commit db907aaf50ac266cb8e9c9c02f8bdebb8d9167bb
parent 75d3b4a0eb34d7876b5b92b93c79e382fa1cfaa6
Author: Florian Dold <florian@dold.me>
Date: Fri, 30 Jul 2021 13:07:28 +0200
debian: anastasis has its own config
Diffstat:
8 files changed, 19 insertions(+), 41 deletions(-)
diff --git a/debian/anastasis-httpd.install b/debian/anastasis-httpd.install
@@ -9,5 +9,4 @@ usr/share/anastasis/*
usr/share/anastasis/sql/*
usr/share/anastasis/config.d/*
debian/etc/* /etc/
-debian/conf/* etc/anastasis/
debian/db/install/* usr/share/dbconfig-common/scripts/anastasis/install/
diff --git a/debian/anastasis-httpd.postinst b/debian/anastasis-httpd.postinst
@@ -2,6 +2,7 @@
set -e
+TALER_HOME="/var/lib/taler/"
_USERNAME=anastasis-httpd
_GROUPNAME=www-data
@@ -10,39 +11,12 @@ _GROUPNAME=www-data
dbc_dbfile_owner="${_USERNAME}:${_GROUPNAME}"
dbc_dbfile_perms="0600"
-# 1st argument will be the SECURITYTOKEN to use.
-apache_install() {
- echo -n "Starting Apache setup..."
- mkdir -p /etc/apache2/conf-available
- if [ ! -f /etc/apache2/conf-available/anastasis.conf ]; then
- echo -n "..."
- cat /etc/anastasis/apache.conf | sed -e "s/%SECURITYTOKEN%/$1/" >/etc/apache2/conf-available/anastasis.conf
- fi
- echo "Done"
-}
-
-# 1st argument will be the SECURITYTOKEN to use.
-nginx_install() {
- echo -n "Starting Nginx setup..."
- mkdir -p /etc/nginx/conf-available
- if [ ! -f /etc/nginx/conf-available/anastasis.conf ]; then
- echo -n "..."
- cat /etc/anastasis/nginx.conf | sed -e "s/%SECURITYTOKEN%/$1/" >/etc/nginx/conf-available/anastasis.conf
- fi
- echo "Done"
-}
-
. /usr/share/debconf/confmodule
case "${1}" in
configure)
- db_start
db_version 2.0
- # Read default values
- CONFIG_FILE="/etc/default/anastasis"
- TALER_HOME="/var/lib/taler/"
-
echo " User setup"
# Creating taler users if needed
if ! getent passwd ${_USERNAME} >/dev/null; then
@@ -56,9 +30,6 @@ configure)
dbc_go anastasis "$@"
fi
- cat >"/etc/systemd/system/anastasis-httpd.service" <<EOF
-EOF
-
# Configure Webserver
echo " Configuring Webserver"
db_get anastasis/reconfigure-webserver
diff --git a/debian/db/install/pgsql b/debian/db/install/pgsql
@@ -2,19 +2,22 @@
set -eu
+conf_anastasis_db=/etc/taler/secrets/anastasis-db.secret.conf
+conf_override=/etc/taler/override.conf
+
# get database settings from dbconfig-common and configure
# for ADMINISTRATIVE access
if [ -f /etc/dbconfig-common/anastasis.conf ]; then
. /etc/dbconfig-common/anastasis.conf
case "$dbc_dbtype" in
pgsql)
- anastasis-config -w \
- -c /etc/anastasis.conf \
+ anastasis-config \
+ -c $conf_anastasis_db \
-s "stasis-postgres" \
-o "CONFIG" \
-V "postgres:///$dbc_dbname"
- anastasis-config -w \
- -c /etc/anastasis.conf \
+ anastasis-config \
+ -c $conf_override \
-s "anastasis" \
-o "DB" \
-V "postgres"
@@ -50,13 +53,13 @@ if [ -f /etc/dbconfig-common/anastasis.conf ]; then
echo "GRANT SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO \"$dbc_dbuser\";" \
| sudo -u postgres psql "postgres:///$dbc_dbname"
- anastasis-config -w \
- -c /etc/anastasis.conf \
+ anastasis-config \
+ -c $conf_anastasis_db \
-s "stasis-postgres" \
-o "CONFIG" \
-V "postgres://$dbc_dbuser:$dbc_dbpass@$dbc_dbserver/$dbc_dbname"
- anastasis-config -w \
- -c /etc/anastasis.conf \
+ anastasis-config \
+ -c $conf_override \
-s "anastasis" \
-o "DB" \
-V "postgres"
diff --git a/debian/etc/anastasis/anastasis.conf b/debian/etc/anastasis/anastasis.conf
@@ -0,0 +1,4 @@
+[anastasis]
+DATABASE = postgres
+
+@inline-secret@ stasis-postgres secrets/anastasis-db.secret.conf
diff --git a/debian/etc/anastasis/secrets/anastasis-db.secret.conf b/debian/etc/anastasis/secrets/anastasis-db.secret.conf
@@ -0,0 +1,3 @@
+[stasis-postgres]
+#The connection string the plugin has to use for connecting to the database
+CONFIG = postgres:///anastasis
diff --git a/debian/conf/apache.conf b/debian/etc/apache2/sites-available/anastasis.conf
diff --git a/debian/conf/nginx.conf b/debian/etc/nginx/sites-available/anastasis
diff --git a/debian/etc/taler/conf.d/anastasis.conf b/debian/etc/taler/conf.d/anastasis.conf
@@ -1,2 +0,0 @@
-[anastasis]
-DATABASE = postgres
