diff options
-rw-r--r-- | netzbon/.gitignore | 1 | ||||
-rw-r--r-- | netzbon/.shellcheckrc | 1 | ||||
-rwxr-xr-x | netzbon/config_launch_libeufin.sh | 120 | ||||
-rwxr-xr-x | netzbon/config_nginx.sh | 48 | ||||
-rwxr-xr-x | netzbon/functions.sh | 59 | ||||
-rwxr-xr-x | netzbon/install_packages.sh | 33 | ||||
-rwxr-xr-x | netzbon/main.sh | 113 | ||||
-rw-r--r-- | netzbon/nginx-conf/backend.taler-nginx.conf | 7 | ||||
-rw-r--r-- | netzbon/nginx-conf/bank.taler-nginx.conf | 4 | ||||
-rw-r--r-- | netzbon/nginx-conf/exchange.taler-nginx.conf | 2 | ||||
-rwxr-xr-x | netzbon/setup-exchange.sh | 270 | ||||
-rwxr-xr-x | netzbon/setup-merchant.sh | 1 | ||||
-rwxr-xr-x | netzbon/transfer.sh | 22 | ||||
-rw-r--r-- | sandcastle/README | 6 |
14 files changed, 317 insertions, 370 deletions
diff --git a/netzbon/.gitignore b/netzbon/.gitignore index c2d261b..4492389 100644 --- a/netzbon/.gitignore +++ b/netzbon/.gitignore @@ -1,2 +1,3 @@ nexus.log sandbox.log +config/ diff --git a/netzbon/.shellcheckrc b/netzbon/.shellcheckrc new file mode 100644 index 0000000..e170f39 --- /dev/null +++ b/netzbon/.shellcheckrc @@ -0,0 +1 @@ +disable=SC2018,SC2019 diff --git a/netzbon/config_launch_libeufin.sh b/netzbon/config_launch_libeufin.sh index 2cb6e61..0b6cb6f 100755 --- a/netzbon/config_launch_libeufin.sh +++ b/netzbon/config_launch_libeufin.sh @@ -30,29 +30,25 @@ source functions.sh source config/user.conf source config/internal.conf -if test -z "${BANK_NAME:-}" -then - say "Error: config/user.conf does not specify BANK_NAME" - exit 1 +if test -z "${BANK_NAME:-}"; then + say "Error: config/user.conf does not specify BANK_NAME" + exit 1 fi -if test -z ${DOMAIN_NAME:-} -then - say "Error: config/user.conf does not specify DOMAIN_NAME" - exit 1 +if test -z "${DOMAIN_NAME:-}"; then + say "Error: config/user.conf does not specify DOMAIN_NAME" + exit 1 fi -if test -z "${SANDBOX_ADMIN_PASSWORD:-}" -then - say "Error: config/user.conf does not specify SANDBOX_ADMIN_PASSWORD" - exit 1 +if test -z "${SANDBOX_ADMIN_PASSWORD:-}"; then + say "Error: config/user.conf does not specify SANDBOX_ADMIN_PASSWORD" + exit 1 fi # TODO: add sanity-checks for presence of other required env-vars -if test ${ENABLE_TLS:-} == "y" -then - PROTO="https" +if test "${ENABLE_TLS:-}" == "y"; then + PROTO="https" else - PROTO="http" + PROTO="http" fi say "Setting up libeufin" @@ -64,40 +60,39 @@ EBICS_USER_ID="exchangeebics" EBICS_CONNECTION_NAME="exchangeconn" LIBEUFIN_TALER_FACADE="taler-facade" export LIBEUFIN_NEXUS_USERNAME="exchange-at-nexus" -echo "LIBEUFIN_NEXUS_USERNAME=\"${LIBEUFIN_NEXUS_USERNAME}\"" >> config/internal.conf +echo "LIBEUFIN_NEXUS_USERNAME=\"${LIBEUFIN_NEXUS_USERNAME}\"" >>config/internal.conf # Load configuration with # LIBEUFIN_NEXUS_DB_CONNECTION and # LIBEUFIN_NEXUS_PORT +# shellcheck disable=SC1091 source /etc/libeufin/nexus.env export LIBEUFIN_NEXUS_DB_CONNECTION -if test -z ${LIBEUFIN_NEXUS_DB_CONNECTION:-} -then - say "Error: /etc/libeufin/nexus.env does not specify LIBEUFIN_NEXUS_DB_CONNECTION" - exit 1 +if test -z "${LIBEUFIN_NEXUS_DB_CONNECTION:-}"; then + say "Error: /etc/libeufin/nexus.env does not specify LIBEUFIN_NEXUS_DB_CONNECTION" + exit 1 fi export LIBEUFIN_NEXUS_PASSWORD=$NEXUS_EXCHANGE_PASSWORD export LIBEUFIN_NEXUS_URL="http://localhost:${LIBEUFIN_NEXUS_PORT}" - # Load configuration with # LIBEUFIN_SANDBOX_DB_CONNECTION and # LIBEUFIN_SANDBOX_PORT +# shellcheck disable=SC1091 . /etc/libeufin/sandbox.env export LIBEUFIN_SANDBOX_DB_CONNECTION -if test -z ${LIBEUFIN_SANDBOX_DB_CONNECTION:-} -then - say "Error: /etc/libeufin/sandbox.env does not specify LIBEUFIN_SANDBOX_DB_CONNECTION" - exit 1 +if test -z "${LIBEUFIN_SANDBOX_DB_CONNECTION:-}"; then + say "Error: /etc/libeufin/sandbox.env does not specify LIBEUFIN_SANDBOX_DB_CONNECTION" + exit 1 fi export LIBEUFIN_SANDBOX_ADMIN_PASSWORD="${SANDBOX_ADMIN_PASSWORD}" # FIXME-CG: this should be done inside the Debian package (incl. pw generation) # We need to add this password to the systemd environment to make it effective. -echo "LIBEUFIN_SANDBOX_ADMIN_PASSWORD=\"${SANDBOX_ADMIN_PASSWORD}\"" >> /etc/libeufin/sandbox.env +echo "LIBEUFIN_SANDBOX_ADMIN_PASSWORD=\"${SANDBOX_ADMIN_PASSWORD}\"" >>/etc/libeufin/sandbox.env SANDBOX_URL="http://localhost:${LIBEUFIN_SANDBOX_PORT}/" @@ -107,13 +102,13 @@ MY_DIR=$PWD # Go to directory valid for other users. cd / sudo -E -u libeufin-sandbox \ -libeufin-sandbox config \ - --captcha-url "${PROTO}://bank.${DOMAIN_NAME}" \ - --bank-debt-limit 1000000 \ - --users-debt-limit 0 \ - --without-signup-bonus \ - --currency ${CURRENCY} \ - default + libeufin-sandbox config \ + --captcha-url "${PROTO}://bank.${DOMAIN_NAME}" \ + --bank-debt-limit 1000000 \ + --users-debt-limit 0 \ + --without-signup-bonus \ + --currency "${CURRENCY}" \ + default say "DONE" say "Start the bank..." systemctl enable --now libeufin-sandbox @@ -121,17 +116,16 @@ systemctl enable --now libeufin-sandbox say "DONE" say "Waiting for sandbox..." curl --max-time 25 \ - --retry-connrefused \ - --retry-delay 3 \ - --retry 10 \ - ${SANDBOX_URL} &> /dev/null + --retry-connrefused \ + --retry-delay 3 \ + --retry 10 \ + "${SANDBOX_URL}" &>/dev/null say "DONE" - say "Make one superuser at Nexus..." sudo -E -u libeufin-nexus libeufin-nexus superuser \ ${LIBEUFIN_NEXUS_USERNAME} \ - --password $NEXUS_EXCHANGE_PASSWORD + --password "$NEXUS_EXCHANGE_PASSWORD" say "DONE" say "Launching Nexus..." @@ -140,10 +134,10 @@ systemctl enable --now libeufin-nexus say "DONE" say "Waiting for Nexus..." curl --max-time 25 \ - --retry-connrefused \ - --retry-delay 3 \ - --retry 10 \ - ${LIBEUFIN_NEXUS_URL} &> /dev/null + --retry-connrefused \ + --retry-delay 3 \ + --retry 10 \ + "${LIBEUFIN_NEXUS_URL}" &>/dev/null say "DONE" EXCHANGE_SANDBOX_USERNAME="exchange-at-sandbox" @@ -155,28 +149,28 @@ export LIBEUFIN_SANDBOX_PASSWORD="${SANDBOX_EXCHANGE_PASSWORD}" # FIXME-MS: might be better to DELETE an existing # account here instead!?? libeufin-cli \ - sandbox --sandbox-url ${SANDBOX_URL} \ + sandbox --sandbox-url "${SANDBOX_URL}" \ demobank register || true say "DONE" say "Getting the exchange IBAN and Payto URI..." EXCHANGE_DETAILS=$(libeufin-cli \ - sandbox --sandbox-url ${SANDBOX_URL} \ + sandbox --sandbox-url "${SANDBOX_URL}" \ demobank info --bank-account ${LIBEUFIN_SANDBOX_USERNAME}) say "DONE" -EXCHANGE_IBAN=$(echo $EXCHANGE_DETAILS | jq -r .iban) -EXCHANGE_PAYTO=$(echo $EXCHANGE_DETAILS | jq -r .paytoUri) +EXCHANGE_IBAN=$(echo "$EXCHANGE_DETAILS" | jq -r .iban) +EXCHANGE_PAYTO=$(echo "$EXCHANGE_DETAILS" | jq -r .paytoUri) # Communicating this to the exchange script, as the exchange # needs it for the /wire response. export EXCHANGE_IBAN export EXCHANGE_PAYTO -echo "EXCHANGE_IBAN=\"${EXCHANGE_IBAN}\"" >> ${MY_DIR}/config/internal.conf -echo "EXCHANGE_PAYTO=\"${EXCHANGE_PAYTO}\"" >> ${MY_DIR}/config/internal.conf +echo "EXCHANGE_IBAN=\"${EXCHANGE_IBAN}\"" >>"${MY_DIR}"/config/internal.conf +echo "EXCHANGE_PAYTO=\"${EXCHANGE_PAYTO}\"" >>"${MY_DIR}"/config/internal.conf say "Setting the default exchange at Sandbox..." -libeufin-sandbox default-exchange "${PROTO}://exchange.$DOMAIN_NAME/" $EXCHANGE_PAYTO +libeufin-sandbox default-exchange "${PROTO}://exchange.$DOMAIN_NAME/" "$EXCHANGE_PAYTO" say "DONE" export LIBEUFIN_SANDBOX_USERNAME="admin" @@ -185,16 +179,15 @@ say "Create EBICS host at Sandbox..." # Continue on failure, request is not idempotent... # FIXME-MS: might be nicer to delete existing host first. libeufin-cli sandbox \ - --sandbox-url ${SANDBOX_URL} \ + --sandbox-url "${SANDBOX_URL}" \ ebicshost create --host-id ${EBICS_HOST_ID} || true say "OK" - say "Create exchange EBICS subscriber at Sandbox..." # Continue on failure, request is not idempotent... # FIXME-MS: might be nicer to delete existing host first. libeufin-cli sandbox \ - --sandbox-url ${SANDBOX_URL} \ + --sandbox-url "${SANDBOX_URL}" \ demobank new-ebicssubscriber \ --host-id ${EBICS_HOST_ID} \ --user-id ${EBICS_USER_ID} \ @@ -202,7 +195,6 @@ libeufin-cli sandbox \ --bank-account ${EXCHANGE_SANDBOX_USERNAME} || true say "OK" - say "Creating the EBICS connection at Nexus..." # Continue on failure, request is not idempotent... # FIXME-MS: might be nicer to delete existing host first. @@ -215,7 +207,7 @@ libeufin-cli connections new-ebics-connection \ say "DONE" say "Setup EBICS keying..." -libeufin-cli connections connect ${EBICS_CONNECTION_NAME} > /dev/null +libeufin-cli connections connect ${EBICS_CONNECTION_NAME} >/dev/null say "OK" say "Download bank account name from Sandbox..." @@ -236,13 +228,13 @@ say "Create the Taler facade at Nexus..." # FIXME-MS: might be nicer to delete existing facade first. libeufin-cli facades \ new-taler-wire-gateway-facade \ - --currency $CURRENCY \ + --currency "$CURRENCY" \ --facade-name ${LIBEUFIN_TALER_FACADE} \ ${EBICS_CONNECTION_NAME} ${LIBEUFIN_NEXUS_USERNAME} || true say "OK" export WIRE_GATEWAY_URL="${LIBEUFIN_NEXUS_URL}/facades/${LIBEUFIN_TALER_FACADE}/taler-wire-gateway/" -echo "WIRE_GATEWAY_URL=\"${WIRE_GATEWAY_URL}\"" >> ${MY_DIR}/config/internal.conf +echo "WIRE_GATEWAY_URL=\"${WIRE_GATEWAY_URL}\"" >>"${MY_DIR}"/config/internal.conf say "Configuring the background jobs to submit/get transactions..." # Tries every second. @@ -266,14 +258,12 @@ libeufin-cli accounts task-schedule \ exchange-at-nexus || true say "OK" - say "Setting up SPA configuration..." -cat /usr/share/libeufin/demobank-ui/demobank-ui-settings.js \ - | sed -e "s/localhost/bank.${DOMAIN_NAME}/g" \ - | sed -e "s/Taler Bank/${BANK_NAME}/g" \ - > /etc/libeufin/demobank-ui-settings.js; +# shellcheck disable=SC2002 +cat /usr/share/libeufin/demobank-ui/demobank-ui-settings.js | + sed -e "s/localhost/bank.${DOMAIN_NAME}/g" | + sed -e "s/Taler Bank/${BANK_NAME}/g" \ + >/etc/libeufin/demobank-ui-settings.js say "DONE" - -cd ${MY_DIR} diff --git a/netzbon/config_nginx.sh b/netzbon/config_nginx.sh index b5d824b..6e90268 100755 --- a/netzbon/config_nginx.sh +++ b/netzbon/config_nginx.sh @@ -2,44 +2,42 @@ source functions.sh source config/user.conf -export DOMAIN_NAME=${DOMAIN_NAME} -envsubst <nginx-conf/backend.taler-nginx.conf > /etc/nginx/sites-available/backend.${DOMAIN_NAME} -envsubst <nginx-conf/bank.taler-nginx.conf > /etc/nginx/sites-available/bank.${DOMAIN_NAME} -envsubst <nginx-conf/exchange.taler-nginx.conf > /etc/nginx/sites-available/exchange.${DOMAIN_NAME} - -# Create nginx symlinks, just once - -if [ ! -f /etc/nginx/sites-enabled/backend."${DOMAIN_NAME}" ];then -ln -s /etc/nginx/sites-available/backend."${DOMAIN_NAME}" /etc/nginx/sites-enabled/backend."${DOMAIN_NAME}" +if test "${ENABLE_TLS:-}" == "y"; then + PROTO="https" +else + PROTO="http" fi -if [ ! -f /etc/nginx/sites-enabled/bank."${DOMAIN_NAME}" ];then -ln -s /etc/nginx/sites-available/bank."${DOMAIN_NAME}" /etc/nginx/sites-enabled/bank."${DOMAIN_NAME}" -fi +export PROTO +export DOMAIN_NAME -if [ ! -f /etc/nginx/sites-enabled/exchange."${DOMAIN_NAME}" ];then -ln -s /etc/nginx/sites-available/exchange."${DOMAIN_NAME}" /etc/nginx/sites-enabled/exchange."${DOMAIN_NAME}" -fi +envsubst <nginx-conf/backend.taler-nginx.conf >"/etc/nginx/sites-available/backend.${DOMAIN_NAME}" +envsubst <nginx-conf/bank.taler-nginx.conf >"/etc/nginx/sites-available/bank.${DOMAIN_NAME}" +envsubst <nginx-conf/exchange.taler-nginx.conf >"/etc/nginx/sites-available/exchange.${DOMAIN_NAME}" +# Create nginx symlinks +ln -sf /etc/nginx/sites-available/backend."${DOMAIN_NAME}" /etc/nginx/sites-enabled/backend."${DOMAIN_NAME}" +ln -sf /etc/nginx/sites-available/bank."${DOMAIN_NAME}" /etc/nginx/sites-enabled/bank."${DOMAIN_NAME}" +ln -sf /etc/nginx/sites-available/exchange."${DOMAIN_NAME}" /etc/nginx/sites-enabled/exchange."${DOMAIN_NAME}" -if test "${ENABLE_TLS}" == "y" -then +if test "${ENABLE_TLS}" == "y"; then -# patch to: Replace http to https, to avoid error of mixed content + # Replace http with https in the demobank-ui configuration -sed -i "s/http:\/\/bank./https:\/\/bank./g" /etc/libeufin/demobank-ui-settings.js + sed -i "s/http:\/\/bank./https:\/\/bank./g" /etc/libeufin/demobank-ui-settings.js -# Certbot + # Certbot - say "Obtaining TLS certificates" + say "Obtaining TLS certificates" - certbot -d backend."${DOMAIN_NAME}" \ - -d bank."${DOMAIN_NAME}" \ - -d exchange."${DOMAIN_NAME}" + certbot -d backend."${DOMAIN_NAME}" \ + -d bank."${DOMAIN_NAME}" \ + -d exchange."${DOMAIN_NAME}" +else + sed -i "s/https:\/\/bank./http:\/\/bank./g" /etc/libeufin/demobank-ui-settings.js fi - say "Restarting Nginx with new configuration" systemctl reload nginx diff --git a/netzbon/functions.sh b/netzbon/functions.sh index 29d9770..753d846 100755 --- a/netzbon/functions.sh +++ b/netzbon/functions.sh @@ -1,64 +1,27 @@ #!/bin/bash # Message - -function say() -{ - echo "TALER: " "$@" +function say() { + echo "TALER: " "$@" } - # Check user if the user is root +function check_user() { -function check_user() -{ - - if [ "$(whoami)" != "root" ]; then - say "Please run this script as root" - exit 1 - fi -} - -# Create users "exchange" and "merchant" -# Deprecated: should be done by Debian! -function create_users() -{ - say "Creating users" - for n in exchange merchant - do - # Only setup use if it does not yet exist - if test ! -d /home/$n - then - adduser --disabled-password $n - fi - done -} - -# Assign group and permissions to users -# Deprecated: should be done by Debian! -function assign_user_permissions() -{ - for n in exchange merchant - do - adduser www-data $n - mkdir -p /home/$n/.config/ - # FIXME - # cp -r $n/* /home/$n/ - # TODO: No taler.conf is provided - # mv /home/$n/taler.conf /home/$n/.config/taler.conf - chmod 600 /home/$n/.config/taler.conf - chown -R $n:$n /home/$n/ - su - postgres -c "createuser $n" - su - postgres -c "createdb -O $n taler-$n" - done + if [ "$(whoami)" != "root" ]; then + say "Please run this script as root" + exit 1 + fi } # Set DISTRO to the detected distro or return non-zero # status if distro not supported. -function detect_distro() -{ +function detect_distro() { unset DISTRO + # shellcheck disable=SC2034 uname -a | grep Ubuntu >/dev/null && DISTRO=ubuntu && return 0 + # shellcheck disable=SC2034 uname -a | grep Debian >/dev/null && DISTRO=debian && return 0 + echo "Unsupported distro, should be either ubuntu or debian" >&2 return 1 } diff --git a/netzbon/install_packages.sh b/netzbon/install_packages.sh index fdfdb5a..2f16620 100755 --- a/netzbon/install_packages.sh +++ b/netzbon/install_packages.sh @@ -25,15 +25,15 @@ apt update ## General requirements apt install uuid-runtime \ - curl \ - jq \ - wget \ - nginx \ - postgresql-${PG_VERSION} \ - postgresql-client-${PG_VERSION} \ - dbconfig-pgsql \ - certbot \ - python3-certbot-nginx -y + curl \ + jq \ + wget \ + nginx \ + postgresql-${PG_VERSION} \ + postgresql-client-${PG_VERSION} \ + dbconfig-pgsql \ + certbot \ + python3-certbot-nginx -y ## Add GNU Taler deb.taler.net to /etc/apt/sources.list @@ -41,19 +41,18 @@ say "Adding GNU Taler apt repository" say "Detected distro $DISTRO" case $DISTRO in - debian) - echo "deb [signed-by=/etc/apt/keyrings/taler-systems.gpg] https://deb.taler.net/apt/debian stable main" > /etc/apt/sources.list.d/taler.list +debian) + echo "deb [signed-by=/etc/apt/keyrings/taler-systems.gpg] https://deb.taler.net/apt/debian stable main" >/etc/apt/sources.list.d/taler.list ;; - ubuntu) - echo "deb [signed-by=/etc/apt/keyrings/taler-systems.gpg] https://deb.taler.net/apt/ubuntu stable main" > /etc/apt/sources.list.d/taler.list +ubuntu) + echo "deb [signed-by=/etc/apt/keyrings/taler-systems.gpg] https://deb.taler.net/apt/ubuntu stable main" >/etc/apt/sources.list.d/taler.list ;; - *) - say "Unsupported distro: $DISTRO" - exit 1 +*) + say "Unsupported distro: $DISTRO" + exit 1 ;; esac - wget -P /etc/apt/keyrings https://taler.net/taler-systems.gpg ## Specific GNU Taler packages diff --git a/netzbon/main.sh b/netzbon/main.sh index cb24172..63d6c68 100755 --- a/netzbon/main.sh +++ b/netzbon/main.sh @@ -26,62 +26,53 @@ say "" say "All configuration values asked during the setup script" say "can be changed in config/user.conf" -if test -z "${CURRENCY:-}" -then - read -p "Enter the name of the currency (e.g. 'EUR'): " CURRENCY - # convert to all-caps - CURRENCY=`echo ${CURRENCY} | tr a-z A-Z` - # libeufin currenly doesn't like currency names less than 3 letters. - if [[ ${#CURRENCY} -lt 3 || ${#CURRENCY} -gt 11 ]]; then - say "Currency name must be between 3 and 10 letters" - exit 1 - fi - echo "CURRENCY=${CURRENCY}" >> config/user.conf +if test -z "${CURRENCY:-}"; then + read -r -p "Enter the name of the currency (e.g. 'EUR'): " CURRENCY + # convert to all-caps + CURRENCY=$(echo "${CURRENCY}" | tr a-z A-Z) + # libeufin currenly doesn't like currency names less than 3 letters. + if [[ ${#CURRENCY} -lt 3 || ${#CURRENCY} -gt 11 ]]; then + say "Currency name must be between 3 and 10 letters" + exit 1 + fi + echo "CURRENCY=${CURRENCY}" >>config/user.conf fi -if test -z "${BANK_NAME:-}" -then - read -p "Enter the human-readable name of the bank (e.g. 'Taler Bank'): " BANK_NAME - echo "BANK_NAME=\"${BANK_NAME}\"" >> config/user.conf +if test -z "${BANK_NAME:-}"; then + read -r -p "Enter the human-readable name of the bank (e.g. 'Taler Bank'): " BANK_NAME + echo "BANK_NAME=\"${BANK_NAME}\"" >>config/user.conf fi -if test -z "${ENABLE_TLS:-}" -then - read -p "Use TLS? (y/n): " ENABLE_TLS - echo "ENABLE_TLS=${ENABLE_TLS}" >> config/user.conf +if test -z "${ENABLE_TLS:-}"; then + read -r -p "Use TLS? (y/n): " ENABLE_TLS + echo "ENABLE_TLS=${ENABLE_TLS}" >>config/user.conf fi -if test -z "${DO_OFFLINE:-}" -then - read -p "Run taler-exchange-offline? (y/n): " DO_OFFLINE - echo "DO_OFFLINE=${DO_OFFLINE}" >> config/user.conf +if test -z "${DO_OFFLINE:-}"; then + read -r -p "Run taler-exchange-offline? (y/n): " DO_OFFLINE + echo "DO_OFFLINE=${DO_OFFLINE}" >>config/user.conf fi -if test -z "${MASTER_PUBLIC_KEY:-}" -then - if test ${DO_OFFLINE:-y} == n - then - read -p "Enter the exchange-offline master public key: " MASTER_PUBLIC_KEY - echo "MASTER_PUBLIC_KEY=${MASTER_PUBLIC_KEY}" >> config/user.conf - fi +if test -z "${MASTER_PUBLIC_KEY:-}"; then + if test "${DO_OFFLINE:-y}" == n; then + read -r -p "Enter the exchange-offline master public key: " MASTER_PUBLIC_KEY + echo "MASTER_PUBLIC_KEY=${MASTER_PUBLIC_KEY}" >>config/user.conf + fi fi -if test -z "${SANDBOX_ADMIN_PASSWORD:-}" -then - read -s -p "Enter the admin password for the bank: " SANDBOX_ADMIN_PASSWORD - echo "SANDBOX_ADMIN_PASSWORD=${SANDBOX_ADMIN_PASSWORD}" >> config/user.conf - echo "" # force new line +if test -z "${SANDBOX_ADMIN_PASSWORD:-}"; then + read -r -s -p "Enter the admin password for the bank: " SANDBOX_ADMIN_PASSWORD + echo "SANDBOX_ADMIN_PASSWORD=${SANDBOX_ADMIN_PASSWORD}" >>config/user.conf + echo "" # force new line fi -if test -z "${DOMAIN_NAME:-}" -then - read -p "Enter the domain name: " DOMAIN_NAME - # convert to lower-case - DOMAIN_NAME=`echo ${DOMAIN_NAME} | tr A-Z a-z` - echo "DOMAIN_NAME=${DOMAIN_NAME}" >> config/user.conf +if test -z "${DOMAIN_NAME:-}"; then + read -r -p "Enter the domain name: " DOMAIN_NAME + # convert to lower-case + DOMAIN_NAME=$(echo "${DOMAIN_NAME}" | tr A-Z a-z) + echo "DOMAIN_NAME=${DOMAIN_NAME}" >>config/user.conf fi # END USER INTERACTION # Check DNS settings -if ! ping -c1 exchange.${DOMAIN_NAME} &> /dev/null -then - say "Could not ping exchange.${DOMAIN_NAME}." - say "Please make sure your DNS/network are working." - exit 1 +if ! ping -c1 "exchange.${DOMAIN_NAME}" &>/dev/null; then + say "Could not ping exchange.${DOMAIN_NAME}." + say "Please make sure your DNS/network are working." + exit 1 fi # Check if the user is root, otherwise EXIT. @@ -90,29 +81,25 @@ check_user # Installation of deb packages required . install_packages.sh -if test -z "${NEXUS_EXCHANGE_PASSWORD:-}" -then - NEXUS_EXCHANGE_PASSWORD=`uuidgen` - echo "NEXUS_EXCHANGE_PASSWORD=${NEXUS_EXCHANGE_PASSWORD}" >> config/internal.conf +if test -z "${NEXUS_EXCHANGE_PASSWORD:-}"; then + NEXUS_EXCHANGE_PASSWORD=$(uuidgen) + echo "NEXUS_EXCHANGE_PASSWORD=${NEXUS_EXCHANGE_PASSWORD}" >>config/internal.conf fi -if test -z "${SANDBOX_EXCHANGE_PASSWORD:-}" -then - SANDBOX_EXCHANGE_PASSWORD=`uuidgen` - echo "SANDBOX_EXCHANGE_PASSWORD=${SANDBOX_EXCHANGE_PASSWORD}" >> config/internal.conf +if test -z "${SANDBOX_EXCHANGE_PASSWORD:-}"; then + SANDBOX_EXCHANGE_PASSWORD=$(uuidgen) + echo "SANDBOX_EXCHANGE_PASSWORD=${SANDBOX_EXCHANGE_PASSWORD}" >>config/internal.conf fi -. config_launch_libeufin.sh -. config_nginx.sh -. setup-exchange.sh -. setup-merchant.sh - +./config_launch_libeufin.sh +./config_nginx.sh +./setup-exchange.sh +./setup-merchant.sh # Final message to the user -if test ${ENABLE_TLS:-} == "y" -then - PROTO="https" +if test "${ENABLE_TLS:-}" == "y"; then + PROTO="https" else - PROTO="http" + PROTO="http" fi #Check services, and if down restart diff --git a/netzbon/nginx-conf/backend.taler-nginx.conf b/netzbon/nginx-conf/backend.taler-nginx.conf index 07dceed..3e20704 100644 --- a/netzbon/nginx-conf/backend.taler-nginx.conf +++ b/netzbon/nginx-conf/backend.taler-nginx.conf @@ -3,13 +3,12 @@ server { listen 80; listen [::]:80; - server_name backend."${DOMAIN_NAME}"; + server_name backend.${DOMAIN_NAME}; location / { proxy_pass http://unix:/var/run/taler/merchant-httpd/merchant-http.sock; - proxy_set_header X-Forwarded-Proto "https"; - proxy_set_header X-Forwarded-Host "backend.netzbon.valenciatech.cloud"; + proxy_set_header X-Forwarded-Proto "${PROTO}"; + proxy_set_header X-Forwarded-Host "backend.${DOMAIN_NAME}"; proxy_set_header X-Forwarded-Prefix /; } - } diff --git a/netzbon/nginx-conf/bank.taler-nginx.conf b/netzbon/nginx-conf/bank.taler-nginx.conf index 6216efe..dcdd265 100644 --- a/netzbon/nginx-conf/bank.taler-nginx.conf +++ b/netzbon/nginx-conf/bank.taler-nginx.conf @@ -2,7 +2,7 @@ server { listen 80; listen [::]:80; - server_name bank."${DOMAIN_NAME}"; + server_name bank.${DOMAIN_NAME}; access_log /var/log/nginx/libeufin-sandbox.log; error_log /var/log/nginx/libeufin-sandbox.err; @@ -10,7 +10,7 @@ server { location /demobanks/default { proxy_pass http://localhost:5016; #Fixes withdrawal http request - proxy_set_header X-Forwarded-Proto "https"; + proxy_set_header X-Forwarded-Proto "${PROTO}"; proxy_set_header X-Forwarded-Host "bank.${DOMAIN_NAME}"; proxy_set_header X-Forwarded-Prefix /; } diff --git a/netzbon/nginx-conf/exchange.taler-nginx.conf b/netzbon/nginx-conf/exchange.taler-nginx.conf index 1d36046..0f470a1 100644 --- a/netzbon/nginx-conf/exchange.taler-nginx.conf +++ b/netzbon/nginx-conf/exchange.taler-nginx.conf @@ -3,7 +3,7 @@ server { listen 80; listen [::]:80; - server_name exchange."${DOMAIN_NAME}"; + server_name exchange.${DOMAIN_NAME}; location / { proxy_pass http://unix:/var/run/taler/exchange-httpd/exchange-http.sock; diff --git a/netzbon/setup-exchange.sh b/netzbon/setup-exchange.sh index 54795d9..ab7da70 100755 --- a/netzbon/setup-exchange.sh +++ b/netzbon/setup-exchange.sh @@ -1,7 +1,25 @@ #!/bin/bash +# Set up error handling + set -eu +notify_exit() { + [[ $1 == 0 ]] || echo Script "$0" failed, exit code "$1" +} + +notify_err() { + echo "errexit on line $(caller)" >&2 +} + +trap '(exit 130)' INT +trap '(exit 143)' TERM +trap notify_err ERR +# shellcheck disable=SC2154 +trap 'rc=$?; notify_exit $rc; exit $rc' EXIT + +# End of error handling setup + source functions.sh source config/user.conf source config/internal.conf @@ -17,68 +35,66 @@ say "Beginning Exchange setup" # - EXCHANGE_PAYTO (exchange account PAYTO) # - ENABLE_TLS (http or https?) -if test -z ${LIBEUFIN_NEXUS_USERNAME:-} -then - say "Failure: LIBEUFIN_NEXUS_USERNAME not set" - exit 1 +if test -z "${LIBEUFIN_NEXUS_USERNAME:-}"; then + say "Failure: LIBEUFIN_NEXUS_USERNAME not set" + exit 1 fi -if test -z ${NEXUS_EXCHANGE_PASSWORD:-} -then - say "Failure: NEXUS_EXCHANGE_PASSWORD not set" - exit 1 +if test -z "${NEXUS_EXCHANGE_PASSWORD:-}"; then + say "Failure: NEXUS_EXCHANGE_PASSWORD not set" + exit 1 fi -if test -z ${EXCHANGE_IBAN:-} -then - say "Failure: EXCHANGE_IBAN not set" - exit 1 +if test -z "${EXCHANGE_IBAN:-}"; then + say "Failure: EXCHANGE_IBAN not set" + exit 1 fi -if test -z ${WIRE_GATEWAY_URL:-} -then - say "Failure: WIRE_GATEWAY_URL not set" - exit 1 +if test -z "${WIRE_GATEWAY_URL:-}"; then + say "Failure: WIRE_GATEWAY_URL not set" + exit 1 fi -if test -z ${EXCHANGE_PAYTO:-} -then - say "Failure: EXCHANGE_PAYTO not set" - exit 1 +if test -z "${EXCHANGE_PAYTO:-}"; then + say "Failure: EXCHANGE_PAYTO not set" + exit 1 fi +function die() { + say "$1" + exit 1 +} + +# Just try if sudo works for diagnostics +sudo -i -u taler-exchange-offline id >/dev/null || die "Error: Unable to switch to taler-exchange-offline user" + # Create master key as taler-exchange-offline *unless* user already # set the MASTER_PUBLIC_KEY to some value we can use. export MASTER_PRIV_DIR=.local/share/taler/exchange/offline-keys export MASTER_PRIV_FILE=${MASTER_PRIV_DIR}/master.priv export SECMOD_TOFU_FILE=${MASTER_PRIV_DIR}/secm_tofus.pub -if test -z ${MASTER_PUBLIC_KEY:-} -then - if test ${DO_OFFLINE:-y} == n - then - say "Error: No MASTER_PUBLIC_KEY but DO_OFFLINE set to NO" - exit 1 - fi - say "Setting up offline key" - echo -e "[exchange-offline]\n"\ - "MASTER_PRIV_FILE=\$HOME/${MASTER_PRIV_FILE}\n"\ - "SECM_TOFU_FILE=\$HOME/${SECMOD_TOFU_FILE}\n"\ - > /etc/taler/conf.d/offline-setup.conf - - MASTER_PUBLIC_KEY=`sudo -i -u taler-exchange-offline taler-exchange-offline setup` - echo "MASTER_PUBLIC_KEY=\"${MASTER_PUBLIC_KEY}\"" >> config/user.conf - if test -z ${DO_OFFLINE:-} - then - # Set 'DO_OFFLINE' - DO_OFFLINE=y - echo "DO_OFFLINE=y" >> config/user.conf - fi +if test -z "${MASTER_PUBLIC_KEY:-}"; then + if test "${DO_OFFLINE:-y}" == n; then + say "Error: No MASTER_PUBLIC_KEY but DO_OFFLINE set to NO" + exit 1 + fi + say "Setting up offline key" + echo -e "[exchange-offline]\n" \ + "MASTER_PRIV_FILE=\$HOME/${MASTER_PRIV_FILE}\n" \ + "SECM_TOFU_FILE=\$HOME/${SECMOD_TOFU_FILE}\n" \ + >/etc/taler/conf.d/offline-setup.conf + + MASTER_PUBLIC_KEY=$(sudo -i -u taler-exchange-offline taler-exchange-offline -LDEBUG setup) + echo "MASTER_PUBLIC_KEY=\"${MASTER_PUBLIC_KEY}\"" >>config/user.conf + if test -z "${DO_OFFLINE:-}"; then + # Set 'DO_OFFLINE' + DO_OFFLINE=y + echo "DO_OFFLINE=y" >>config/user.conf + fi else say "Master public key is $MASTER_PUBLIC_KEY" - if test ${DO_OFFLINE:-y} == y - then - MASTER_PUBLIC_KEY2=`sudo -i -u taler-exchange-offline taler-exchange-offline setup` - if test "${MASTER_PUBLIC_KEY2}" != "${MASTER_PUBLIC_KEY}" - then - say "Error: master public key missmatch ${MASTER_PUBLIC_KEY2} does not match ${MASTER_PUBLIC_KEY}" - exit 1 - fi + if test ${DO_OFFLINE:-y} == y; then + MASTER_PUBLIC_KEY2=$(sudo -i -u taler-exchange-offline taler-exchange-offline setup) + if test "${MASTER_PUBLIC_KEY2}" != "${MASTER_PUBLIC_KEY}"; then + say "Error: master public key missmatch ${MASTER_PUBLIC_KEY2} does not match ${MASTER_PUBLIC_KEY}" + exit 1 + fi fi fi @@ -98,123 +114,117 @@ sudo -i -u postgres createdb -O taler-exchange-httpd $EXCHANGE_DB || true say "Configuring exchange" -if test ${ENABLE_TLS} = "y" -then - export EXCHANGE_BASE_URL="https://exchange.${DOMAIN_NAME}/" +if test "${ENABLE_TLS}" = "y"; then + export EXCHANGE_BASE_URL="https://exchange.${DOMAIN_NAME}/" else - export EXCHANGE_BASE_URL="http://exchange.${DOMAIN_NAME}/" + export EXCHANGE_BASE_URL="http://exchange.${DOMAIN_NAME}/" fi # Generate /etc/taler/conf.d/setup.conf -echo -e "[taler]\n"\ - "CURRENCY=${CURRENCY}\n"\ - "CURRENCY_ROUND_UNIT=${CURRENCY}:0.01\n"\ - "AML_THRESHOLD=${CURRENCY}:1000000\n"\ - "\n[exchange]\n"\ - "MASTER_PUBLIC_KEY=${MASTER_PUBLIC_KEY}\n"\ - "BASE_URL=${EXCHANGE_BASE_URL}\n"\ - "\n[merchant-exchange-${DOMAIN_NAME}]\n"\ - "MASTER_KEY=${MASTER_PUBLIC_KEY}\n"\ - "CURRENCY=${CURRENCY}\n"\ - "EXCHANGE_BASE_URL=${EXCHANGE_BASE_URL}\n"\ - "\n[exchange-account-default]\n"\ - "PAYTO_URI=${EXCHANGE_PAYTO}\n"\ - "ENABLE_DEBIT=YES\n"\ - "ENABLE_CREDIT=YES\n"\ - "@inline-secret@ exchange-accountcredentials-default ../secrets/exchange-accountcredentials-default.secret.conf\n" \ - > /etc/taler/conf.d/setup.conf - -echo -e "[exchangedb-postgres]\n"\ - "CONFIG=postgres:///${EXCHANGE_DB}\n"\ - > /etc/taler/secrets/exchange-db.secret.conf +echo -e "[taler]\n" \ + "CURRENCY=${CURRENCY}\n" \ + "CURRENCY_ROUND_UNIT=${CURRENCY}:0.01\n" \ + "AML_THRESHOLD=${CURRENCY}:1000000\n" \ + "\n[exchange]\n" \ + "MASTER_PUBLIC_KEY=${MASTER_PUBLIC_KEY}\n" \ + "BASE_URL=${EXCHANGE_BASE_URL}\n" \ + "\n[merchant-exchange-${DOMAIN_NAME}]\n" \ + "MASTER_KEY=${MASTER_PUBLIC_KEY}\n" \ + "CURRENCY=${CURRENCY}\n" \ + "EXCHANGE_BASE_URL=${EXCHANGE_BASE_URL}\n" \ + "\n[exchange-account-default]\n" \ + "PAYTO_URI=${EXCHANGE_PAYTO}\n" \ + "ENABLE_DEBIT=YES\n" \ + "ENABLE_CREDIT=YES\n" \ + "@inline-secret@ exchange-accountcredentials-default ../secrets/exchange-accountcredentials-default.secret.conf\n" \ + >/etc/taler/conf.d/setup.conf + +echo -e "[exchangedb-postgres]\n" \ + "CONFIG=postgres:///${EXCHANGE_DB}\n" \ + >/etc/taler/secrets/exchange-db.secret.conf chmod 440 /etc/taler/secrets/exchange-db.secret.conf chown root:taler-exchange-db /etc/taler/secrets/exchange-db.secret.conf -echo -e "[exchange-accountcredentials-default]\n"\ - "WIRE_GATEWAY_URL=${WIRE_GATEWAY_URL}\n"\ - "WIRE_GATEWAY_AUTH_METHOD=basic\n"\ - "USERNAME=${LIBEUFIN_NEXUS_USERNAME}\n"\ - "PASSWORD=${NEXUS_EXCHANGE_PASSWORD}\n"\ - > /etc/taler/secrets/exchange-accountcredentials-default.secret.conf +echo -e "[exchange-accountcredentials-default]\n" \ + "WIRE_GATEWAY_URL=${WIRE_GATEWAY_URL}\n" \ + "WIRE_GATEWAY_AUTH_METHOD=basic\n" \ + "USERNAME=${LIBEUFIN_NEXUS_USERNAME}\n" \ + "PASSWORD=${NEXUS_EXCHANGE_PASSWORD}\n" \ + >/etc/taler/secrets/exchange-accountcredentials-default.secret.conf chmod 400 /etc/taler/secrets/exchange-accountcredentials-default.secret.conf chown taler-exchange-wire:taler-exchange-db /etc/taler/secrets/exchange-accountcredentials-default.secret.conf taler-harness deployment gen-coin-config \ - --min-amount ${CURRENCY}:0.01 \ - --max-amount ${CURRENCY}:100 \ - | sed -e "s/FEE_DEPOSIT = ${CURRENCY}:0.01/FEE_DEPOSIT = ${CURRENCY}:0/" \ - > /etc/taler/conf.d/${CURRENCY}-coins.conf - + --min-amount "${CURRENCY}":0.01 \ + --max-amount "${CURRENCY}":100 | + sed -e "s/FEE_DEPOSIT = ${CURRENCY}:0.01/FEE_DEPOSIT = ${CURRENCY}:0/" \ + >/etc/taler/conf.d/"${CURRENCY}"-coins.conf # FIXME-DOLD: this belongs with taler-harness -for SEC in `taler-config -c /etc/taler/conf.d/${CURRENCY}-coins.conf -S | grep COIN-` -do - taler-config -c /etc/taler/conf.d/${CURRENCY}-coins.conf -s $SEC -o CIPHER -V "RSA" +for SEC in $(taler-config -c /etc/taler/conf.d/"${CURRENCY}"-coins.conf -S | grep COIN-); do + taler-config -c /etc/taler/conf.d/"${CURRENCY}"-coins.conf -s "$SEC" -o CIPHER -V "RSA" done say "Initializing exchange database" sudo -u taler-exchange-httpd taler-exchange-dbinit -c /etc/taler/taler.conf -echo "GRANT USAGE ON SCHEMA exchange TO \"taler-exchange-wire\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA exchange TO \"taler-exchange-wire\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT USAGE ON SCHEMA _v TO \"taler-exchange-wire\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT SELECT ON ALL TABLES IN SCHEMA _v TO \"taler-exchange-wire\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT USAGE ON SCHEMA exchange TO "taler-exchange-wire";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA exchange TO "taler-exchange-wire";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT USAGE ON SCHEMA _v TO "taler-exchange-wire";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT SELECT ON ALL TABLES IN SCHEMA _v TO "taler-exchange-wire";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT USAGE ON SCHEMA exchange TO \"taler-exchange-closer\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA exchange TO \"taler-exchange-closer\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT USAGE ON SCHEMA _v TO \"taler-exchange-closer\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT SELECT ON ALL TABLES IN SCHEMA _v TO \"taler-exchange-closer\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} - -echo "GRANT USAGE ON SCHEMA exchange TO \"taler-exchange-aggregator\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA exchange TO \"taler-exchange-aggregator\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT USAGE ON SCHEMA _v TO \"taler-exchange-aggregator\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} -echo "GRANT SELECT ON ALL TABLES IN SCHEMA _v TO \"taler-exchange-aggregator\";" | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT USAGE ON SCHEMA exchange TO "taler-exchange-closer";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA exchange TO "taler-exchange-closer";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT USAGE ON SCHEMA _v TO "taler-exchange-closer";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT SELECT ON ALL TABLES IN SCHEMA _v TO "taler-exchange-closer";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT USAGE ON SCHEMA exchange TO "taler-exchange-aggregator";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA exchange TO "taler-exchange-aggregator";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT USAGE ON SCHEMA _v TO "taler-exchange-aggregator";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} +echo 'GRANT SELECT ON ALL TABLES IN SCHEMA _v TO "taler-exchange-aggregator";' | sudo -i -u postgres psql -f - ${EXCHANGE_DB} say "Launching exchange" systemctl enable --now taler-exchange.target - say "Waiting for exchange HTTP service (/config)..." curl --max-time 2 \ - --retry-connrefused \ - --retry-delay 1 \ - --retry 10 \ - ${EXCHANGE_BASE_URL}config &> /dev/null + --retry-connrefused \ + --retry-delay 1 \ + --retry 10 \ + "${EXCHANGE_BASE_URL}"config &>/dev/null say "DONE" say "Waiting for exchange management keys (this may take a while)..." curl --max-time 30 \ - --retry-delay 1 \ - --retry 60 \ - ${EXCHANGE_BASE_URL}management/keys &> /dev/null + --retry-delay 1 \ + --retry 60 \ + "${EXCHANGE_BASE_URL}"management/keys &>/dev/null say "DONE" -if test ${DO_OFFLINE} == y -then - say "Offline interaction..." - - sudo -i -u taler-exchange-offline \ - taler-exchange-offline \ - -c /etc/taler/taler.conf \ - download \ - sign \ - upload - - sudo -i -u taler-exchange-offline \ - taler-exchange-offline \ - enable-account ${EXCHANGE_PAYTO} \ - wire-fee now iban ${CURRENCY}:0 ${CURRENCY}:0 \ - global-fee now ${CURRENCY}:0 ${CURRENCY}:0 ${CURRENCY}:0 1h 6a 0 \ - upload +if test ${DO_OFFLINE} == y; then + say "Offline interaction..." + + sudo -i -u taler-exchange-offline \ + taler-exchange-offline \ + -c /etc/taler/taler.conf \ + download \ + sign \ + upload + + sudo -i -u taler-exchange-offline \ + taler-exchange-offline \ + enable-account "${EXCHANGE_PAYTO}" \ + wire-fee now iban "${CURRENCY}":0 "${CURRENCY}":0 \ + global-fee now "${CURRENCY}":0 "${CURRENCY}":0 "${CURRENCY}":0 1h 6a 0 \ + upload fi say "Waiting for exchange /keys..." curl --max-time 2 \ - --retry-connrefused \ - --retry-delay 1 \ - --retry 10 \ - ${EXCHANGE_BASE_URL}keys &> /dev/null + --retry-connrefused \ + --retry-delay 1 \ + --retry 10 \ + "${EXCHANGE_BASE_URL}"keys &>/dev/null say "DONE" say "Exchange setup finished" diff --git a/netzbon/setup-merchant.sh b/netzbon/setup-merchant.sh index d06c357..c647af4 100755 --- a/netzbon/setup-merchant.sh +++ b/netzbon/setup-merchant.sh @@ -6,6 +6,5 @@ source functions.sh source config/user.conf source config/internal.conf - say "Launching taler-merchant-httpd" systemctl enable --now taler-merchant-httpd diff --git a/netzbon/transfer.sh b/netzbon/transfer.sh index 35ef224..d49d445 100755 --- a/netzbon/transfer.sh +++ b/netzbon/transfer.sh @@ -5,19 +5,19 @@ set -eu source functions.sh -if test -z "${3:-}" -then - say "This tool allows you to send funds from the 'admin' account" - say "to a normal user's bank account within the system for testing." - say " " - say "Call with three arguments:" - say "1) target bank account name to credit" - say "2) amount to transfer (e.g. ${CURRENCY:-CURRENCY}:42.42)" - say "3) wire transfer subject to use" - say " " - exit 1 +if test -z "${3:-}"; then + say "This tool allows you to send funds from the 'admin' account" + say "to a normal user's bank account within the system for testing." + say " " + say "Call with three arguments:" + say "1) target bank account name to credit" + say "2) amount to transfer (e.g. ${CURRENCY:-CURRENCY}:42.42)" + say "3) wire transfer subject to use" + say " " + exit 1 fi +# shellcheck disable=SC1091 source /etc/libeufin/sandbox.env export LIBEUFIN_SANDBOX_DB_CONNECTION diff --git a/sandcastle/README b/sandcastle/README index c79fd6e..02ba1f2 100644 --- a/sandcastle/README +++ b/sandcastle/README @@ -95,9 +95,9 @@ How to run Configuration ------------- -Export the env variable TALER_DEPLOYMENT_CONFIG to an -absolute path of a configuration file. See config/deployment.conf -for an example. +Export the env variable TALER_SANDCASTLE_CONFIG to an +absolute path of the configuration directory. See config/ +for an example configuration directory. Run --- |