regional-currency/functions.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135

#!/bin/bash

notify_err() {
  say "errexit on line $(caller)"
  say "Error messages can be found at the end of setup.log"
  exit 1
}

trap notify_err ERR

# Message
function say() {
  echo "TALER: " "$@" >> setup.log
  echo "TALER: " "$@"
}

# Check user if the user is root
function check_user() {
  if [ "$(whoami)" != "root" ]; then
    say "Please run this script as root"
    exit 1
  fi
}

function ask_questions() {
  if test -z "${CURRENCY:-}"; then
    read -r -p "1. Enter the name of the regional currency (e.g. 'NETZBON'): " CURRENCY
    CURRENCY=$(normalize_currency "${CURRENCY}")
    echo "CURRENCY=${CURRENCY}" >>config/user.conf
  fi
  if test -z "${FIAT_CURRENCY:-}"; then
    read -r -p "2. Enter the name of the fiat currency (e.g. 'CHF'): " FIAT_CURRENCY
    FIAT_CURRENCY=$(normalize_currency "${FIAT_CURRENCY}")
    echo "FIAT_CURRENCY=${FIAT_CURRENCY}" >>config/user.conf
  fi
  if test -z "${BANK_NAME:-}"; then
    read -r -p "3. Enter the human-readable name of the bank (e.g. 'Taler Bank'): " BANK_NAME
    echo "BANK_NAME=\"${BANK_NAME}\"" >>config/user.conf
  fi
  if test -z "${DOMAIN_NAME:-}"; then
    read -r -p "4. Enter the domain name: " DOMAIN_NAME
    # convert to lower-case
    DOMAIN_NAME=$(echo "${DOMAIN_NAME}" | tr A-Z a-z)
    check_dns
    echo "DOMAIN_NAME=${DOMAIN_NAME}" >>config/user.conf
  fi
  if test -z "${ENABLE_TLS:-}"; then
    read -r -p "5. Setup TLS using Let's Encrypt? (y/n): " ENABLE_TLS
    echo "ENABLE_TLS=${ENABLE_TLS}" >>config/user.conf
  fi
  if test -z "${TLS_EMAIL:-}"; then
    if test "${ENABLE_TLS:-}" == y; then
      read -r -p "5.1. Enter an email address for Let's Encrypt: " TLS_EMAIL
      echo "TLS_EMAIL=${TLS_EMAIL}" >>config/user.conf
    fi
  fi
  if test -z "${TLS_TOS:-}"; then
    if test "${ENABLE_TLS:-}" == y; then
      echo "5.2. Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf."
      read -r -p "5.2. You must agree in order to register with the ACME server. Do you agree? (y/n): " TLS_TOS
      if test "${TLS_TOS:-y}" != y; then
        say "You must agree in order to register with the ACME server"
        exit 1
      fi
      echo "TLS_TOS=${TLS_TOS}" >>config/user.conf
    fi
  fi
  if test -z "${DO_OFFLINE:-}"; then
    read -r -p "6. Do you want Taler Exchange keys on this server (y) or externally on another server (n): " DO_OFFLINE
    echo "DO_OFFLINE=${DO_OFFLINE}" >>config/user.conf
  fi
  if test -z "${MASTER_PUBLIC_KEY:-}"; then
    if test "${DO_OFFLINE:-y}" == n; then
      read -r -p "6.1. Enter the exchange-offline master public key: " MASTER_PUBLIC_KEY
      echo "MASTER_PUBLIC_KEY=${MASTER_PUBLIC_KEY}" >>config/user.conf
    fi
  fi
  if test -z "${DO_TELESIGN:-}"; then
    read -r -p "7. Setup sms two-factor authentication using Telesign https://www.telesign.com? (y/n): " DO_TELESIGN
    if test "${DO_TELESIGN:-y}" != n; then
      read -r -p "7.1. Enter your Telesign Customer ID: " TELESIGN_CUSTOMER_ID
      read -r -s -p "7.2. Enter your Telesign API Key: " TELESIGN_API_KEY
      echo "" # force new line
      read -r -p "7.3. Enter a phone number to test your API key (e.g. '+447911123456'): " TELESIGN_PHONE
      TELESIGN_AUTH_TOKEN=$(echo "$TELESIGN_CUSTOMER_ID:$TELESIGN_API_KEY" | base64 -w 0)
      export AUTH_TOKEN=$TELESIGN_AUTH_TOKEN
      echo "12345" | libeufin-tan-sms.sh $TELESIGN_PHONE
      read -r -p "7.4. Enter the code received by $TELESIGN_PHONE : " TELESIGN_TEST_CODE
      if test "${TELESIGN_TEST_CODE:-y}" != "12345"; then
        say "Wrong code got '$TELESIGN_TEST_CODE' expected '12345', rerun this script to enter the right Telesign auth info"
        exit 1
      fi
      echo "TELESIGN_AUTH_TOKEN=\"${TELESIGN_AUTH_TOKEN}\"" >>config/user.conf
    fi
    echo "DO_TELESIGN=${DO_TELESIGN}" >>config/user.conf
  fi
  if test -z "${BANK_ADMIN_PASSWORD:-}"; then
    read -r -s -p "8. Enter the admin password for the bank (or press enter to autogenerate password): " BANK_ADMIN_PASSWORD
    echo "BANK_ADMIN_PASSWORD=$(printf '%q' "${BANK_ADMIN_PASSWORD}")" >>config/user.conf
    echo "" # force new line
  fi
}

function normalize_currency() {
  # convert to all-caps
  local CURRENCY=$(echo "$1" | tr a-z A-Z)
  # libeufin currenly doesn't like currency names less than 3 letters.
  if [[ ${#CURRENCY} -lt 3 || ${#CURRENCY} -gt 11 ]]; then
    say "Currency name must be between 3 and 10 letters"
    exit 1
  fi
  echo "${CURRENCY}"
}

function check_dns() {
  for prefix in "exchange" "bank" "backend"; do
    if ! ping -c1 "${prefix}.${DOMAIN_NAME}" &>>setup.log; then
      say "Could not ping ${prefix}.${DOMAIN_NAME}."
      say "Please make sure your DNS/network are working."
      exit 1
    fi
  done
}

# Set DISTRO to the detected distro or return non-zero
# status if distro not supported.
function detect_distro() {
  unset DISTRO
  # shellcheck disable=SC2034
  uname -a | grep Ubuntu >/dev/null && DISTRO=ubuntu && return 0
  # shellcheck disable=SC2034
  uname -a | grep Debian >/dev/null && DISTRO=debian && return 0
  echo "Unsupported distro, should be either ubuntu or debian" >&2
  return 1
}