From 8f2973b543a805f54f3c25c59e471c24d82fa8f5 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 3 Aug 2021 21:11:02 +0200 Subject: -update documentation for modified configuration structure --- manpages/taler.conf.5.rst | 23 +++++++++++++---------- taler-exchange-setup-guide.rst | 8 +++++++- 2 files changed, 20 insertions(+), 11 deletions(-) diff --git a/manpages/taler.conf.5.rst b/manpages/taler.conf.5.rst index 268391d8..fb20d58c 100644 --- a/manpages/taler.conf.5.rst +++ b/manpages/taler.conf.5.rst @@ -270,8 +270,7 @@ EXCHANGE ACCOUNT OPTIONS An exchange (or merchant) can have multiple bank accounts. The following options are for sections named “[exchange-account-SOMETHING]”. The ``SOMETHING`` is arbitrary and should be chosen to uniquely identify the bank account for -the operator. These options are used by the **taler-exchange-transfer** -and **taler-exchange-wirewatch** tools. +the operator. These options are used by the **taler-exchange-aggregator**, **taler-exchange-closer**, **taler-exchange-transfer** and **taler-exchange-wirewatch** tools. PAYTO_URI Specifies the payto://-URL of the account. The general format is @@ -281,6 +280,18 @@ PAYTO_URI ``payto://iban/DE67830654080004822650/`` (providing the BIC is optional). Note: only the wire-method is actually used from the URI. +ENABLE_DEBIT + Must be set to ``YES`` for the accounts that the + **taler-exchange-aggregator** and **taler-exchange-closer** should debit. + +ENABLE_CREDIT + Must be set to ``YES`` for the accounts that the **taler-exchange-wirewatch** + should check for credits. It is yet uncertain if the merchant + implementation may check this flag as well. + + +Additionally, for each enabled account there MUST be another matching section named “[exchange-accountcredentials-SOMETHING]”. This section SHOULD be in a ``secret/`` configuration file that is only readable for the **taler-exchange-wirewatch** and **taler-exchange-transfer** processes. It contains the credentials to access the bank account: + WIRE_GATEWAY_URL URL of the wire gateway. Typically of the form ``https://$HOSTNAME[:$PORT]/taler-wire-gateway/$USERNAME/`` @@ -300,14 +311,6 @@ USERNAME PASSWORD Password for ``basic`` authentication with the wire gateway. -ENABLE_DEBIT - Must be set to ``YES`` for the accounts that the - **taler-exchange-aggregator** and **taler-exchange-closer** should debit. - -ENABLE_CREDIT - Must be set to ``YES`` for the accounts that the **taler-exchange-wirewatch** - should check for credits. It is yet uncertain if the merchant - implementation may check this flag as well. EXCHANGE COIN OPTIONS diff --git a/taler-exchange-setup-guide.rst b/taler-exchange-setup-guide.rst index 5842ae64..f950484b 100644 --- a/taler-exchange-setup-guide.rst +++ b/taler-exchange-setup-guide.rst @@ -333,6 +333,12 @@ Next, we need to grant the other accounts limited access: | sudo -u taler-exchange-httpd psql taler-exchange [root@exchange-onlie]# echo 'GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN SCHEMA public TO "taler-exchange-wire";' \ | sudo -u taler-exchange-httpd psql taler-exchange + [root@exchange-onlie]# echo 'GRANT USAGE ON ALL SEQUENCES IN SCHEMA public TO "taler-exchange-aggregator";' \ + | sudo -u taler-exchange-httpd psql taler-exchange + [root@exchange-onlie]# echo 'GRANT USAGE ON ALL SEQUENCES IN SCHEMA public TO "taler-exchange-closer";' \ + | sudo -u taler-exchange-httpd psql taler-exchange + [root@exchange-onlie]# echo 'GRANT USAGE ON ALL SEQUENCES IN SCHEMA public TO "taler-exchange-wire";' \ + | sudo -u taler-exchange-httpd psql taler-exchange Assuming the above database setup, the database credentials to configure @@ -419,7 +425,7 @@ The exchange HTTP service can now be started: .. code-block:: shell-session - [root@exchange-online]# systemctl start taler-exchange.service + [root@exchange-online]# systemctl start taler-exchange.target [root@exchange-online]# export BASE_URL=$(taler-config -s exchange -o base_url) [root@exchange-online]# curl ${BASE_URL}management/keys -- cgit v1.2.3