1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
This directory contains a set of scripts aiming at deploying
Taler by asking questions to the user and providing the values
both to the various Taler subsystems (LibEufin, Exchange, Merchant,
..) and to Nginx.
main.sh is the main script that asks the questions and
puts the answers in environment variables and/or replaces them
into Nginx configuration file(s).
Domain names
============
Assuming a main domain at netzbon.ch (i.e. "netzbon.ch" will be given as the
value for the domain during configuration), this setup expects the following
subdomains to be reachable:
- exchange.netzbon.ch
- bank.netzbon.ch
- backend.netzbon.ch (merchants frontends need this)
Funding of bank accounts
========================
After a successful installation, all the services are running
and the administrator can create bank accounts and wire funds
to them. The script "transfer.sh" in this directory serves this
purpose; running it without arguments shows the usage instructions.
Note: The wiring of funds causes the amount to be subtracted from the "admin"
bank account. Following is one example of wiring funds from the administrator
to the "shop" bank account.
$ ./transfer.sh shop NETZBON:10 "welcome amount"
If the command succeeded, the 'shop' bank account has received
one payment of 10 NETZBONs from 'admin' with the subject "welcome
amount".
Concept
=======
The different stages of the installation have their own shell
scripts, driven by the 'main.sh' master script. Splitting up the
process into the main stages should make it easy to resume if any
particular step fails for any reason.
The different stages communicate via environment variables which
they may consume or export for future stages. The 'main.sh' script
prompts the user for the following inputs:
* the main domain name (subdomains may be created automatically)
* the name of the currency
* the master password to set for the administrative Web interface
The setup is fundamentally based on the Debian packages. The scripts
should do the minimal amount necessary to get GNU Taler to work on top
of what the Debian packages provide. If we can move logic into a Debian
package, we should. However, the Debian packages MUST install non-interactively
[NOTE: they do for the DB config], so site-specific inputs MUST be
done by the shell scripts.
The shell scripts should be kept simple, and for example use default
configuration(s) from the Debian packages and replace values with 'sed'
instead of generating complete configurations themselves (where possible,
so in particular for the reverse HTTPS proxy configuration).
Objective
=========
The goal is not to only setup the Debian packages, but to also configure
all of the components:
* libeufin-sandbox with an account for the administrator and the exchange
* libeufin-nexus with access to the exchange account and Taler facade
* exchange with denominations, fees (all zero) and credentials for the libeufin-nexus
* merchant backend with the master key of the exchange for the target currency
Future
======
For now, it is assumed that the taler-exchange-offline functionality is run
locally (in a system that is online). Future deployments should aim at moving
the offline keys in a offline system.
For now, we do not integrate the currency conversion / cash out logic and
only have libeufin-nexus between libeufin-sandbox and exchange. In the future,
nexus will also communicate with an external bank.
|
