blob: 7ddee2bc54cef69deb0effa625e36ba1a9b9daeb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
|
#!/bin/bash
# Prepare a deployment for execution:
# * generate the configuration and setup database
# * put keys in the right place
# * set bank password for the exchange
# * sign the exchange's wire response
# * run some sanity checks (FIXME: not done yet!)
set -eu
source "$HOME/activate"
if [[ -z ${TALER_ENV_NAME+x} ]]; then
echo "TALER_ENV_NAME not set"
exit 1
fi
if [[ -z ${TALER_CONFIG_CURRENCY+x} ]]; then
echo "TALER_CONFIG_CURRENCY not set"
exit 1
fi
function generate_config() {
EXCHANGE_PUB=$(gnunet-ecc -p "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv")
mkdir -p "$HOME/.config"
"$HOME/deployment/bin/taler-config-generate" \
--exchange-pub "$EXCHANGE_PUB" \
--currency "$TALER_CONFIG_CURRENCY" \
--outdir "$HOME/.config" \
--envname "$TALER_ENV_NAME"
}
##
## Step 1: Generate config
##
case $TALER_ENV_NAME in
demo|test|int)
generate_config
;;
*)
echo "Not generating config for env $TALER_ENV_NAME"
;;
esac
##
## Step 1b: initialize database
##
taler-exchange-dbinit
##
## Step 2: Copy key material and update denom keys
##
# For demo, make sure the link to shared data between demo-blue and demo-green is
# set up properly.
case $TALER_ENV_NAME in
demo)
echo "linking taler-data"
ln -sfT ~demo/shared-data ~/taler-data
# Check if we won't mess up permissions later
if [[ ! -g ~/taler-data ]]; then
echo "the shared-data directory should have the set-group-id bit set"
exit 1
fi
;;
esac
case $TALER_ENV_NAME in
demo|test|int)
EXCHANGE_PUB=$(gnunet-ecc -p "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv")
EXCHANGE_PRIV_FILE=$(taler-config -f -s exchange -o master_priv_file)
if [[ -e "$EXCHANGE_PRIV_FILE" ]]; then
EXCHANGE_PUB2=$(gnunet-ecc -p "$EXCHANGE_PRIV_FILE")
if [[ "$EXCHANGE_PUB" != "$EXCHANGE_PUB2" ]]; then
echo "Warning: Different exchange private key already exists, not copying"
fi
else
mkdir -p "$(dirname "$EXCHANGE_PRIV_FILE")"
cp "$HOME/deployment/private-keys/${TALER_ENV_NAME}-exchange-master.priv" "$EXCHANGE_PRIV_FILE"
fi
;;
*)
echo "Not copying key material for env $TALER_ENV_NAME"
;;
esac
EXCHANGE_MASTER_PUB=$(taler-config -s exchange -o master_public_key)
taler-auditor-exchange \
-m "$EXCHANGE_MASTER_PUB" \
-u "$(taler-config -s exchange -o base_url)" || true
rm -f auditor.in
taler-exchange-keyup -o auditor.in
taler-auditor-sign -m "$EXCHANGE_MASTER_PUB" -r auditor.in -o auditor.out || true
rm -f auditor.in auditor.out # we don't actually use the auditor's signatures in the demo!
# Make configuration accessible to auditor
chmod 750 "$HOME/.config"
##
## Step 3: Sign the exchange's wire information
##
WIRE_RESPONSE=$(taler-config -s exchange-account-1 -o wire_response -f)
taler-exchange-wire
chmod 770 "$WIRE_RESPONSE"
##
## Step 4: Set up the bank
##
case $TALER_ENV_NAME in
demo|test|int)
taler-bank-manage django provide_accounts
taler-bank-manage django changepassword_unsafe Exchange x
;;
*)
echo "Not setting unsafe Exchange bank account password for env $TALER_ENV_NAME"
;;
esac
##
## Step 5: Adjust some permissions
##
case $TALER_ENV_NAME in
demo|test|int)
# Make sure the web server can read ~/local
chmod og+rx ~/local
;;
*)
;;
esac
|
