE_KEYS=$(taler-config -s exchange -o keydir -f)
-EXCHANGE_WIREFEES=$(taler-config -s exchangedb -o wirefee_base_dir -f)
-EXCHANGE_PRIV=$(taler-config -s exchange -o master_priv_file -f)
-
-MERCHANT_TIP_RESERVE_PRIV=$(taler-config -s instance-default -o tip_reserve_priv_filename -f)
-MERCHANT_DEFAULT_PRIV=$(taler-config -s instance-default -o keyfile -f)
-MERCHANT_TUTORIAL_PRIV=$(taler-config -s instance-Tutorial -o keyfile -f)
-MERCHANT_TOR_PRIV=$(taler-config -s instance-Tor -o keyfile -f)
-MERCHANT_TALER_PRIV=$(taler-config -s instance-Taler -o keyfile -f)
-MERCHANT_FSF_PRIV=$(taler-config -s instance-FSF -o keyfile -f)
-MERCHANT_GNUNET_PRIV=$(taler-config -s instance-GNUnet -o keyfile -f)
-
-# Deploying merchant tip-reserve priv.
-if ! test -f $MERCHANT_TIP_RESERVE_PRIV ; then
-  mkdir -p $(dirname $MERCHANT_TIP_RESERVE_PRIV)
-  cp $HOME/deployment/private-keys/default-tip.priv $MERCHANT_TIP_RESERVE_PRIV
-  chmod 660 $MERCHANT_TIP_RESERVE_PRIV
-fi
-
-# Deploying merchant default priv.
-if ! test -f $MERCHANT_DEFAULT_PRIV ; then
-  mkdir -p $(dirname $MERCHANT_DEFAULT_PRIV)
-  cp $HOME/deployment/private-keys/default.priv $MERCHANT_DEFAULT_PRIV
-  chmod 660 $MERCHANT_DEFAULT_PRIV
-fi
-
-# Deploying merchant tutorial priv.
-if ! test -f $MERCHANT_TUTORIAL_PRIV ; then
-  mkdir -p $(dirname $MERCHANT_TUTORIAL_PRIV)
-  cp $HOME/deployment/private-keys/tutorial.priv $MERCHANT_TUTORIAL_PRIV
-  chmod 660 $MERCHANT_TUTORIAL_PRIV
-fi
-
-# Deploying merchant Tor priv.
-if ! test -f $MERCHANT_TOR_PRIV ; then
-  mkdir -p $(dirname $MERCHANT_TOR_PRIV)
-  cp $HOME/deployment/private-keys/tor.priv $MERCHANT_TOR_PRIV
-  chmod 660 $MERCHANT_TOR_PRIV
-fi
-
-# Deploying merchant Taler priv.
-if ! test -f $MERCHANT_TALER_PRIV ; then
-  mkdir -p $(dirname $MERCHANT_TALER_PRIV)
-  cp $HOME/deployment/private-keys/taler.priv $MERCHANT_TALER_PRIV
-  chmod 660 $MERCHANT_TALER_PRIV
-fi
-
-# Deploying merchant FSF priv.
-if ! test -f $MERCHANT_FSF_PRIV ; then
-  mkdir -p $(dirname $MERCHANT_FSF_PRIV)
-  cp $HOME/deployment/private-keys/fsf.priv $MERCHANT_FSF_PRIV
-  chmod 660 $MERCHANT_FSF_PRIV
-fi
-
-# Deploying merchant GNUnet priv.
-if ! test -f $MERCHANT_GNUNET_PRIV ; then
-  mkdir -p $(dirname $MERCHANT_GNUNET_PRIV)
-  cp $HOME/deployment/private-keys/gnunet.priv $MERCHANT_GNUNET_PRIV
-  chmod 660 $MERCHANT_GNUNET_PRIV
-fi
-
-
-# Deploying Exchange's priv.
-if ! test -f $EXCHANGE_PRIV ; then
-  mkdir -p $(dirname $EXCHANGE_PRIV)
-  cp $HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv $EXCHANGE_PRIV
-  chmod 660 $EXCHANGE_PRIV
-fi
-
-# Deploying Auditor's priv.
-if ! test -f $AUDITOR_PRIV; then
-  mkdir -p $(dirname $AUDITOR_PRIV)
-  cp $HOME/deployment/private-keys/auditor.priv $AUDITOR_PRIV
-  chmod 660 $AUDITOR_PRIV
-fi
-
-mkdir -p $AUDITOR_REQUEST_DIR
-taler-exchange-keyup \
-  -m $EXCHANGE_PRIV \
-  -o $AUDITOR_REQUEST_DIR/auditor_request-${DATESALT}
-
-# or-ing with true as user A won't be able to
-# change permissions for user B's files.
-
-# MARCELLO: this BREAKS stuff badly, as you are
-# removing the 'x' from directories, making them
-# unreadable! Do not use -R so blindly, this
-# MUST only be done on files!
-#chmod -R 660 $EXCHANGE_LIVE_KEYS/* || true
-
-#chmod -R 660 $EXCHANGE_WIREFEES/* || true
-
-taler-auditor-exchange \
-  -m $EXCHANGE_PUB \
-  -u $EXCHANGE_URL || ret=$?
-ret=${ret:-0}
-
-if [[ "$ret" != 4 ]] && [[ "$ret" != 0 ]]; then
-  echo "unexpected exit code ($ret) of taler-auditor-exchange" >&2
-  exit 1
-fi
-
-# Checks whether any denom key was generated, and
-# only sign it if so.
-if [[ -s $AUDITOR_REQUEST_DIR/auditor_request-${DATESALT} ]]; then
-  echo "Signing key material by auditor.."
-  taler-auditor-sign \
-    -u $TALER_ENV_URL_AUDITOR \
-    -m $EXCHANGE_PUB \
-    -r "$AUDITOR_REQUEST_DIR/auditor_request-${DATESALT}" \
-    -o "$AUDITOR_BASE_DIR/$DATESALT" \
-    -c ${HOME}/.config/taler.conf
-fi
diff --git a/bin/taler-deployment-prepare b/bin/taler-deployment-prepare
index dae504d..463163b 100755
--- a/bin/taler-deployment-prepare
+++ b/bin/taler-deployment-prepare
@@ -1,9 +1,15 @@
 #!/bin/bash
 
+# Prepare a deployment for execution:
+# * generate the configuration
+# * put keys in the right place
+# * sign the exchange's wire response
+# * run some sanity checks (FIXME: not done yet!)
+
 set -eu
 
 usage() {
-  echo "Usage: $0 ENVNAME"
+  echo "Usage: $0"
 }
 
 if [ -z ${1+x} ]; then
@@ -11,25 +17,73 @@ if [ -z ${1+x} ]; then
   exit 1
 fi
 
-$HOME/deployment/bootstrap-taler $1
-
 source $HOME/activate
 
-taler-deployment-build
-echo "All Taler built."
-
-taler-deployment-generate-config
-echo "Configuration got generated."
+if [[ -z ${TALER_ENV_NAME+x} ]]; then
+  echo "TALER_ENV_NAME not set"
+  exit 1
+fi
 
-if test "demo" = $1; then
-  echo "Please set up manually the shared data between demo-blue/green"
-  exit 0
+if [[ -z ${TALER_CONFIG_CURRENCY+x} ]]; then
+  echo "TALER_CONFIG_CURRENCY not set"
+  exit 1
 fi
 
+function generate_config() {
+  EXCHANGE_PUB=$(gnunet-ecc -p $HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv)
+
+  mkdir -p $HOME/.config
+
+  $HOME/deployment/config/generate-config \
+    --exchange-pub "$EXCHANGE_PUB" \
+    --currency "$TALER_CONFIG_CURRENCY" \
+    --outdir $HOME/.config \
+    --envname "$TALER_ENV_NAME"
+}
+
+##
+## Step 1: Generate config
+##
+
+case $TALER_ENV_NAME in
+  demo|test|int)
+    generate_config
+    ;;
+  *)
+    echo "Not generating config for env $TALER_ENV_NAME"
+    ;;
+esac
+
 taler-deployment-keyup
-echo "Keys generated."
 
-taler-deployment-sign
-echo "/wire response signed."
 
-echo "All services can be launched with taler-deployment-start now."
+##
+## Step 2: Copy key material and update denom keys
+##
+
+
+case $TALER_ENV_NAME in
+  demo|test|int)
+    generate_config
+    ;;
+  *)
+    echo "Not copying private keys for env $TALER_ENV_NAME"
+    ;;
+esac
+
+taler-exchange-keyup
+
+
+##
+## Step 3: Sign the exchange's wire information
+##
+
+WIRE_RESPONSE=$(taler-config -s exchange-account-1 -o wire_response -f)
+
+if test -e "$WIRE_RESPONSE"; then
+  echo "Will not override that wire response file ($WIRE_RESPONSE); exiting."
+  exit 0
+fi
+
+taler-exchange-wire
+chmod 770 $WIRE_RESPONSE
diff --git a/bin/taler-deployment-sign b/bin/taler-deployment-sign
deleted file mode 100755
index 011e0d0..0000000
--- a/bin/taler-deployment-sign
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/usr/bin/env bash
-
-# Sign exchange wire response
-
-set -eu
-
-if test -z $TALER_ENV_NAME; then
-  echo Please run 'source $HOME/activate' first.
-  exit 1
-fi
-
-if ! test -f $HOME/.config/taler.conf; then
-  echo "Please generate config file first (taler-deployment-config-generate)"
-  exit 1
-fi
-
-WIRE_RESPONSE=$(taler-config -s account-1 -o wire_response -f)
-
-if test -e "$WIRE_RESPONSE"; then
-  echo "Will not override that wire response file ($WIRE_RESPONSE); exiting."
-  exit 0
-fi
-
-taler-exchange-wire
-chmod 770 $WIRE_RESPONSE
author	Florian Dold <florian.dold@gmail.com>	2020-01-22 15:03:13 +0100
committer	Florian Dold <florian.dold@gmail.com>	2020-01-22 15:03:13 +0100
commit	a03ef9cc605629d2bd38b707d037b4b2890718d5 (patch)
tree	75cc16b7a362ad50c61015981052bc70567e7e97 /bin
parent	5f74af3124f2d7088800a7904aa5a9a2c1a0eae3 (diff)
download	deployment-a03ef9cc605629d2bd38b707d037b4b2890718d5.tar.gz deployment-a03ef9cc605629d2bd38b707d037b4b2890718d5.tar.bz2 deployment-a03ef9cc605629d2bd38b707d037b4b2890718d5.zip