#!/bin/bash # Prepare a deployment for execution: # * generate the configuration and setup database # * put keys in the right place # * set bank password for the exchange # * sign the exchange's wire response # * run some sanity checks (FIXME: not done yet!) set -eu source "$HOME/activate" if [[ -z ${TALER_ENV_NAME+x} ]]; then echo "TALER_ENV_NAME not set" exit 1 fi if [[ -z ${TALER_CONFIG_CURRENCY+x} ]]; then echo "TALER_CONFIG_CURRENCY not set" exit 1 fi function generate_config() { EXCHANGE_PUB=$(gnunet-ecc -p "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv") mkdir -p "$HOME/.config" "$HOME/deployment/bin/taler-config-generate" \ --exchange-pub "$EXCHANGE_PUB" \ --currency "$TALER_CONFIG_CURRENCY" \ --outdir "$HOME/.config" \ --envname "$TALER_ENV_NAME" } ## ## Step 1: Generate config ## case $TALER_ENV_NAME in demo|test|int) generate_config ;; *) echo "Not generating config for env $TALER_ENV_NAME" ;; esac ## ## Step 1b: initialize database ## taler-exchange-dbinit ## ## Step 2: Copy key material and update denom keys ## # For demo, make sure the link to shared data between demo-blue and demo-green is # set up properly. case $TALER_ENV_NAME in demo) echo "linking taler-data" ln -sfT ~demo/shared-data ~/taler-data # Check if we won't mess up permissions later if [[ ! -g ~/taler-data ]]; then echo "the shared-data directory should have the set-group-id bit set" exit 1 fi ;; esac case $TALER_ENV_NAME in demo|test|int) EXCHANGE_PUB=$(gnunet-ecc -p "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv") EXCHANGE_PRIV_FILE=$(taler-config -f -s exchange -o master_priv_file) if [[ -e "$EXCHANGE_PRIV_FILE" ]]; then EXCHANGE_PUB2=$(gnunet-ecc -p "$EXCHANGE_PRIV_FILE") if [[ "$EXCHANGE_PUB" != "$EXCHANGE_PUB2" ]]; then echo "Warning: Different exchange private key already exists, not copying" fi else mkdir -p "$(dirname "$EXCHANGE_PRIV_FILE")" cp "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv" "$EXCHANGE_PRIV_FILE" fi ;; *) echo "Not copying key material for env $TALER_ENV_NAME" ;; esac EXCHANGE_MASTER_PUB=$(taler-config -s exchange -o master_public_key) taler-auditor-exchange \ -m "$EXCHANGE_MASTER_PUB" \ -u "$(taler-config -s exchange -o base_url)" || true rm -f auditor.in taler-exchange-keyup -o auditor.in taler-auditor-sign -m "$EXCHANGE_MASTER_PUB" -r auditor.in -o auditor.out || true rm -f auditor.in auditor.out # we don't actually use the auditor's signatures in the demo! # Make configuration accessible to auditor chmod 750 "$HOME/.config" ## ## Step 3: Sign the exchange's wire information ## WIRE_RESPONSE=$(taler-config -s exchange-account-1 -o wire_response -f) taler-exchange-wire chmod 770 "$WIRE_RESPONSE" ## ## Step 4: Set up the bank ## case $TALER_ENV_NAME in demo|test|int) taler-bank-manage django provide_accounts taler-bank-manage django changepassword_unsafe Exchange x ;; *) echo "Not setting unsafe Exchange bank account password for env $TALER_ENV_NAME" ;; esac ## ## Step 5: Adjust some permissions ## case $TALER_ENV_NAME in demo|test|int) # Make sure the web server can read ~/local chmod og+rx ~/local ;; *) ;; esac