#!/bin/bash # Prepare a deployment for execution: # * generate the configuration and setup database # * put keys in the right place # * set bank password for the exchange # * sign the exchange's wire response # * run some sanity checks (FIXME: not done yet!) set -eu source "$HOME/activate" if [[ -z ${TALER_ENV_NAME+x} ]]; then echo "TALER_ENV_NAME not set" exit 1 fi if [[ -z ${TALER_CONFIG_CURRENCY+x} ]]; then echo "TALER_CONFIG_CURRENCY not set" exit 1 fi function generate_config() { EXCHANGE_PUB=$(gnunet-ecc -p "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv") mkdir -p "$HOME/.config" taler-deployment-config-generate \ --exchange-pub "$EXCHANGE_PUB" \ --currency "$TALER_CONFIG_CURRENCY" \ --outdir "$HOME/.config" \ --envname "$TALER_ENV_NAME" \ --frontends-apitoken "$TALER_ENV_FRONTENDS_APITOKEN" } ## ## Step 1: Generate config ## case $TALER_ENV_NAME in tanker|demo|test|int|local) generate_config ;; *) echo "Not generating config for env $TALER_ENV_NAME" ;; esac ## ## Step 1b: initialize database ## taler-exchange-dbinit --reset ## ## Step 2: Copy key material and update denom keys ## # For demo, make sure the link to shared data between demo-blue and demo-green is # set up properly. case $TALER_ENV_NAME in demo) echo "linking taler-data" ln -sfT ~demo/shared-data ~/taler-data # Check if we won't mess up permissions later if [[ ! -g ~/taler-data ]]; then echo "the shared-data directory should have the set-group-id bit set" exit 1 fi ;; esac case $TALER_ENV_NAME in demo|test|int|local) EXCHANGE_PUB=$(gnunet-ecc -p "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv") EXCHANGE_PRIV_FILE=$(taler-config -f -s exchange-offline -o master_priv_file) if [[ -e "$EXCHANGE_PRIV_FILE" ]]; then EXCHANGE_PUB2=$(gnunet-ecc -p "$EXCHANGE_PRIV_FILE") if [[ "$EXCHANGE_PUB" != "$EXCHANGE_PUB2" ]]; then echo "Warning: Different exchange private key already exists, not copying" fi else mkdir -p "$(dirname "$EXCHANGE_PRIV_FILE")" cp "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv" "$EXCHANGE_PRIV_FILE" fi ;; *) echo "Not copying key material for env $TALER_ENV_NAME" ;; esac EXCHANGE_MASTER_PUB=$(taler-config -s exchange -o master_public_key) taler-auditor-exchange \ -m "$EXCHANGE_MASTER_PUB" \ -u "$(taler-config -s exchange -o base_url)" || true # Make configuration accessible to auditor chmod 750 "$HOME/.config" ## ## Step 3: Set up the exchange key material ## taler-deployment-arm -s # Quickly start+shutdown exchange httpd and crypto SM helpers taler-deployment-arm -i taler-exchange taler-deployment-arm -i taler-exchange-secmod-rsa taler-deployment-arm -i taler-exchange-secmod-eddsa sleep 2 # FIXME: poll keys? if ! taler-deployment-arm -I | grep "^taler-exchange" | grep "status=started" > /dev/null; then echo "Exchange didn't start, cannot set up keys" exit 1 fi taler-exchange-offline download sign upload payto_uri=$(taler-config -s exchange-account-1 -o payto_uri) taler-exchange-offline enable-account "$payto_uri" upload # Set up wire fees for next 5 years year=$(date +%Y) curr=$TALER_CONFIG_CURRENCY for y in $(seq $year $((year + 5))); do taler-exchange-offline wire-fee $y x-taler-bank "$curr:0.01" "$curr:0.01" upload done ## ## Step 4: Set up the bank ## case $TALER_ENV_NAME in demo|test|int|local|tanker) taler-bank-manage django provide_accounts taler-bank-manage django changepassword_unsafe Exchange x taler-bank-manage django changepassword_unsafe Survey x ;; *) echo "Not setting unsafe Exchange bank account password for env $TALER_ENV_NAME" ;; esac ## ## Step 5: Adjust some permissions ## case $TALER_ENV_NAME in demo|test|int) # Make sure the web server can read ~/local chmod og+rx ~/local # Make sure that shared files created by this user # are group writable and readable. find ~/taler-data/ -user "$USER" -exec chmod g+rw {} \; ;; *) ;; esac ## ## Step 6: Set up merchant ## taler-merchant-dbinit --reset # Configure merchant instances. taler-deployment-arm -s if taler-deployment-arm -I | grep "^taler-merchant" > /dev/null; then echo "Merchant backend runs already, please call 'taler-deployment-config-instances' manually" exit fi # Quickly start+shutdown a merchant process. taler-deployment-arm -i taler-merchant sleep 2 if ! taler-deployment-arm -I | grep "^taler-merchant" | grep "status=started" > /dev/null; then echo "Merchant didn't start, cannot configure instances." exit 1 fi taler-deployment-config-instances taler-deployment-arm -k taler-merchant taler-deployment-arm -e