summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-12-28 13:14:11 +0100
committerChristian Grothoff <christian@grothoff.org>2020-12-28 13:14:11 +0100
commite413b9523b7014a108f1b6e28526b88412eeef69 (patch)
tree99d83754ece0c4eed9567e5aa6cccbb4e87429cb
parent51eef33b4eccb4c77e3a47595946b3457250aeda (diff)
downloadexchange-e413b9523b7014a108f1b6e28526b88412eeef69.tar.gz
exchange-e413b9523b7014a108f1b6e28526b88412eeef69.tar.bz2
exchange-e413b9523b7014a108f1b6e28526b88412eeef69.zip
update Debian package instructions
-rw-r--r--debian/libtalerexchange.install1
-rw-r--r--debian/taler-exchange-dev.install1
-rw-r--r--debian/taler-exchange.config16
-rw-r--r--debian/taler-exchange.install1
-rw-r--r--debian/taler-exchange.postinst151
-rw-r--r--debian/taler-exchange.postrm35
-rw-r--r--debian/taler-exchange.service12
-rw-r--r--debian/taler-exchange.templates56
8 files changed, 207 insertions, 66 deletions
diff --git a/debian/libtalerexchange.install b/debian/libtalerexchange.install
index 3de3b10a4..bfd61d628 100644
--- a/debian/libtalerexchange.install
+++ b/debian/libtalerexchange.install
@@ -1 +1,2 @@
usr/lib/*/*.so.*
+usr/share/
diff --git a/debian/taler-exchange-dev.install b/debian/taler-exchange-dev.install
index 90d8c987f..0b2ea583f 100644
--- a/debian/taler-exchange-dev.install
+++ b/debian/taler-exchange-dev.install
@@ -1,3 +1,2 @@
usr/include
-usr/lib/*/*.so
usr/lib/*/pkgconfig
diff --git a/debian/taler-exchange.config b/debian/taler-exchange.config
index 6daa6818e..9cb12cd78 100644
--- a/debian/taler-exchange.config
+++ b/debian/taler-exchange.config
@@ -4,19 +4,25 @@ set -e
. /usr/share/debconf/confmodule
-db_input low gnunet-systempeer/username || true
+db_input low taler-exchange/eusername || true
db_go
-db_input low gnunet-systempeer/groupname || true
+db_input low taler-exchange/rsecusername || true
db_go
-db_input medium gnunet-systempeer/autostart || true
+db_input low taler-exchange/esecusername || true
db_go
-db_input medium gnunet-dns/libnsswitch || true
+db_input low taler-exchange/wireusername || true
db_go
-db_input medium gnunet-user/proxy || true
+db_input low taler-exchange/aggrusername || true
+db_go
+
+db_input low taler-exchange/groupname || true
+db_go
+
+db_input medium taler-exchange/autostart || true
db_go
db_stop
diff --git a/debian/taler-exchange.install b/debian/taler-exchange.install
index 984cba92b..04fc74fa9 100644
--- a/debian/taler-exchange.install
+++ b/debian/taler-exchange.install
@@ -1,4 +1,3 @@
etc/taler.conf
usr/bin/
usr/lib/*/taler/
-usr/share/
diff --git a/debian/taler-exchange.postinst b/debian/taler-exchange.postinst
index d943647b2..fb34ebe04 100644
--- a/debian/taler-exchange.postinst
+++ b/debian/taler-exchange.postinst
@@ -8,13 +8,25 @@ case "${1}" in
configure)
db_version 2.0
- db_get taler-systempeer/username
- _USERNAME="${RET:-taler}"
+ db_get taler-exchange/eusername
+ _EUSERNAME="${RET:-taler-exchange-httpd}"
- db_get taler-systempeer/groupname
- _GROUPNAME="${RET:-taler}"
+ db_get taler-exchange/rsecusername
+ _RSECUSERNAME="${RET:-taler-helper-rsa}"
- db_get taler-systempeer/autostart
+ db_get taler-exchange/esecusername
+ _ESECUSERNAME="${RET:-taler-helper-eddsa}"
+
+ db_get taler-exchange/wireusername
+ _WIREUSERNAME="${RET:-taler-exchange-wire}"
+
+ db_get taler-exchange/aggrusername
+ _AGGRUSERNAME="${RET:-taler-exchange-aggregator}"
+
+ db_get taler-exchange/groupname
+ _GROUPNAME="${RET:-taler-private}"
+
+ db_get taler-exchange/autostart
_AUTOSTART="${RET}" # boolean
db_stop
@@ -33,56 +45,135 @@ case "${1}" in
echo " done."
fi
- # Creating taler user if needed
- if ! getent passwd ${_USERNAME} > /dev/null
+ # Creating taler users if needed
+ if ! getent passwd ${_EUSERNAME} > /dev/null
then
- echo -n "Creating new Taler user ${_USERNAME}:"
- adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_USERNAME}
+ echo -n "Creating new Taler user ${_EUSERNAME}:"
+ adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/httpd ${_EUSERNAME}
echo " done."
fi
-
- # Add a special secured group
- TALERDNS_GROUP="talerdns"
-
- # Creating talerdns group if needed
- if ! getent group ${TALERDNS_GROUP} > /dev/null
+ if ! getent passwd ${_RSECUSERNAME} > /dev/null
then
- echo -n "Creating new secured Taler group ${TALERDNS_GROUP}:"
- addgroup --quiet --system ${TALERDNS_GROUP}
+ echo -n "Creating new Taler user ${_RSECUSERNAME}:"
+ adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/helper-rsa ${_USERNAME}
+ echo " done."
+ fi
+ if ! getent passwd ${_ESECUSERNAME} > /dev/null
+ then
+ echo -n "Creating new Taler user ${_ESECUSERNAME}:"
+ adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/helper-eddsa ${_ESECUSERNAME}
+ echo " done."
+ fi
+ if ! getent passwd ${_WIREUSERNAME} > /dev/null
+ then
+ echo -n "Creating new Taler user ${_WIREUSERNAME}:"
+ adduser --quiet --system --home ${TALER_HOME}/wire ${_WIREUSERNAME}
+ echo " done."
+ fi
+ if ! getent passwd ${_AGGRUSERNAME} > /dev/null
+ then
+ echo -n "Creating new Taler user ${_AGGRUSERNAME}:"
+ adduser --quiet --system --home ${TALER_HOME}/aggregator ${_AGGRUSERNAME}
echo " done."
fi
-fi
-
-# Writing new values to configuration file
-echo -n "Writing new configuration file:"
-CONFIG_NEW=$(tempfile)
+ # Writing new values to configuration file
+ echo -n "Writing new configuration file:"
+ CONFIG_NEW=$(tempfile)
cat > "${CONFIG_NEW}" <<EOF
# This file controls the behaviour of the Taler init script.
# It will be parsed as a shell script.
-# please do not edit by hand, use 'dpkg-reconfigure taler-systempeer'.
+# please do not edit by hand, use 'dpkg-reconfigure taler-exchange'.
-TALER_USER=${_USERNAME}
+TALER_EUSER=${_EUSERNAME}
+TALER_RSECUSER=${_RESCUSERNAME}
+TALER_ESECUSER=${_ESECUSERNAME}
+TALER_WIREUSER=${_WIREUSERNAME}
+TALER_AGGRUSER=${_AGGRUSERNAME}
TALER_GROUP=${_GROUPNAME}
TALER_AUTOSTART="${_AUTOSTART}"
EOF
-cat > "/etc/systemd/system/taler.service" <<EOF
+cat > "/etc/systemd/system/taler-exchange-httpd.service" <<EOF
[Unit]
-Description=GNU Taler payment system
+Description=GNU Taler payment system exchange REST API
+Requires=taler-exchange-helper-rsa.service taler-exchange-helper-eddsa.service
+Wants=taler-exchange-wirewatch taler-exchange-aggregator taler-exchange-transfer
+After=postgres.service network.target
[Service]
EnvironmentFile=/etc/default/taler
-User=${_USERNAME}
-Type=forking
-ExecStart=/usr/bin/taler-arm -s -c /etc/taler.conf
-ExecStop=/usr/bin/taler-arm -e -c /etc/taler.conf
+User=${_EUSERNAME}
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-httpd -c /etc/taler.conf
[Install]
WantedBy=multi-user.target
EOF
+cat > "/etc/systemd/system/taler-exchange-helper-rsa.service" <<EOF
+[Unit]
+Description=GNU Taler payment system exchange RSA security module
+
+[Service]
+EnvironmentFile=/etc/default/taler
+User=${_RSECUSERNAME}
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-helper-rsa -c /etc/taler.conf
+
+[Install]
+WantedBy=multi-user.target
+EOF
+cat > "/etc/systemd/system/taler-exchange-helper-eddsa.service" <<EOF
+[Unit]
+Description=GNU Taler payment system exchange EdDSA security module
+
+[Service]
+EnvironmentFile=/etc/default/taler
+User=${_ESECUSERNAME}
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-helper-eddsa -c /etc/taler.conf
+EOF
+cat > "/etc/systemd/system/taler-exchange-wirewatch.service" <<EOF
+[Unit]
+Description=GNU Taler payment system exchange wirewatch service
+After=network.target
+
+[Service]
+EnvironmentFile=/etc/default/taler
+User=${_WIREUSERNAME}
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-wirewatch -c /etc/taler-wire.conf
+EOF
+cat > "/etc/systemd/system/taler-exchange-transfer.service" <<EOF
+[Unit]
+Description=GNU Taler payment system exchange transfer service
+After=network.target
+
+[Service]
+EnvironmentFile=/etc/default/taler
+User=${_WIREUSERNAME}
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-wirewatch -c /etc/taler-wire.conf
+EOF
+cat > "/etc/systemd/system/taler-exchange-aggregator.service" <<EOF
+[Unit]
+Description=GNU Taler payment system exchange aggregator service
+
+[Service]
+EnvironmentFile=/etc/default/taler
+User=${_AGGRUSERNAME}
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-aggregator -c /etc/taler.conf
+EOF
+
cp -f "${CONFIG_NEW}" "${CONFIG_FILE}"
echo " done."
diff --git a/debian/taler-exchange.postrm b/debian/taler-exchange.postrm
index 2807d737a..ac696763a 100644
--- a/debian/taler-exchange.postrm
+++ b/debian/taler-exchange.postrm
@@ -22,27 +22,46 @@ case "${1}" in
. /usr/share/debconf/confmodule
db_version 2.0
- db_get taler-systempeer/username
- _USERNAME="${RET:-taler}"
+ db_get taler-exchange/eusername
+ _EUSERNAME="${RET:-taler-exchange-httpd}"
- db_get taler-systempeer/groupname
- _GROUPNAME="${RET:-taler}"
+ db_get taler-exchange/rsecusername
+ _RSECUSERNAME="${RET:-taler-helper-rsa}"
+
+ db_get taler-exchange/esecusername
+ _ESECUSERNAME="${RET:-taler-helper-eddsa}"
+
+ db_get taler-exchange/wireusername
+ _WIREUSERNAME="${RET:-taler-exchange-wire}"
+
+ db_get taler-exchange/aggrusername
+ _AGGRUSERNAME="${RET:-taler-exchange-aggregator}"
+
+ db_get taler-exchange/groupname
+ _GROUPNAME="${RET:-taler-private}"
else
- _USERNAME="taler"
- _GROUPNAME="taler"
+ _EUSERNAME="taler-exchange-httpd"
+ _RSECUSERNAME="taler-helper-rsa"
+ _ESECUSERNAME="taler-helper-eddsa"
+ _WIREUSERNAME="taler-exchange-wire"
+ _AGGRUSERNAME="taler-exchange-aggregator"
+ _GROUPNAME="taler-private"
fi
TALERDNS_GROUP="talerdns"
if pathfind deluser
then
- deluser --quiet --system ${_USERNAME} || true
+ deluser --quiet --system ${_EUSERNAME} || true
+ deluser --quiet --system ${_RSECUSERNAME} || true
+ deluser --quiet --system ${_ESECUSERNAME} || true
+ deluser --quiet --system ${_WIREUSERNAME} || true
+ deluser --quiet --system ${_AGGRUSERNAME} || true
fi
if pathfind delgroup
then
delgroup --quiet --system --only-if-empty ${_GROUPNAME} || true
- delgroup --quiet --system --only-if-empty ${TALERDNS_GROUP} || true
fi
rm -rf /var/log/taler/ /var/lib/taler /etc/default/taler
diff --git a/debian/taler-exchange.service b/debian/taler-exchange.service
deleted file mode 100644
index 587bf5f4c..000000000
--- a/debian/taler-exchange.service
+++ /dev/null
@@ -1,12 +0,0 @@
-[Unit]
-Description=GNU's payment system
-
-[Service]
-EnvironmentFile=/etc/default/taler
-User=${TALER_USER}
-Type=forking
-ExecStart=/usr/bin/gnunet-arm -s -c /etc/taler.conf
-ExecStop=/usr/bin/gnunet-arm -e -c /etc/taler.conf
-
-[Install]
-WantedBy=multi-user.target
diff --git a/debian/taler-exchange.templates b/debian/taler-exchange.templates
index f791b066e..1482c1356 100644
--- a/debian/taler-exchange.templates
+++ b/debian/taler-exchange.templates
@@ -1,26 +1,64 @@
-Template: taler-systempeer/username
+Template: taler-exchange/eusername
Type: string
Default: taler
_Description: Taler user:
- Please choose the user that the Taler server process will run as.
+ Please choose the user that the taler-exchange-httpd process will run as.
.
This should be a dedicated account. If the specified account does not
already exist, it will automatically be created, with no login shell.
-Template: taler-systempeer/groupname
+Template: taler-exchange/rsecusername
+Type: string
+Default: taler
+_Description: Taler user:
+ Please choose the user that the taler-exchange-helper-rsa process will run as.
+ .
+ This should be a dedicated account. If the specified account does not
+ already exist, it will automatically be created, with no login shell.
+
+Template: taler-exchange/esecusername
+Type: string
+Default: taler
+_Description: Taler user:
+ Please choose the user that the taler-exchange-helper-eddsa process will run as.
+ .
+ This should be a dedicated account. If the specified account does not
+ already exist, it will automatically be created, with no login shell.
+
+Template: taler-exchange/wireusername
+Type: string
+Default: taler
+_Description: Taler user:
+ Please choose the user that the taler-exchange-transfer and
+ taler-exchange-wirewatch processes will run as.
+ .
+ This should be a dedicated account. If the specified account does not
+ already exist, it will automatically be created, with no login shell.
+
+Template: taler-exchange/aggrusername
+Type: string
+Default: taler
+_Description: Taler user:
+ Please choose the user that the taler-exchange-aggregator process will run as.
+ .
+ This should be a dedicated account. If the specified account does not
+ already exist, it will automatically be created, with no login shell.
+
+Template: taler-exchange/groupname
Type: string
Default: taler
_Description: Taler group:
- Please choose the group that the Taler peer process will run as.
+ Please choose the group that the Taler exchange and security
+ modules will run as.
.
This should be a dedicated group, not one that already owns data.
- Only the members of this group will have access to Taler data, and
- be allowed to start and stop the Taler server.
+ Only the members of this group will have access to Taler private
+ online signing keys.
-Template: taler-systempeer/autostart
+Template: taler-exchange/autostart
Type: boolean
Default: true
-_Description: Should the Taler server be launched on boot?
- If you choose this option, a Taler peer will be launched each time
+_Description: Should the Taler exchange be launched on boot?
+ If you choose this option, a Taler exchange will be launched each time
the system is started. Otherwise, you will need to launch
Taler each time you want to use it.