path: root/netzbon/config_libeufin_bank.sh

#!/bin/bash
# This file is in the public domain.
#
# This script configure and launches libeufin-bank.
# The setup provides the admin account at the bank, and
# another account for the exchange at the bank.
#
# The environment must provide the following variables:
# - BANK_ADMIN_PASSWORD: password of the Netzbon administrator.
# - BANK_EXCHANGE_PASSWORD: password of the exchange
#     bank account hosted at Sandbox.  The related
#     username is: exchange-at-sandbox
# - BANK_NAME: human-readable name for the bank
# - DOMAIN_NAME: DNS domain name to use for the setup
# - ENABLE_TLS (http or https?)
#
# OUTPUTS:
#
# EXCHANGE_PAYTO -- payto-URI of the exchange
# EXCHANGE_WIRE_GATEWAY_URL -- URL of the wire gateway for the exchange

set -eu

source functions.sh
source config/user.conf
source config/internal.conf

if test -z "${BANK_NAME:-}"; then
  say "Error: config/user.conf does not specify BANK_NAME"
  exit 1
fi
if test -z "${DOMAIN_NAME:-}"; then
  say "Error: config/user.conf does not specify DOMAIN_NAME"
  exit 1
fi
if test -z "${BANK_ADMIN_PASSWORD:-}"; then
  say "Error: config/user.conf does not specify BANK_ADMIN_PASSWORD"
  exit 1
fi
if test -z "${BANK_EXCHANGE_PASSWORD:-}"; then
  say "Error: config/user.conf does not specify BANK_EXCHANGE_PASSWORD"
  exit 1
fi

# TODO: add sanity-checks for presence of other required env-vars

say "Configure the bank with ${CURRENCY}..."

# TODO is 20000000 big enough for admin dbt limit

if ! taler-config -s "libeufin-bank" -o code &> /dev/null
then cat << EOF >> /etc/libeufin/libeufin-bank.conf
[libeufin-bank]
CURRENCY = ${CURRENCY}
DEFAULT_EXCHANGE = ${PROTO}://exchange.${DOMAIN_NAME}
DEFAULT_ADMIN_DEBT_LIMIT = ${CURRENCY}:20000000
DEFAULT_CUSTOMER_DEBT_LIMIT = ${CURRENCY}:0
SERVE = tcp
PORT = ${BANK_PORT}
ALLOW_CONVERSION = yes
FIAT_CURRENCY = ${FIAT_CURRENCY} 
TAN_SMS = libeufin-tan-sms.sh
TAN_EMAIL = libeufin-tan-email.sh
EOF
fi

if ! taler-config -s "currency-netzbon" -o code &> /dev/null
then cat << EOF >> /etc/libeufin/libeufin-bank.conf
[currency-netzbon]
ENABLED = YES
name = "NetzBon"
code = "NETZBON"
fractional_input_digits = 2
fractional_normal_digits = 2
fractional_trailing_zero_digits = 2
alt_unit_names = {"0":"NETZBON"}
EOF
fi

echo "GRANT SELECT, INSERT, TRIGGER ON ALL TABLES IN SCHEMA libeufin_nexus TO libeufin-bank" \
  | sudo -i -u postgres psql libeufin

say "Setting up libeufin-bank database"
libeufin-bank-dbconfig

say "Setting up libeufin-bank admin account"
# TODO DBUSER="libeufin-bank" ?
sudo -u "libeufin-bank" libeufin-bank passwd admin "${BANK_ADMIN_PASSWORD}"

say "Setting up SPA configuration..."
echo "settings = { bankName: \"${BANK_NAME}\" }"
    >/etc/libeufin/settings.js

say "DONE"

say "Start the bank..."
systemctl enable --now libeufin-bank

say "Waiting for bank to be running..."
curl --max-time 25 \
  --retry-all-errors \
  --retry-delay 3 \
  --retry 10 \
  "http://localhost:$BANK_PORT" &>/dev/null
say "DONE"

say "Create exchange account..."
LAST_RESPONSE=$(mktemp -p "${TMPDIR:-/tmp}" test_response.conf-XXXXXX)
BODY='{"username":"exchange","password":"'${BANK_EXCHANGE_PASSWORD}'","name":"Exchange","is_taler_exchange":true}'
wget \
    --method="POST" \
    --http-user="admin" \
    --http-password="${BANK_ADMIN_PASSWORD}" \
    --header='Content-type: application/json' \
    --body-data="${BODY}" \
    -O "$LAST_RESPONSE" \
    "http://localhost:$BANK_PORT/accounts"
say "DONE"

EXCHANGE_PAYTO="$(cat "$LAST_RESPONSE" | jq -r .internal_payto_uri)/receiver-name=Exchange"
EXCHANGE_WIRE_GATEWAY_URL="${PROTO}://bank.$DOMAIN_NAME/accounts/exchange/taler-wire-gateway/"

# Communicating this to the exchange script, as the exchange
# needs these for the /keys response.
echo "EXCHANGE_PAYTO=\"${EXCHANGE_PAYTO}\"" >> config/internal.conf
echo "EXCHANGE_WIRE_GATEWAY_URL=\"${EXCHANGE_WIRE_GATEWAY_URL}\"" >> config/internal.conf