#!/bin/bash notify_err() { say "errexit on line $(caller)" say "Error messages can be found at the end of setup.log" exit 1 } trap notify_err ERR # Message function say() { echo "TALER: " "$@" >> setup.log echo "TALER: " "$@" } # Check user if the user is root function check_user() { if [ "$(whoami)" != "root" ]; then say "Please run this script as root" exit 1 fi } function ask_questions() { if test -z "${CURRENCY:-}"; then read -r -p "Enter the name of the regional currency (e.g. 'NETZBON'): " CURRENCY CURRENCY=$(normalize_currency "${CURRENCY}") echo "CURRENCY=${CURRENCY}" >>config/user.conf fi if test -z "${FIAT_CURRENCY:-}"; then read -r -p "Enter the name of the fiat currency (e.g. 'CHF'): " FIAT_CURRENCY FIAT_CURRENCY=$(normalize_currency "${FIAT_CURRENCY}") echo "FIAT_CURRENCY=${FIAT_CURRENCY}" >>config/user.conf fi if test -z "${BANK_NAME:-}"; then read -r -p "Enter the human-readable name of the bank (e.g. 'Taler Bank'): " BANK_NAME echo "BANK_NAME=\"${BANK_NAME}\"" >>config/user.conf fi if test -z "${DOMAIN_NAME:-}"; then read -r -p "Enter the domain name: " DOMAIN_NAME # convert to lower-case DOMAIN_NAME=$(echo "${DOMAIN_NAME}" | tr A-Z a-z) check_dns echo "DOMAIN_NAME=${DOMAIN_NAME}" >>config/user.conf fi if test -z "${ENABLE_TLS:-}"; then read -r -p "Setup TLS using Let's Encrypt? (y/n): " ENABLE_TLS echo "ENABLE_TLS=${ENABLE_TLS}" >>config/user.conf fi if test -z "${TLS_EMAIL:-}"; then if test "${ENABLE_TLS:-}" == y; then read -r -p "Enter an email address for Let's Encrypt: " TLS_EMAIL echo "TLS_EMAIL=${TLS_EMAIL}" >>config/user.conf fi fi if test -z "${TLS_TOS:-}"; then if test "${ENABLE_TLS:-}" == y; then echo "Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf." read -r -p "You must agree in order to register with the ACME server. Do you agree? (y/n): " TLS_TOS if test "${TLS_TOS:-y}" != y; then say "You must agree in order to register with the ACME server" exit 1 fi echo "TLS_TOS=${TLS_TOS}" >>config/user.conf fi fi if test -z "${DO_OFFLINE:-}"; then read -r -p "Run taler-exchange-offline? (y/n): " DO_OFFLINE echo "DO_OFFLINE=${DO_OFFLINE}" >>config/user.conf fi if test -z "${MASTER_PUBLIC_KEY:-}"; then if test "${DO_OFFLINE:-y}" == n; then read -r -p "Enter the exchange-offline master public key: " MASTER_PUBLIC_KEY echo "MASTER_PUBLIC_KEY=${MASTER_PUBLIC_KEY}" >>config/user.conf fi fi if test -z "${BANK_ADMIN_PASSWORD:-}"; then read -r -s -p "Enter the admin password for the bank (or press enter to autogenerate password): " BANK_ADMIN_PASSWORD echo "BANK_ADMIN_PASSWORD=$(printf '%q' "${BANK_ADMIN_PASSWORD}")" >>config/user.conf echo "" # force new line fi if test -z "${DO_TELESIGN:-}"; then read -r -p "Setup sms two-factor authentication using Telesign https://www.telesign.com? (y/n): " DO_TELESIGN if test "${DO_TELESIGN:-y}" != n; then read -r -p "Enter your Telesign Customer ID: " TELESIGN_CUSTOMER_ID read -r -s -p "Enter your Telesign API Key: " TELESIGN_API_KEY echo "" # force new line read -r -p "Enter a phone number to test: " TELESIGN_PHONE TELESIGN_AUTH_TOKEN=$(echo "$TELESIGN_CUSTOMER_ID:$TELESIGN_API_KEY" | base64 -w 0) export AUTH_TOKEN=$TELESIGN_AUTH_TOKEN echo "12345" | libeufin-tan-sms.sh $TELESIGN_PHONE read -r -s -p "Enter the code received by $TELESIGN_PHONE : " TELESIGN_TEST_CODE if test "${TELESIGN_TEST_CODE:-y}" != "12345"; then say "Wrong code, rerun this script to enter the right Telesign auth info" exit 1 fi echo "TELESIGN_AUTH_TOKEN=\"${TELESIGN_AUTH_TOKEN}\"" >>config/user.conf fi echo "DO_TELESIGN=${DO_TELESIGN}" >>config/user.conf echo "" # force new line fi } function normalize_currency() { # convert to all-caps local CURRENCY=$(echo "$1" | tr a-z A-Z) # libeufin currenly doesn't like currency names less than 3 letters. if [[ ${#CURRENCY} -lt 3 || ${#CURRENCY} -gt 11 ]]; then say "Currency name must be between 3 and 10 letters" exit 1 fi echo "${CURRENCY}" } function check_currency_spec() { return 0 # TODO fix when 'taler-harness deployment setup-currency' works # Convert to lowercase local CURRENCY=$(echo "$1" | tr A-Z a-z) local HAS_SPEC=$(taler-config -S 2>/dev/null | grep --count "^currency-$CURRENCY$") if test "${HAS_SPEC}" != "1"; then say "Missing currency specification for $1, creating one" read -r -p "Enter the currency name (e.g. 'US Dollar' for USD): " CURRENCY_SPEC_NAME read -r -p "Enter the currency unit name (e.g. '$' for USD): " CURRENCY_SPEC_UNIT_NAME cat << EOF > /usr/share/taler/config.d/$CURRENCY.conf [currency-$CURRENCY] ENABLED=YES name="$CURRENCY_SPEC_NAME" code="$1" fractional_input_digits=2 fractional_normal_digits=2 fractional_trailing_zero_digits=2 alt_unit_names = {"0":"$CURRENCY_SPEC_UNIT_NAME"} EOF chmod a+r /usr/share/taler/config.d/$CURRENCY.conf ln -s /usr/share/taler/config.d/$CURRENCY.conf /usr/share/libeufin/config.d/$CURRENCY.conf say "Currency specification for $1 have been created at /usr/share/taler/config.d/$CURRENCY.conf" fi } function check_dns() { for prefix in "exchange" "bank" "backend"; do if ! ping -c1 "${prefix}.${DOMAIN_NAME}" &>>setup.log; then say "Could not ping ${prefix}.${DOMAIN_NAME}." say "Please make sure your DNS/network are working." exit 1 fi done } # Set DISTRO to the detected distro or return non-zero # status if distro not supported. function detect_distro() { unset DISTRO # shellcheck disable=SC2034 uname -a | grep Ubuntu >/dev/null && DISTRO=ubuntu && return 0 # shellcheck disable=SC2034 uname -a | grep Debian >/dev/null && DISTRO=debian && return 0 echo "Unsupported distro, should be either ubuntu or debian" >&2 return 1 }