From 49362d1c5ca0e3a4d483af4f8f476ac63c39ce3a Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 3 Aug 2021 10:14:35 +0200 Subject: -first minor docu update --- taler-exchange-setup-guide.rst | 47 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 46 insertions(+), 1 deletion(-) (limited to 'taler-exchange-setup-guide.rst') diff --git a/taler-exchange-setup-guide.rst b/taler-exchange-setup-guide.rst index aa0b91ab..80202b83 100644 --- a/taler-exchange-setup-guide.rst +++ b/taler-exchange-setup-guide.rst @@ -75,6 +75,9 @@ Finally, the required packages can be installed: [root@exchange-online]# apt-get install -y taler-exchange taler-exchange-offline [root@exchange-online]# apt-get install -y taler-merchant taler-wallet-cli +When asked about using dbconfig to configure the merchant's database, +select ``yes``. + By default, all installed services will be disabled. You need to enable and start them later. @@ -115,10 +118,52 @@ can use the ``taler-config`` helper: recommend to edit configuration files manually, as ``taler-config`` does not preserve comments and, by default, rewrites ``/etc/taler/taler.conf``. + Services, users, groups and file system hierarchy ================================================= -(FIXME: Explain the Debian package users, groups and locations.) +The *taler-exchange-httpd* package will create several system users +to compartmentalize different parts of the system: + + * taler-exchange-httpd: the user that runs the HTTP daemon with the core business logic + * taler-exchange-secmod-rsa: the user that manages the RSA private online signing keys + * taler-exchange-secmod-eddsa: the user that manages the EdDSA private online signing keys + * taler-exchange-closer: a helper process that closes reserves + * taler-exchange-aggregator: a helper process that aggregates deposits into larger wire transfer requests + * taler-exchange-wire: the user that performs wire transfers with the bank + * postgres: the user running the Postgres database (from *postgres* package) + * www-data: the user running the frontend HTTPS service with the TLS keys (from *nginx* package) + +.. note:: + + The *taler-merchant-httpd* package additionally creates a taler-merchant-httpd user + to runs the HTTP daemon with the merchant business logic. + + +The exchange setup uses the following system groups: + + * taler-exchange-db: group for all Taler users with direct database access, specifically taler-exchange-httpd, taler-exchange-wire, taler-exchange-closer and taler-exchange-aggregator + * taler-exchange-secmod: FIXME: how is this used right now? + * taler-exchange-offline: FIXME: how is this used right now? + + +The package will deploy systemd service files in +``/usr/lib/systemd/system/`` for the various components: + + * taler-exchange-aggregator.service: FIXME - explain + * taler-exchange-closer.service: FIXME - explain + * taler-exchange-httpd.service: FIXME - explain + * taler-exchange-httpd.socket: FIXME - explain + * taler-exchange-secmod-eddsa.service: FIXME - explain + * taler-exchange-secmod-rsa.service: FIXME - explain + * taler-exchange.target: FIXME - explain + * taler-exchange-transfer.service: FIXME - explain + * taler-exchange-wirewatch.service: FIXME - explain + + +(FIXME: Explain the Debian package users, groups and locations. -- anything missing?) + + Basic Setup: Currency and Denominations ======================================= -- cgit v1.2.3