diff options
-rw-r--r-- | frags/apt-install-libeufin-bank.rst | 6 | ||||
-rw-r--r-- | frags/apt-install-libeufin-nexus.rst | 6 | ||||
-rw-r--r-- | libeufin/bank-manual.rst | 128 | ||||
-rw-r--r-- | libeufin/nexus-manual.rst | 17 |
4 files changed, 105 insertions, 52 deletions
diff --git a/frags/apt-install-libeufin-bank.rst b/frags/apt-install-libeufin-bank.rst new file mode 100644 index 00000000..97b1bd71 --- /dev/null +++ b/frags/apt-install-libeufin-bank.rst @@ -0,0 +1,6 @@ + +To install libeufin-nexus, you can now simply run: + +.. code-block:: console + + # apt install libeufin-bank diff --git a/frags/apt-install-libeufin-nexus.rst b/frags/apt-install-libeufin-nexus.rst new file mode 100644 index 00000000..25ff8070 --- /dev/null +++ b/frags/apt-install-libeufin-nexus.rst @@ -0,0 +1,6 @@ + +To install libeufin-nexus, you can now simply run: + +.. code-block:: console + + # apt install libeufin-nexus diff --git a/libeufin/bank-manual.rst b/libeufin/bank-manual.rst index ad51ac9b..e9b5425f 100644 --- a/libeufin/bank-manual.rst +++ b/libeufin/bank-manual.rst @@ -1,6 +1,6 @@ .. This file is part of GNU TALER. - Copyright (C) 2014-2023 Taler Systems SA + Copyright (C) 2014-2024 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software @@ -39,6 +39,22 @@ Installing LibEuFin Bank The following section was tested on an *OpenJDK 17* environment. +Installing the libeufin-bank binary packages on Debian +------------------------------------------------------ + +.. include:: ../frags/installing-debian.rst + +.. include:: ../frags/apt-install-libeufin-bank.rst + + +Installing the libeufin-bank binary packages on Ubuntu +------------------------------------------------------ + +.. include:: ../frags/installing-ubuntu.rst + +.. include:: ../frags/apt-install-libeufin-bank.rst + + Building from source -------------------- @@ -61,8 +77,9 @@ Navigate into the *libeufin* local repository, and from top-level run: If the previous steps succeeded, the ``libeufin-bank`` command should be found in the $PATH. -Setting up the LibEuFin Bank -============================ + +Minimal Configuration for LibEuFin Bank +======================================= The following snippet shows the mandatory configuration values: @@ -82,67 +99,77 @@ The following snippet shows the mandatory configuration values: Refer to the manpage ``libeufin-man.conf(5)`` for the full array of configuration values. -Assuming that the configuration file exists at ``$config_file``, the following -command would define the database schema and create an admin account. -.. code-block:: console +Configuring multi-factor authentication +--------------------------------------- - $ libeufin-bank dbinit -c $config_file +libeufin-bank uses helper scripts to send challenge codes to addresses for +multi-factor authentication. By default, those helper scripts are +``libeufin-tan-email.sh`` to send e-mails and ``libeufin-tan-sms.sh`` to send +SMS. It is possible to replace these scripts with use custom scripts to send +the e-mail or SMS TAN. -If you wish to authenticate as admin, you must change the account password with the following command. +Such alternative scripts must accept the phone number / e-mail address as the +``$1`` parameter and the message content to be transmitted in their standard +input. They should return 0 to indicate successful transmission of the +challenge, and non-zero on failure. -.. code-block:: console +To change the scripts used for multi-factor authentication, change the following +options in the configuration file: - $ libeufin-bank passwd -c $config_file admin $PASSWORD +.. code-block:: ini -Then you can start the HTTP server. + [libeufin-bank] + TAN_SMS = custom-tan-sms.sh + TAN_EMAIL = custom-tan-email.sh -.. code-block:: console +.. note:: - $ libeufin-bank serve -c $config_file + The default ``libeufin-tan-sms.sh`` script is based on the `Telesign + <https://www.telesign.com>`_ provider. It requires an additional local + resource file or environment variables with your Telesign credentials to + exist. -Using custom e-mail / SMS TAN scripts -------------------------------------- +Launching libeufin-bank +======================= -The guided setup installs the TAN scripts found in ``libeufin/contrib/``: -``libeufin-tan-email.sh`` and ``libeufin-tan-sms.sh``, but should you want to -use custom scripts to send the e-mail or SMS TAN, set the configuration like -follows: +Assuming that the configuration file exists at ``$CONFIG_FILE``, the following +command initializes (or upgrades) the database schema: -.. note:: +.. code-block:: console - The default SMS TAN script is based on the `Telesign <https://www.telesign.com>`_ provider. + $ libeufin-bank-dbinit -c "$CONFIG_FILE" -.. code-block:: ini +Once this is done, you can start the libeufin-bank HTTP server: - [libeufin-bank] +.. code-block:: console - TAN_SMS = custom-tan-sms.sh - TAN_EMAIL = custom-tan-email.sh + $ libeufin-bank serve -c "$CONFIG_FILE" -The scripts TAN_SMS/EMAIL must accept the phone number / e-mail address as the -``$1`` parameter and the message content to be transmitted in their standard -input. -Using the Bank Web Interface +Using the bank Web interface ============================ -Before you can use the Web interface, you must set -a password for the "admin" account. You can do this -using: +To be able to use the Web interface, you must set a password for the "admin" +account. You can set (or reset) the account password to ``$PASSWORD`` using +the following command: .. code-block:: console - $ libeufin-bank passwd -c $config_file admin "$PASSWORD" + $ libeufin-bank passwd -c "$CONFIG_FILE admin "$PASSWORD" + +You can also use the same command to reset the passwords of other accounts by +replacing "admin" with the respective login. + -Setting up Accounts +Setting up accounts ------------------- -Using the above "$PASSWORD", log into the Web interface as "admin". Then -search for the button "Create account" near the list of all existing bank -accounts in the Web interface of libeufin-bank. +Using the above "$PASSWORD", log into the Web interface as "admin". To setup +regular accounts, search for the button "Create account" near the list of all +existing bank accounts in the Web interface of libeufin-bank. You will be asked to specify: @@ -170,27 +197,24 @@ XXX Cashout channel Is this account public? Public accounts can be viewed without access control, their balance and transaction history becomes public. -After submitting the form, a randomly created password -for the new account will be shown in a notification. -The administrator can also change passwords for any -account in the system using the "change password" link -in the account list. To change other details about an -account, select the "Username" in the account list. +After submitting the form, a randomly created password for the new account +will be shown in a notification. The administrator can also change passwords +for any account in the system using the "change password" link in the account +list. To change other details about an account, select the "Username" in the +account list. -Account Introspection +Account introspection --------------------- -Users can see (and possibly change) the settings of -their bank account and also their IBAN by clicking -on the "Welcome, $USERNAME" text after logging into -their bank account using their username and password. +Users can see (and possibly change) the settings of their bank account and +also their IBAN by clicking on the "Welcome, $USERNAME" text after logging +into their bank account using their username and password. -The IBAN field has a convenient "copy to clipboard" -button next to it. +The IBAN field has a convenient "copy to clipboard" button next to it. -Making Transfers between Accounts +Making transfers between accounts --------------------------------- First, you need to know the IBAN of the account to credit, and log in as the @@ -202,7 +226,7 @@ be wired. After pressing "Send", you may have to pass a 2-FA check. Integration with the Taler Exchange =================================== -Exchange Configuration +Exchange configuration ---------------------- TODO. diff --git a/libeufin/nexus-manual.rst b/libeufin/nexus-manual.rst index abacac9a..bff74ef8 100644 --- a/libeufin/nexus-manual.rst +++ b/libeufin/nexus-manual.rst @@ -46,6 +46,23 @@ Installing Nexus The following section was tested on an *OpenJDK 17* environment. + +Installing the libeufin-nexus binary packages on Debian +------------------------------------------------------- + +.. include:: ../frags/installing-debian.rst + +.. include:: ../frags/apt-install-libeufin-nexus.rst + + +Installing the libeufin-nexus binary packages on Ubuntu +------------------------------------------------------- + +.. include:: ../frags/installing-ubuntu.rst + +.. include:: ../frags/apt-install-libeufin-nexus.rst + + Building from source -------------------- |