summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xbin/taler-deployment7
-rwxr-xr-xbin/taler-deployment-config-generate7
-rwxr-xr-xbin/taler-deployment-config-instances31
-rwxr-xr-xbin/taler-deployment-prepare3
4 files changed, 37 insertions, 11 deletions
diff --git a/bin/taler-deployment b/bin/taler-deployment
index acd9b70..2df86da 100755
--- a/bin/taler-deployment
+++ b/bin/taler-deployment
@@ -27,6 +27,8 @@ from dataclasses import dataclass
from typing import List, Callable
from shutil import copy
from taler_urls import get_urls
+from string import ascii_letters, ascii_uppercase
+import random
activate_template = """\
#!/bin/bash
@@ -51,6 +53,7 @@ export TALER_ENV_URL_BACKOFFICE="{backoffice}"
export TALER_ENV_URL_SYNC="{sync}"
export TALER_ENV_MERCHANT_BACKEND="{merchant_backend}"
export TALER_COVERAGE={coverage}
+export TALER_ENV_FRONTENDS_APITOKEN="{frontends_apitoken}"
"""
@@ -637,6 +640,9 @@ def sync_repos() -> None:
r_dir = home / "sources" / r.name
subprocess.run(["git", "-C", str(r_dir), "clean", "-fdx"], check=True)
+def generate_apitoken():
+ return "secret-token:" + ''.join(random.choices(ascii_letters + ascii_uppercase, k=10))
+
@cli.command()
def bootstrap() -> None:
"""Bootstrap a GNU Taler deployment."""
@@ -667,6 +673,7 @@ def bootstrap() -> None:
currency=currmap[envname],
curr_path=":".join(path_list),
coverage=1 if envname == "coverage" else 0,
+ frontends_apitoken="{}".format(generate_apitoken()),
**get_urls(envname)
)
)
diff --git a/bin/taler-deployment-config-generate b/bin/taler-deployment-config-generate
index fdba35f..36e8608 100755
--- a/bin/taler-deployment-config-generate
+++ b/bin/taler-deployment-config-generate
@@ -135,7 +135,6 @@ def config(obj):
"merchantdb-postgres", "config", "postgres:///taler{}".format(obj.envname)
)
- obj.cfg_put("frontends", "backend_apikey", "secret-token:sandbox")
obj.cfg_put("frontends", "backend", urls["merchant_backend"])
obj.cfg_put(
@@ -224,9 +223,10 @@ def config(obj):
@click.option("--currency", default="KUDOS")
@click.option("--envname", default="demo")
@click.option("--outdir", required=True)
-# datadir is where all keys / wire-details files / are placed.
@click.option("--exchange-pub", required=True)
-def main(currency, envname, outdir, exchange_pub):
+# Expected to contain already the 'secret-token:' scheme.
+@click.option("--frontends-apitoken", required=True)
+def main(currency, envname, outdir, exchange_pub, frontends_apitoken):
if envname not in ("tanker", "demo", "test", "int", "euro", "chf", "local"):
print("envname (%s) not demo/test/int, aborting config generation" % envname)
@@ -235,6 +235,7 @@ def main(currency, envname, outdir, exchange_pub):
config_files = []
mc = ConfigFile(envname, currency, exchange_pub, "taler.conf")
+ mc.cfg_put("frontends", "backend_apikey", f"{frontends_apitoken}")
config(mc)
config_files.append(mc)
diff --git a/bin/taler-deployment-config-instances b/bin/taler-deployment-config-instances
index 5a9a8d2..65cebc8 100755
--- a/bin/taler-deployment-config-instances
+++ b/bin/taler-deployment-config-instances
@@ -24,6 +24,7 @@ def expect_env(name):
MERCHANT_BACKEND_BASE_URL = expect_env("TALER_ENV_MERCHANT_BACKEND")
TALER_ENV_NAME = expect_env("TALER_ENV_NAME")
TALER_CONFIG_CURRENCY = expect_env("TALER_CONFIG_CURRENCY")
+TALER_ENV_FRONTENDS_APITOKEN = expect_env("TALER_ENV_FRONTENDS_APITOKEN")
def ensure_instance(instance_id, name, payto_uris, auth):
# FIXME: Use auth once the default instance also uses token auth
@@ -44,7 +45,7 @@ def ensure_instance(instance_id, name, payto_uris, auth):
default_wire_transfer_delay=dict(d_ms="forever"),
default_pay_delay=dict(d_ms="forever"),
# FIXME: Eventually, this should be an actual secret token
- auth=dict(method="token", token="secret-token:sandbox"),
+ auth=auth,
)
create_resp = requests.post(
urljoin(MERCHANT_BACKEND_BASE_URL, "private/instances"), json=req
@@ -52,53 +53,69 @@ def ensure_instance(instance_id, name, payto_uris, auth):
if create_resp.status_code < 200 or create_resp.status_code >= 300:
print(f"failed to create instance {instance_id}")
print(create_resp.text)
+ print("trying with PATCH")
+ patch_resp = requests.patch(
+ urljoin(MERCHANT_BACKEND_BASE_URL, f"private/instances/{instance_id}"), json=req
+ )
+ if patch_resp.status_code < 200 or patch_resp.status_code >= 300:
+ print(f"failed to patch instance {instance_id}")
+ print(patch_resp.text)
exit(1)
ensure_instance(
"blog",
name="Blog",
payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/blog"],
- auth=dict(method="token", token="secret-token:sandbox"),
+ auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN),
)
ensure_instance(
"donations",
name="Donations",
payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/donations"],
- auth=dict(method="token", token="secret-token:sandbox"),
+ auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN),
)
ensure_instance(
"survey",
name="Survey",
payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/survey"],
- auth=dict(method="token", token="secret-token:sandbox"),
+ auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN),
)
ensure_instance(
"pos",
name="PoS",
payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/pos"],
- auth=dict(method="token", token="secret-token:sandbox"),
+ auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN),
)
ensure_instance(
"GNUnet",
name="GNUnet",
payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/GNUnet"],
- auth=dict(method="token", token="secret-token:sandbox"),
+ auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN),
)
ensure_instance(
"Taler",
name="Taler",
payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/Taler"],
- auth=dict(method="token", token="secret-token:sandbox"),
+ auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN),
)
ensure_instance(
"Tor",
name="Tor",
payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/Tor"],
+ auth=dict(method="token", token=TALER_ENV_FRONTENDS_APITOKEN),
+)
+
+# Note: this instance has a fixed secret-token, so as to allow anyone to easily
+# run their tutorial.
+ensure_instance(
+ "Tutorial",
+ name="Tutorial",
+ payto_uris=[f"payto://x-taler-bank/bank.{TALER_ENV_NAME}.taler.net/Tutorial"],
auth=dict(method="token", token="secret-token:sandbox"),
)
diff --git a/bin/taler-deployment-prepare b/bin/taler-deployment-prepare
index 59c0689..d87bc61 100755
--- a/bin/taler-deployment-prepare
+++ b/bin/taler-deployment-prepare
@@ -30,7 +30,8 @@ function generate_config() {
--exchange-pub "$EXCHANGE_PUB" \
--currency "$TALER_CONFIG_CURRENCY" \
--outdir "$HOME/.config" \
- --envname "$TALER_ENV_NAME"
+ --envname "$TALER_ENV_NAME" \
+ --frontends-apitoken "$TALER_ENV_FRONTENDS_APITOKEN"
}
##