diff options
| -rw-r--r-- | docker/hybrid/README | 2 | ||||
| -rw-r--r-- | docker/hybrid/config/deployment.conf | 1 | ||||
| -rw-r--r-- | docker/hybrid/docker-compose.yml | 8 | ||||
| -rw-r--r-- | docker/hybrid/images/base/Dockerfile | 2 | ||||
| -rw-r--r-- | docker/hybrid/images/exchange/startup.sh | 37 | ||||
| -rw-r--r-- | docker/hybrid/images/exchange/taler.conf | 2 | ||||
| -rw-r--r-- | docker/hybrid/images/libeufin/startup.sh | 14 | ||||
| -rw-r--r-- | docker/hybrid/images/merchant/startup.sh | 9 | ||||
| -rw-r--r-- | docker/hybrid/images/postgres/Dockerfile | 4 | ||||
| -rw-r--r-- | docker/hybrid/images/postgres/init.sql | 2 |
10 files changed, 52 insertions, 29 deletions
diff --git a/docker/hybrid/README b/docker/hybrid/README index dd97e86..4326c33 100644 --- a/docker/hybrid/README +++ b/docker/hybrid/README @@ -44,7 +44,7 @@ absolute path of a host-specific configuration file. See config/deployment.conf for an example. From this folder, run: - $ docker-compose up --remove-orphans + $ docker-compose up --remove-orphans --abort-on-container-exit How to test on localhost ======================== diff --git a/docker/hybrid/config/deployment.conf b/docker/hybrid/config/deployment.conf index 427ffb5..b506ecb 100644 --- a/docker/hybrid/config/deployment.conf +++ b/docker/hybrid/config/deployment.conf @@ -5,3 +5,4 @@ exchange-nexus-username = exchange-at-nexus exchange-nexus-password = secret-at-nexus exchange-sandbox-username = exchange-at-sandbox exchange-sandbox-password = secret-at-sandbox +db-password = db-secret diff --git a/docker/hybrid/docker-compose.yml b/docker/hybrid/docker-compose.yml index df17b16..32c8c56 100644 --- a/docker/hybrid/docker-compose.yml +++ b/docker/hybrid/docker-compose.yml @@ -8,6 +8,11 @@ services: - 8888:5432 volumes: - ${TALER_DEPLOYMENT_DATA:-~/taler-data}/postgresql:/var/lib/postgresql/data + - ${TALER_DEPLOYMENT_CONFIG:?Please export TALER_DEPLOYMENT_CONFIG}:/config/deployment.conf + environment: + POSTGRES_USER: root + POSTGRES_PASSWORD: nonce + POSTGRES_HOST_AUTH_METHOD: scram-sha-256 exchange: build: ./images/exchange @@ -18,6 +23,7 @@ services: volumes: - ${TALER_DEPLOYMENT_CONFIG:?Please export TALER_DEPLOYMENT_CONFIG}:/config/deployment.conf - ${TALER_DEPLOYMENT_DATA:-~/taler-data}/exchange:/data + - ${TALER_DEPLOYMENT_LOGS:-~/taler-logs}:/logs merchant: build: ./images/merchant @@ -28,6 +34,7 @@ services: - 5559:8080 # Blog TBD. volumes: - ${TALER_DEPLOYMENT_CONFIG:?Please export TALER_DEPLOYMENT_CONFIG}:/config/deployment.conf + - ${TALER_DEPLOYMENT_LOGS:-~/taler-logs}:/logs bank: build: ./images/libeufin @@ -37,3 +44,4 @@ services: volumes: - ${TALER_DEPLOYMENT_CONFIG:?Please export TALER_DEPLOYMENT_CONFIG}:/config/deployment.conf - ${TALER_DEPLOYMENT_DATA:-~/taler-data}/libeufin:/data + - ${TALER_DEPLOYMENT_LOGS:-~/taler-logs}:/logs diff --git a/docker/hybrid/images/base/Dockerfile b/docker/hybrid/images/base/Dockerfile index 7f6e3f9..227ad44 100644 --- a/docker/hybrid/images/base/Dockerfile +++ b/docker/hybrid/images/base/Dockerfile @@ -7,7 +7,7 @@ RUN apt-get install -y autoconf autopoint libtool texinfo \ libpq-dev postgresql libcurl4-openssl-dev libsodium-dev git \ libqrencode-dev zip jq nodejs npm openjdk-17-jre nginx procps \ curl python3-jinja2 wget curl python3-sphinx \ - socat python3-sphinx-rtd-theme + socat python3-sphinx-rtd-theme apache2-utils RUN pip3 install requests click poetry uwsgi diff --git a/docker/hybrid/images/exchange/startup.sh b/docker/hybrid/images/exchange/startup.sh index a586c7c..bc4153d 100644 --- a/docker/hybrid/images/exchange/startup.sh +++ b/docker/hybrid/images/exchange/startup.sh @@ -11,8 +11,9 @@ EXCHANGE_NEXUS_USERNAME=`taler-config -c /config/deployment.conf -s taler-deploy EXCHANGE_NEXUS_PASSWORD=`taler-config -c /config/deployment.conf -s taler-deployment -o exchange-nexus-password` EXCHANGE_IBAN=DE159593 TALER_FACADE_NAME=taler-facade - +DB_PASSWORD=`taler-config -c /config/deployment.conf -s taler-deployment -o db-password` sed -i "s;__EXCHANGE_URL__;${EXCHANGE_URL};" /config/taler.conf +sed -i "s;__DB_PASSWORD__;${DB_PASSWORD};" /config/taler.conf sed -i "s/__CURRENCY__/${CURRENCY}/" /config/taler.conf sed -i "s/__EXCHANGE_NEXUS_USERNAME__/${EXCHANGE_NEXUS_USERNAME}/" /config/taler.conf sed -i "s/__EXCHANGE_NEXUS_PASSWORD__/${EXCHANGE_NEXUS_PASSWORD}/" /config/taler.conf @@ -29,35 +30,47 @@ echo Now DB is ready. # Make sure we have the right to connect echo "" | psql -h talerdb -d taler -taler-exchange-dbinit -c /config/taler.conf --reset +taler-exchange-dbinit -L DEBUG -c /config/taler.conf --reset + +taler-exchange-secmod-eddsa -L DEBUG \ + -c /config/taler.conf 2>&1 | \ + rotatelogs -e /logs/taler-exchange-secmod-eddsa-%Y-%m-%d 86400 & + +taler-exchange-secmod-rsa -L DEBUG \ + -c /config/taler.conf 2>&1 | \ + rotatelogs -e /logs/taler-exchange-secmod-rsa-%Y-%m-%d 86400 & + +taler-exchange-secmod-cs -L DEBUG \ + -c /config/taler.conf 2>&1 | \ + rotatelogs -e /logs/taler-exchange-secmod-cs-%Y-%m-%d 86400 & -taler-exchange-secmod-eddsa -c /config/taler.conf & -taler-exchange-secmod-rsa -c /config/taler.conf & -taler-exchange-secmod-cs -c /config/taler.conf & echo "Crypto helpers started.." EXCHANGE_MASTER_PUB=$(taler-exchange-offline -c /config/taler.conf setup) sed -i "s/__EXCHANGE_MASTER_PUB__/$EXCHANGE_MASTER_PUB/" /config/taler.conf -taler-exchange-httpd -c /config/taler.conf & -for n in `seq 1 80` +taler-exchange-httpd -L DEBUG -c /config/taler.conf 2>&1 | \ + rotatelogs -e /logs/taler-exchange-httpd-%Y-%m-%d 86400 & +for n in `seq 1 20` do echo "." - sleep 0.1 + sleep 0.4 OK=1 wget http://exchange/ -o /dev/null -O /dev/null >/dev/null && break OK=0 done if [ 1 != $OK ] then - echo "Failed to launch Exchange" + echo "ERROR: failed to launch Exchange" + exit 1 fi echo Echange launched. -taler-exchange-wirewatch -L DEBUG -c /config/taler.conf & +taler-exchange-wirewatch -L DEBUG -c /config/taler.conf 2>&1 | \ + rotatelogs -e /logs/taler-exchange-wirewatch-%Y-%m-%d 86400 & -taler-exchange-offline -c /config/taler.conf \ +taler-exchange-offline -L DEBUG -c /config/taler.conf \ download sign \ enable-account "payto://iban/SANDBOXX/${EXCHANGE_IBAN}?receiver-name=Exchange+Company" \ wire-fee now iban ${CURRENCY}:0.01 ${CURRENCY}:0.01 ${CURRENCY}:0.01 \ global-fee now ${CURRENCY}:0.01 ${CURRENCY}:0.01 ${CURRENCY}:0.01 ${CURRENCY}:0.01 1h 1h 1year 5 \ - upload + upload 2>&1 wait diff --git a/docker/hybrid/images/exchange/taler.conf b/docker/hybrid/images/exchange/taler.conf index 43a01d6..e905898 100644 --- a/docker/hybrid/images/exchange/taler.conf +++ b/docker/hybrid/images/exchange/taler.conf @@ -37,7 +37,7 @@ port = 80 # serve = unix [exchangedb-postgres] -config = postgres://talerdb/taler +config = postgres://root:__DB_PASSWORD__@talerdb/taler [coin___CURRENCY___1] rsa_keysize = 2048 diff --git a/docker/hybrid/images/libeufin/startup.sh b/docker/hybrid/images/libeufin/startup.sh index 5e8b447..ea72201 100644 --- a/docker/hybrid/images/libeufin/startup.sh +++ b/docker/hybrid/images/libeufin/startup.sh @@ -52,7 +52,8 @@ libeufin-sandbox default-exchange \ "payto://iban/SANDBOXX/${EXCHANGE_IBAN}?receiver-name=Exchange+Company" echo DONE echo -n "Launching Sandbox..." -libeufin-sandbox serve --no-localhost-only --port $SANDBOX_PORT & +libeufin-sandbox serve --no-localhost-only --port $SANDBOX_PORT 2>&1 | \ + rotatelogs -e /logs/libeufin-sandbox-serve-%Y-%m-%d 86400 & echo DONE is_serving ${LIBEUFIN_SANDBOX_URL} Sandbox @@ -65,10 +66,9 @@ echo -n "Create exchange EBICS subscriber at Sandbox.." export LIBEUFIN_SANDBOX_USERNAME=admin export LIBEUFIN_SANDBOX_PASSWORD=secret echo -n "Create EBICS host at Sandbox.." -libeufin-cli sandbox \ - --sandbox-url $SANDBOX_BASE_URL \ - ebicshost create --host-id talerebics +libeufin-cli sandbox --sandbox-url $SANDBOX_BASE_URL ebicshost create --host-id talerebics echo DONE +echo -n "Create exchange's EBICS subscriber at Sandbox.." libeufin-cli sandbox \ demobank new-ebicssubscriber --host-id talerebics \ --user-id exchangeebics --partner-id talerpartner \ @@ -79,10 +79,12 @@ EXCHANGE_NEXUS_USERNAME=`taler-config -c /config/deployment.conf -s taler-deploy EXCHANGE_NEXUS_PASSWORD=`taler-config -c /config/deployment.conf -s taler-deployment -o exchange-nexus-password` export LIBEUFIN_NEXUS_DB_CONNECTION="jdbc:sqlite:/data/nexus.sqlite3" echo -n "Creating Nexus superuser..." -libeufin-nexus superuser $EXCHANGE_NEXUS_USERNAME --password $EXCHANGE_NEXUS_PASSWORD +libeufin-nexus superuser $EXCHANGE_NEXUS_USERNAME \ + --password $EXCHANGE_NEXUS_PASSWORD echo DONE echo -n "Launching Nexus..." -libeufin-nexus serve --no-localhost-only --port $NEXUS_PORT & +libeufin-nexus serve --no-localhost-only --port $NEXUS_PORT | \ + rotatelogs -e /logs/libeufin-nexus-serve-%Y-%m-%d 86400 & echo DONE is_serving $LIBEUFIN_NEXUS_URL Nexus diff --git a/docker/hybrid/images/merchant/startup.sh b/docker/hybrid/images/merchant/startup.sh index 0014a21..6a64d33 100644 --- a/docker/hybrid/images/merchant/startup.sh +++ b/docker/hybrid/images/merchant/startup.sh @@ -23,7 +23,7 @@ echo Now DB is ready. socat TCP-LISTEN:5555,fork,reuseaddr TCP:exchange:80 & echo Checking exchange at: ${EXCHANGE_URL} -for n in `seq 1 30` +for n in `seq 1 20` do echo "." sleep 0.4 @@ -33,7 +33,7 @@ for n in `seq 1 30` done if [ 1 != $OK ] then - echo "Exchange unreachable." + echo "ERROR: exchange unreachable." exit 1 fi echo Echange reachable. @@ -45,10 +45,11 @@ sed -i "s/__EXCHANGE_PUB__/${EXCHANGE_MASTER_PUB}/" /config/taler.conf sed -i "s/__CURRENCY__/${CURRENCY}/" /config/taler.conf sed -i "s/__BACKEND_APIKEY__/${BACKEND_APIKEY}/" /config/taler.conf echo -n "Reset database..." -taler-merchant-dbinit -c /config/taler.conf --reset +taler-merchant-dbinit -L DEBUG -c /config/taler.conf --reset 2>&1 echo DONE echo -n "Launch merchant backend..." -taler-merchant-httpd -c /config/taler.conf & +taler-merchant-httpd -c /config/taler.conf 2>&1 | \ + rotatelogs -e /logs/taler-merchant-httpd-%Y-%m-%d 86400 & echo DONE sleep 1 echo -n "Create default instance..." diff --git a/docker/hybrid/images/postgres/Dockerfile b/docker/hybrid/images/postgres/Dockerfile index 6c46150..9b99dc1 100644 --- a/docker/hybrid/images/postgres/Dockerfile +++ b/docker/hybrid/images/postgres/Dockerfile @@ -1,4 +1,4 @@ FROM docker.io/postgres -ENV POSTGRES_HOST_AUTH_METHOD=trust -COPY init.sql /docker-entrypoint-initdb.d/init.sql +COPY init.sh /docker-entrypoint-initdb.d/init.sh +RUN chmod +x /docker-entrypoint-initdb.d/init.sh diff --git a/docker/hybrid/images/postgres/init.sql b/docker/hybrid/images/postgres/init.sql deleted file mode 100644 index dec35df..0000000 --- a/docker/hybrid/images/postgres/init.sql +++ /dev/null @@ -1,2 +0,0 @@ -CREATE ROLE root SUPERUSER LOGIN; -CREATE DATABASE taler WITH OWNER root; |