diff options
| -rwxr-xr-x | config/generate-config | 183 | ||||
| -rw-r--r-- | config/test.taler.net/taler.conf | 3 | ||||
| -rw-r--r-- | etc/nginx/sites-enabled/envs.site | 18 | ||||
| -rw-r--r-- | githooks/update | 32 |
4 files changed, 203 insertions, 33 deletions
diff --git a/config/generate-config b/config/generate-config new file mode 100755 index 0000000..78d52c6 --- /dev/null +++ b/config/generate-config @@ -0,0 +1,183 @@ +#!/usr/bin/env python3 +import click +import sys +from collections import OrderedDict +import json +import os + +sections = OrderedDict() + +def cfg_put(section_name, key, value): + s = sections[section_name] = sections.get(section_name, OrderedDict()) + s[key] = value + +def cfg_write(file): + for section_name, section in sections.items(): + file.write("[" + section_name + "]" + "\n") + for key, value in section.items(): + file.write(key + " = " + value + "\n") + file.write("\n") + +def coin(name, + currency, + value, + d_overlap="5 minutes", + d_withdraw="32 years", + d_spend="5 years", + d_legal="10 years", + f_withdraw="0.10", + f_deposit="0.10", + f_refresh="0.10", + f_refund="0.10", + rsa_keysize="2048"): + sec = "coin_"+currency+"_"+name + cfg_put(sec, "value", currency+":"+value) + cfg_put(sec, "duration_overlap", d_overlap) + cfg_put(sec, "duration_withdraw", d_withdraw) + cfg_put(sec, "duration_spend", d_spend) + cfg_put(sec, "duration_legal", d_legal) + cfg_put(sec, "fee_withdraw", f_withdraw) + cfg_put(sec, "fee_refresh", f_refresh) + cfg_put(sec, "fee_refund", f_refund) + cfg_put(sec, "rsa_keysize", rsa_keysize) + +def config(currency, envname, exchange_pub): + cfg_put("paths", "TALER_DEPLOYMENT_SHARED", "${HOME}/shared-data") + + cfg_put("taler", "CURRENCY", "PUDOS") + + cfg_put("bank", "uwsgi_serve", "unix") + cfg_put("bank", "uwsgi_unixpath", "$HOME/sockets/bank.uwsgi") + cfg_put("bank", "database", "talertest") + + cfg_put("donations", "uwsgi_serve", "unix") + cfg_put("donations", "uwsgi_unixpath", "$HOME/sockets/donations.uwsgi") + + cfg_put("blug", "uwsgi_serve", "unix") + cfg_put("blug", "uwsgi_unixpath", "$HOME/sockets/donations.uwsgi") + + + cfg_put("merchant", "WIREFORMAT", "test") + cfg_put("merchant", "SERVE", "unix") + cfg_put("merchant", "UNIXPATH", "$HOME/sockets/merchant.http") + cfg_put("merchant", "WIRE_TRANSFER_DELAY", "1 m") + + cfg_put("merchantdb-postgres", "CONFIG", "postgres:///taler") + + cfg_put("merchant-exchange-test", "URI", "https://exchange.{}.taler.net/".format(envname)) + cfg_put("merchant-exchange-test", "MASTER_KEY", exchange_pub) + + cfg_put("frontends", "BACKEND", "https://shop.{}.taler.net/backend/".format(envname)) + + cfg_put("exchange", "serve", "unix") + cfg_put("exchange", "unixpath", "$HOME/sockets/exchange.http") + cfg_put("exchange", "master_public_key", exchange_pub) + + cfg_put("exchange", "wireformat", "test") + cfg_put("exchange", "keydir", "${TALER_DEPLOYMENT_SHARED}/exchange/live-keys/") + + cfg_put("exchange-admin", "SERVE", "unix") + cfg_put("exchange-admin", "unixpath", "$HOME/sockets/exchange-admin.http") + + cfg_put("exchangedb-postgres", "DB_CONN_STR", "postgres:///talertest") + + cfg_put("exchange-wire-outgoing-test", "bank_uri", "https://bank.{}.taler.net/".format(envname)) + cfg_put("exchange-wire-outgoing-test", "bank_account_number", "1") + cfg_put("exchange-wire-outgoing-test", "exchange_account_number", "2") + + # how long is one signkey valid? + cfg_put("exchange_keys", "signkey_duration", "18 weeks") + + # how long are the signatures with the signkey valid? + cfg_put("exchange_keys", "legal_duration", "2 years") + + # how long do we generate denomination and signing keys + # ahead of time? + cfg_put("exchange_keys", "lookahead_sign", "32 weeks 1 day") + + cfg_put("exchange_keys", "lookahead_provide", "4 weeks 1 day") + + cfg_put("Tor-wireformat", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/tor.json") + cfg_put("GNUnet-wireformat", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/gnunet.json") + cfg_put("Taler-wireformat", "TEST_RESPONSE_FILE", "${TALER_CONFIG_HOME}/merchant/wire/taler.json") + + cfg_put("merchant-instance-Tor", "KEYFILE", "${TALER_DATA_HOME}/merchant/tor.priv") + cfg_put("merchant-instance-GNUnet", "KEYFILE", "${TALER_DATA_HOME}/merchant/gnunet.priv") + cfg_put("merchant-instance-Taler", "KEYFILE", "${TALER_DATA_HOME}/merchant/taler.priv") + + + coin(currency, "ct_10", "0.10") + coin(currency, "1", "1") + coin(currency, "2", "2") + coin(currency, "5", "5") + coin(currency, "10", "10") + coin(currency, "1000", "1000") + + +def merchant_wf(envname, instance_name, acct_no): + data = OrderedDict( + type="test", + bank_uri="https://bank.{}.taler.net/".format(envname), + sig="MERCHANTSIGNATURE", + account_number=acct_no, + salt="SALT" + ) + + return (instance_name, json.dumps(data, indent=2)) + +def exchange_wf(envname, wfname, acct_no, name): + data = OrderedDict( + name=name, + type=wfname, + bank_uri="https://bank.{}.taler.net/".format(envname), + account_number=acct_no) + return (wfname, json.dumps(data, indent=2)) + + + +@click.command() +@click.option("--currency", default="KUDOS") +@click.option("--envname", default="demo") +@click.option("--outdir", default=None) +@click.option("--exchange-pub", required=True) +def main(currency, envname, outdir, exchange_pub): + + config(currency, envname, exchange_pub) + + merchant_wireformats = [ + merchant_wf(envname, "gnunet", 4), + merchant_wf(envname, "taler", 5), + merchant_wf(envname, "tor", 3), + merchant_wf(envname, "test", 6), + ] + + exchange_wireformats = [ + exchange_wf(envname, "test", 2, "The exchange") + ] + + if outdir: + os.makedirs(outdir, exist_ok=True) + tc = os.path.join(outdir, "taler.conf") + cfg_write(open(tc, "w")) + + d = os.path.join(outdir, "taler", "merchant", "wire") + os.makedirs(d, exist_ok=True) + for name, data in merchant_wireformats: + f = open(os.path.join(d, name+".json"), "w") + f.write(data) + f.close() + + d = os.path.join(outdir, "taler", "exchange", "wire") + os.makedirs(d, exist_ok=True) + for name, data in exchange_wireformats: + # These files must be signed by the exchange in + # a later step + f = open(os.path.join(d, name+".unsigned.json"), "w") + f.write(data) + f.close() + else: + cfg_write(sys.stdout) + +if __name__ == "__main__": + main() + diff --git a/config/test.taler.net/taler.conf b/config/test.taler.net/taler.conf index 4dac169..da53ba1 100644 --- a/config/test.taler.net/taler.conf +++ b/config/test.taler.net/taler.conf @@ -55,6 +55,7 @@ KEYDIR = ${TALER_DEPLOYMENT_SHARED}/exchange/live-keys/ [exchange-admin] SERVE = unix UNIXPATH = $HOME/sockets/exchange-admin.http + * the end of the message. [exchangedb-postgres] DB_CONN_STR = "postgres:///talertest" @@ -93,7 +94,7 @@ duration_withdraw = 32 years duration_spend = 12 years duration_legal = 3 years fee_withdraw = PUDOS:0.01 -fee_deposit = PUDOS:0.01 +fee_deposit = PUDOS:1.01 fee_refresh = PUDOS:0.01 fee_refund = PUDOS:0.01 rsa_keysize = 1024 diff --git a/etc/nginx/sites-enabled/envs.site b/etc/nginx/sites-enabled/envs.site new file mode 100644 index 0000000..157b518 --- /dev/null +++ b/etc/nginx/sites-enabled/envs.site @@ -0,0 +1,18 @@ +server { + listen 80; + listen [::]:80; + server_name envs.taler.net; + rewrite ^ https://$host$request_uri? permanent; +} + + +server { + listen 443 ssl; + listen [::]:443 ssl; + server_name envs.taler.net; + root /dev/null; + include conf.d/talerssl; + location ~ ^/(?<user>[a-zA-Z0-9-_]+)/ { + return 200 "hello"; + } +} diff --git a/githooks/update b/githooks/update deleted file mode 100644 index 47934c7..0000000 --- a/githooks/update +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash - -set -ue - -refname="$1" -oldrev="$2" -newrev="$3" - -if [ -z "${1+x}" ] || [ -z "${2+x}" ] || [ -z "${3+x}" ]; then - echo "Usage: $0 REFNAME OLDREV NEWREF" - exit 1 -fi - - -[[ -z "$(git rev-list --max-count 1 "$oldrev".."$newrev" || echo "fail")" ]] -is_ff=$? - -if $is_ff; then - # always allow fast forwards - exit 0 -fi - -if [[ "$refname" != refs/heads/master ]]; then - # allow force-pushing if it's not master - exit 0 -fi - -case $USER in -*) - exit 1 - ;; -esac |