diff options
author | Florian Dold <florian@dold.me> | 2021-08-07 12:22:24 +0200 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2021-08-07 12:22:24 +0200 |
commit | b6e516e4236b9f0e3c262c9823574c32fbcfe116 (patch) | |
tree | 2cab9ad0ea4ceb0f249971b930c68032597c572a | |
parent | 2d262651b02d150ac805eb8580b925a64f2a9b15 (diff) | |
download | docs-b6e516e4236b9f0e3c262c9823574c32fbcfe116.tar.gz docs-b6e516e4236b9f0e3c262c9823574c32fbcfe116.tar.bz2 docs-b6e516e4236b9f0e3c262c9823574c32fbcfe116.zip |
formatting, /var/run -> /run
-rw-r--r-- | taler-exchange-setup-guide.rst | 48 |
1 files changed, 25 insertions, 23 deletions
diff --git a/taler-exchange-setup-guide.rst b/taler-exchange-setup-guide.rst index ad6df860..1e9c71fe 100644 --- a/taler-exchange-setup-guide.rst +++ b/taler-exchange-setup-guide.rst @@ -34,6 +34,7 @@ does not have Internet access. In this guide's shell-session fragments, the command prompt shows two pieces of information: + * Who is performing the command (``$user`` vs ``root``, and ending char ``$`` vs ``#``). * Host where the command is supposed to be executed @@ -165,14 +166,14 @@ Services, users, groups and file system hierarchy The *taler-exchange-httpd* package will create several system users to compartmentalize different parts of the system: -* taler-exchange-httpd: runs the HTTP daemon with the core business logic. -* taler-exchange-secmod-rsa: manages the RSA private online signing keys. -* taler-exchange-secmod-eddsa: manages the EdDSA private online signing keys. -* taler-exchange-closer: closes idle reserves by triggering wire transfers that refund the originator. -* taler-exchange-aggregator: aggregates deposits into larger wire transfer requests. -* taler-exchange-wire: performs wire transfers with the bank (via LibEuFin/Nexus). -* postgres: runs the Postgres database (from *postgres* package). -* www-data: runs the frontend HTTPS service with the TLS keys (from *nginx* package). +* ``taler-exchange-httpd``: runs the HTTP daemon with the core business logic. +* ``taler-exchange-secmod-rsa``: manages the RSA private online signing keys. +* ``taler-exchange-secmod-eddsa``: manages the EdDSA private online signing keys. +* ``taler-exchange-closer``: closes idle reserves by triggering wire transfers that refund the originator. +* ``taler-exchange-aggregator``: aggregates deposits into larger wire transfer requests. +* ``taler-exchange-wire``: performs wire transfers with the bank (via LibEuFin/Nexus). +* ``postgres``: runs the Postgres database (from *postgres* package). +* ``www-data``: runs the frontend HTTPS service with the TLS keys (from *nginx* package). .. note:: @@ -182,31 +183,32 @@ to compartmentalize different parts of the system: The exchange setup uses the following system groups: -* taler-exchange-db: group for all Taler users with direct database access, specifically taler-exchange-httpd, taler-exchange-wire, taler-exchange-closer and taler-exchange-aggregator. -* taler-exchange-secmod: group for processes with access to online signing keys; this group must have three users: taler-exchange-secmod-rsa, taler-exchange-secmod-eddsa and taler-exchange-httpd. -* taler-exchange-offline: group for the access to the offline private key (only used on the offline host and not used on the online system). +* ``taler-exchange-db``: group for all Taler users with direct database access, specifically taler-exchange-httpd, taler-exchange-wire, taler-exchange-closer and taler-exchange-aggregator. +* ``taler-exchange-secmod``: group for processes with access to online signing keys; this group must have three users: taler-exchange-secmod-rsa, taler-exchange-secmod-eddsa and taler-exchange-httpd. +* ``taler-exchange-offline``: group for the access to the offline private key (only used on the offline host and not used on the online system). The package will deploy systemd service files in ``/usr/lib/systemd/system/`` for the various components: -* taler-exchange-aggregator.service: service that schedules wire transfers which combine multiple deposits to the same merchant. -* taler-exchange-closer.service: service that watches for reserves that have been abandoned and schedules wire transfers to send the money back to the originator. -* taler-exchange-httpd.service: main Taler exchange logic with the public REST API. -* taler-exchange-httpd.socket: systemd socket activation for the Taler exchange HTTP daemon. -* taler-exchange-secmod-eddsa.service: software security module for making EdDSA signatures. -* taler-exchange-secmod-rsa.service: software security module for making RSA signatures. -* taler-exchange-transfer.service: service that triggers outgoing wire transfers (pays merchants). -* taler-exchange-wirewatch.service: service that watches for incoming wire transfers (first step of withdraw). -* taler-exchange.target: Main target for the Taler exchange to be operational. +* ``taler-exchange-aggregator.service``: service that schedules wire transfers + which combine multiple deposits to the same merchant. +* ``taler-exchange-closer.service``: service that watches for reserves that have been abandoned and schedules wire transfers to send the money back to the originator. +* ``taler-exchange-httpd.service``: main Taler exchange logic with the public REST API. +* ``taler-exchange-httpd.socket``: systemd socket activation for the Taler exchange HTTP daemon. +* ``taler-exchange-secmod-eddsa.service``: software security module for making EdDSA signatures. +* ``taler-exchange-secmod-rsa.service``: software security module for making RSA signatures. +* ``taler-exchange-transfer.service``: service that triggers outgoing wire transfers (pays merchants). +* ``taler-exchange-wirewatch.service``: service that watches for incoming wire transfers (first step of withdraw). +* ``taler-exchange.target``: Main target for the Taler exchange to be operational. The deployment creates the following key locations in the system: -* /etc/taler/: configuration files. -* /var/run/taler/: contains the UNIX domain sockets for inter-process communication (IPC). -* /var/lib/taler/: serves as the $HOME for all Taler users and contains sub-directories +* ``/etc/taler/``: configuration files. +* ``/run/taler/``: contains the UNIX domain sockets for inter-process communication (IPC). +* ``/var/lib/taler/``: serves as the $HOME for all Taler users and contains sub-directories with the private keys; which keys are stored here depends on the host: * online system: exchange-secmod-eddsa and exchange-secmod-rsa keys. |