depolymerization

wire gateway for Bitcoin/Ethereum
Log | Files | Refs | Submodules | README | LICENSE
commit cf2cddf1b19b3a33a3022b6d76cc2b74a3f9115a
parent 574f10c0f5032cf2cd0b607271a0e1e4d5a1335e
Author: Antoine A <>
Date:   Thu, 10 Jul 2025 16:00:23 +0200

common: add deb and CI

Diffstat:

A.ci/config.toml | 17+++++++++++++++++


M.gitignore | 2++


MCargo.lock | 34+++++++++++++++++-----------------


Mcommon/src/status.rs | 2--


Acontrib/ci/Containerfile | 32++++++++++++++++++++++++++++++++


Acontrib/ci/ci.sh | 35+++++++++++++++++++++++++++++++++++


Acontrib/ci/jobs/0-codespell/config.ini | 5+++++


Acontrib/ci/jobs/0-codespell/dictionary.txt | 8++++++++


Acontrib/ci/jobs/0-codespell/job.sh | 22++++++++++++++++++++++


Acontrib/ci/jobs/1-build/job.sh | 13+++++++++++++


Acontrib/ci/jobs/2-test/job.sh | 22++++++++++++++++++++++


Acontrib/ci/jobs/3-deb/job.sh | 23+++++++++++++++++++++++


Acontrib/ci/jobs/3-deb/test.sh | 38++++++++++++++++++++++++++++++++++++++


Acontrib/ci/jobs/4-deploy/config.ini | 5+++++


Acontrib/ci/jobs/4-deploy/job.sh | 14++++++++++++++


Acontrib/ci/run-all-jobs.sh | 5+++++


Acontrib/ci/version.sh | 17+++++++++++++++++


Mcontrib/depolymerizer-bitcoin-dbconfig | 2+-


Dcontrib/depolymerizer-ethereum-dbconfig | 162-------------------------------------------------------------------------------


Adebian/depolymerizer-bitcoin.depolymerizer-bitcoin-httpd.service | 35+++++++++++++++++++++++++++++++++++


Adebian/depolymerizer-bitcoin.depolymerizer-bitcoin-httpd.socket | 15+++++++++++++++


Adebian/depolymerizer-bitcoin.depolymerizer-bitcoin-worker.service | 33+++++++++++++++++++++++++++++++++


Adebian/depolymerizer-bitcoin.depolymerizer-bitcoin.slice | 4++++


Adebian/depolymerizer-bitcoin.depolymerizer-bitcoin.target | 10++++++++++


Adebian/depolymerizer-bitcoin.postinst | 46++++++++++++++++++++++++++++++++++++++++++++++


Adebian/depolymerizer-bitcoin.postrm | 27+++++++++++++++++++++++++++


Adebian/etc/apache2/sites-available/depolymerizer-bitcoin.conf | 22++++++++++++++++++++++


Adebian/etc/depolymerizer-bitcoin/conf.d/depolymerizer-bitcoin-httpd.conf | 10++++++++++


Adebian/etc/depolymerizer-bitcoin/conf.d/depolymerizer-bitcoin-system.conf | 6++++++


Adebian/etc/depolymerizer-bitcoin/conf.d/depolymerizer-bitcoin-worker.conf | 6++++++


Adebian/etc/depolymerizer-bitcoin/depolymerizer-bitcoin.conf | 27+++++++++++++++++++++++++++


Adebian/etc/depolymerizer-bitcoin/overrides.conf | 1+


Adebian/etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-db.secret.conf | 8++++++++


Adebian/etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-httpd.secret.conf | 8++++++++


Adebian/etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-worker.secret.conf | 3+++


Adebian/etc/nginx/sites-available/depolymerizer-bitcoin | 32++++++++++++++++++++++++++++++++


Mdepolymerizer-bitcoin/Cargo.toml | 67++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----------


Mdepolymerizer-bitcoin/src/bin/segwit-demo.rs | 2+-


Mdepolymerizer-bitcoin/src/rpc.rs | 4++--


Mdepolymerizer-bitcoin/src/segwit.rs | 6+++---


Mmakefile | 2+-


41 files changed, 632 insertions(+), 200 deletions(-)

diff --git a/.ci/config.toml b/.ci/config.toml
@@ -0,0 +1,17 @@
+[target.x86_64-unknown-linux-gnu]
+linker = "clang"
+rustflags = [
+    "-C",
+    "link-arg=-fuse-ld=mold",
+    "-C",
+    "link-arg=--target=x86_64-unknown-linux-gnu",
+]
+
+[target.aarch64-unknown-linux-gnu]
+linker = "clang"
+rustflags = [
+    "-C",
+    "link-arg=-fuse-ld=mold",
+    "-C",
+    "link-arg=--target=aarch64-unknown-linux-gnu",
+]
diff --git a/.gitignore b/.gitignore
@@ -1,7 +1,9 @@
 /target
 log
 configure
+test-suite.log
 /.vscode
+.ci
 /docs/*
 !/docs/*.docx
 !/docs/*.tex
diff --git a/Cargo.lock b/Cargo.lock
@@ -352,9 +352,9 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "4.5.40"
+version = "4.5.41"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "40b6887a1d8685cebccf115538db5c0efe625ccac9696ad45c409d96566e910f"
+checksum = "be92d32e80243a54711e5d7ce823c35c41c9d929dc4ab58e1276f625841aadf9"
 dependencies = [
  "clap_builder",
  "clap_derive",
@@ -362,9 +362,9 @@ dependencies = [
 
 [[package]]
 name = "clap_builder"
-version = "4.5.40"
+version = "4.5.41"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e0c66c08ce9f0c698cbce5c0279d0bb6ac936d8674174fe48f736533b964f59e"
+checksum = "707eab41e9622f9139419d573eca0900137718000c517d47da73045f54331c3d"
 dependencies = [
  "anstream",
  "anstyle",
@@ -374,9 +374,9 @@ dependencies = [
 
 [[package]]
 name = "clap_derive"
-version = "4.5.40"
+version = "4.5.41"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d2c7947ae4cc3d851207c1adb5b5e260ff0cca11446b1d6d1423788e442257ce"
+checksum = "ef4f52386a59ca4c860f7393bcf8abd8dfd91ecccc0f774635ff68e92eeef491"
 dependencies = [
  "heck",
  "proc-macro2",
@@ -636,9 +636,9 @@ dependencies = [
 
 [[package]]
 name = "curve25519-dalek"
-version = "4.1.3"
+version = "4.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be"
+checksum = "373b7c5dbd637569a2cca66e8d66b8c446a1e7bf064ea321d265d7b3dfe7c97e"
 dependencies = [
  "cfg-if",
  "cpufeatures",
@@ -711,7 +711,7 @@ dependencies = [
 
 [[package]]
 name = "depolymerizer-bitcoin"
-version = "0.1.0"
+version = "0.0.0"
 dependencies = [
  "anyhow",
  "axum",
@@ -813,9 +813,9 @@ dependencies = [
 
 [[package]]
 name = "ed25519-dalek"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871"
+checksum = "70e796c081cee67dc755e1a36a0a172b897fab85fc3f6bc48307991f64e4eca9"
 dependencies = [
  "curve25519-dalek",
  "ed25519",
@@ -894,9 +894,9 @@ checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be"
 
 [[package]]
 name = "fiat-crypto"
-version = "0.2.9"
+version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d"
+checksum = "64cd1e32ddd350061ae6edb1b082d7c54915b5c672c389143b9a63403a109f24"
 
 [[package]]
 name = "flate2"
@@ -2124,9 +2124,9 @@ dependencies = [
 
 [[package]]
 name = "rustls"
-version = "0.23.28"
+version = "0.23.29"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7160e3e10bf4535308537f3c4e1641468cd0e485175d6163087c0393c7d46643"
+checksum = "2491382039b29b9b11ff08b76ff6c97cf287671dbb74f0be44bda389fffe9bd1"
 dependencies = [
  "log",
  "once_cell",
@@ -2157,9 +2157,9 @@ dependencies = [
 
 [[package]]
 name = "rustls-webpki"
-version = "0.103.3"
+version = "0.103.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e4a72fe2bcf7a6ac6fd7d0b9e5cb68aeb7d4c0a0271730218b3e92d43b4eb435"
+checksum = "0a17884ae0c1b773f1ccd2bd4a8c72f16da897310a98b0e84bf349ad5ead92fc"
 dependencies = [
  "ring",
  "rustls-pki-types",
diff --git a/common/src/status.rs b/common/src/status.rs
@@ -16,7 +16,6 @@
 //! Transactions status in database
 
 /// Debit transaction status
-///
 ///           -> Requested  API request
 /// Requested -> Sent       Announced to the bitcoin network
 /// Sent      -> Requested  Conflicting transaction (reorg)
@@ -42,7 +41,6 @@ impl TryFrom<u8> for DebitStatus {
 }
 
 /// Bounce transaction status
-///
 ///           -> Requested  Credit in wrong format
 /// Requested -> Ignored    Insufficient found
 /// Requested -> Sent       Announced to the bitcoin network
diff --git a/contrib/ci/Containerfile b/contrib/ci/Containerfile
@@ -0,0 +1,32 @@
+FROM docker.io/library/rust:bookworm
+
+ENV DEBIAN_FRONTEND=noninteractive \
+    # Persistent cargo cache
+    CARGO_HOME=/workdir/.ci
+    
+    # Add both amd64 and arm64 packages architecture
+RUN dpkg --add-architecture amd64 && \
+    dpkg --add-architecture arm64 && \
+    # Apt sync
+    apt-get update -yq && \
+    apt-get upgrade -yq && \
+    # Install build & test dependencies
+    apt-get install -yq \
+                   sudo \
+                   make \
+                   postgresql \
+                   mold \
+                   clang \
+                   crossbuild-essential-arm64 \
+                   crossbuild-essential-amd64 \
+                   libc6-dev-arm64-cross \
+                   libc6-dev-amd64-cross && \
+    # Add both amd64 and arm64 rustc targets
+    rustup target add x86_64-unknown-linux-gnu && \
+    rustup target add aarch64-unknown-linux-gnu && \
+    # Install cargo debian package tool
+    cargo install cargo-deb
+
+WORKDIR /workdir
+
+CMD ["bash", "/workdir/ci/ci.sh"]
diff --git a/contrib/ci/ci.sh b/contrib/ci/ci.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+set -exvuo pipefail
+
+# Requires podman
+# Fails if not found in PATH
+OCI_RUNTIME=$(which podman)
+REPO_NAME=$(basename "${PWD}")
+JOB_NAME="${1}"
+NATIVE_ARCH=$(dpkg --print-architecture)
+JOB_ARCH=$((grep CONTAINER_ARCH contrib/ci/jobs/${JOB_NAME}/config.ini | cut -d' ' -f 3) || echo "${2:-$NATIVE_ARCH}")
+JOB_CONTAINER=$((grep CONTAINER_NAME contrib/ci/jobs/${JOB_NAME}/config.ini | cut -d' ' -f 3) || echo "localhost/${REPO_NAME}:${JOB_ARCH}")
+CONTAINER_BUILD=$((grep CONTAINER_BUILD contrib/ci/jobs/${JOB_NAME}/config.ini | cut -d' ' -f 3) || echo "True")
+
+echo "Image name: ${JOB_CONTAINER}"
+
+if [ "${CONTAINER_BUILD}" = "True" ] ; then
+	"${OCI_RUNTIME}" build \
+		--arch "${JOB_ARCH}" \
+		-t "${JOB_CONTAINER}" \
+		-f contrib/ci/Containerfile .
+fi
+
+"${OCI_RUNTIME}" run \
+	--rm \
+	-ti \
+	--arch "${JOB_ARCH}" \
+	--env CI_COMMIT_REF="$(git rev-parse HEAD)" \
+	--volume "${PWD}":/workdir \
+	--workdir /workdir \
+	"${JOB_CONTAINER}" \
+	contrib/ci/jobs/"${JOB_NAME}"/job.sh
+
+top_dir=$(dirname "${BASH_SOURCE[0]}")
+
+#"${top_dir}"/build.sh
diff --git a/contrib/ci/jobs/0-codespell/config.ini b/contrib/ci/jobs/0-codespell/config.ini
@@ -0,0 +1,5 @@
+[build]
+HALT_ON_FAILURE = False
+WARN_ON_FAILURE = True
+CONTAINER_BUILD = False
+CONTAINER_NAME = nixery.dev/shell/codespell
diff --git a/contrib/ci/jobs/0-codespell/dictionary.txt b/contrib/ci/jobs/0-codespell/dictionary.txt
@@ -0,0 +1,7 @@
+# List of "words" that codespell should ignore in our sources.
+#
+# Note: The word sensitivity depends on how the to-be-ignored word is
+#  spelled in codespell_lib/data/dictionary.txt.  F.e. if there is a word
+# 'foo' and you add 'Foo' _here_, codespell will continue to complain
+#  about 'Foo'.
+#
+\ No newline at end of file
diff --git a/contrib/ci/jobs/0-codespell/job.sh b/contrib/ci/jobs/0-codespell/job.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+set -exuo pipefail
+
+job_dir=$(dirname "${BASH_SOURCE[0]}")
+
+skip=$(cat <<EOF
+*/doc/prebuilt/*
+*/.git/*
+*/.ci/*
+*/target/*
+*/contrib/ci/*
+*.conf
+*.log
+./uri-pack/src/majestic_million.csv
+./uri-pack/src/urltestdata.json
+./article-brains22/*
+EOF
+);
+
+echo Current directory: `pwd`
+
+codespell -I "${job_dir}"/dictionary.txt -S ${skip//$'\n'/,}
diff --git a/contrib/ci/jobs/1-build/job.sh b/contrib/ci/jobs/1-build/job.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+set -exuo pipefail
+
+# Update system
+apt-get update -yq
+apt-get upgrade -yq
+
+./bootstrap
+./configure --prefix=/usr
+
+# Build for release
+cargo build --release --target x86_64-unknown-linux-gnu
+cargo build --release --target aarch64-unknown-linux-gnu
diff --git a/contrib/ci/jobs/2-test/job.sh b/contrib/ci/jobs/2-test/job.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+set -exuo pipefail
+
+# Update system
+apt-get update -yq
+apt-get upgrade -yq
+
+# Setup postgres cluster
+sudo -u postgres pg_ctlcluster 15 main start
+sudo -u postgres createuser root --superuser
+sudo -u postgres createdb -O root taler_rust_check
+
+check_command()
+{
+    make check &> test-suite.log
+}
+
+if ! check_command ; then
+    cat test-suite.log
+    exit 1
+fi
+\ No newline at end of file
diff --git a/contrib/ci/jobs/3-deb/job.sh b/contrib/ci/jobs/3-deb/job.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+set -exuo pipefail
+
+# Update system
+apt-get update -yq
+apt-get upgrade -yq
+cargo install cargo-deb
+
+# Build package
+export GIT_HASH=$(git rev-parse --short HEAD)
+export VERSION="$(./contrib/ci/version.sh)"
+echo "Building package version ${VERSION}"
+cargo deb -p depolymerizer-bitcoin --deb-version ${VERSION} --target x86_64-unknown-linux-gnu
+cargo deb -p depolymerizer-bitcoin --deb-version ${VERSION} --target aarch64-unknown-linux-gnu
+
+# Test package
+./contrib/ci/jobs/3-deb/test.sh
+
+# Move to artifact
+ls -alh /workdir/target/*/debian/*.deb
+mkdir -p /artifacts/depolymerizer-bitcoin/${CI_COMMIT_REF} # Variable comes from CI environment
+mv /workdir/target/*/debian/*.deb /artifacts/depolymerizer-bitcoin/${CI_COMMIT_REF}
+\ No newline at end of file
diff --git a/contrib/ci/jobs/3-deb/test.sh b/contrib/ci/jobs/3-deb/test.sh
@@ -0,0 +1,37 @@
+set -eu
+
+ARCH=$(dpkg --print-architecture)
+
+function step() {
+    echo -e "\n$@" >&2
+}
+
+step "Install depolymerizer-bitcoin"
+dpkg -i /workdir/target/*/debian/*$ARCH.deb
+
+step "Install depolymerizer-bitcoin again"
+dpkg -i /workdir/target/*/debian/*$ARCH.deb
+
+step "Start postgres cluster"
+sudo -u postgres pg_ctlcluster 15 main start
+
+step "depolymerizer-bitcoin version:"
+depolymerizer-bitcoin --version
+
+step "depolymerizer-bitcoin-httpd user:"
+id depolymerizer-bitcoin-httpd
+
+step "depolymerizer-bitcoin-worker user:"
+id depolymerizer-bitcoin-worker
+
+step "Run dbconfig"
+sudo depolymerizer-bitcoin-dbconfig -r
+
+step "Remove depolymerizer-bitcoin"
+dpkg --remove depolymerizer-bitcoin
+
+step "Reinstall depolymerizer-bitcoin"
+dpkg -i /workdir/target/*/debian/*$ARCH.deb
+
+step "Purge depolymerizer-bitcoin:"
+dpkg --purge depolymerizer-bitcoin
+\ No newline at end of file
diff --git a/contrib/ci/jobs/4-deploy/config.ini b/contrib/ci/jobs/4-deploy/config.ini
@@ -0,0 +1,5 @@
+[build]
+HALT_ON_FAILURE = True
+WARN_ON_FAILURE = True
+CONTAINER_BUILD = False
+CONTAINER_NAME = nixery.dev/shell/rsync
diff --git a/contrib/ci/jobs/4-deploy/job.sh b/contrib/ci/jobs/4-deploy/job.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+set -exuo pipefail
+
+ARTIFACT_PATH="/artifacts/depolymerizer-bitcoin/${CI_COMMIT_REF}/*.deb"
+
+RSYNC_HOST="taler.host.internal"
+RSYNC_PORT=424242
+RSYNC_PATH="incoming_packages/bookworm-taler-ci/"
+RSYNC_DEST="rsync://${RSYNC_HOST}/${RSYNC_PATH}"
+
+
+rsync -vP \
+      --port ${RSYNC_PORT} \
+      ${ARTIFACT_PATH} ${RSYNC_DEST}
diff --git a/contrib/ci/run-all-jobs.sh b/contrib/ci/run-all-jobs.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+set -eax
+for JOB in $(ls $(dirname $0)/jobs | sort -n); do
+  $(dirname $0)/ci.sh $JOB;
+done;
diff --git a/contrib/ci/version.sh b/contrib/ci/version.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+set -ex
+
+BRANCH=$(git name-rev --name-only HEAD)
+if [ -z "${BRANCH}" ]; then
+	exit 1
+else
+        # "Unshallow" our checkout, but only our current branch, and exclude the submodules.
+	git fetch --no-recurse-submodules --tags --depth=1000 origin "${BRANCH}"
+	RECENT_VERSION_TAG=$(git describe --tags --match 'v*.*.*' --exclude '*-dev*' --always --abbrev=0 HEAD || exit 1)
+	commits="$(git rev-list ${RECENT_VERSION_TAG}..HEAD --count)"
+	if [ "${commits}" = "0" ]; then
+		git describe --tag HEAD | sed -r 's/^v//' || exit 1
+	else
+		echo $(echo ${RECENT_VERSION_TAG} | sed -r 's/^v//')-${commits}-$(git rev-parse --short=8 HEAD)
+	fi
+fi
diff --git a/contrib/depolymerizer-bitcoin-dbconfig b/contrib/depolymerizer-bitcoin-dbconfig
@@ -126,7 +126,7 @@ fi
 
 # Run dbinit
 if [ 0 = "$SKIP_INIT" ]; then
-  if ! sudo -u "$DBUSER" taler-depolymerizer-bitcoin dbinit -c "$CFGFILE"; then
+  if ! sudo -u "$DBUSER" depolymerizer-bitcoin dbinit -c "$CFGFILE"; then
     exit_fail "Failed to initialize database schema"
   fi
 fi
diff --git a/contrib/depolymerizer-ethereum-dbconfig b/contrib/depolymerizer-ethereum-dbconfig
@@ -1,162 +0,0 @@
-#!/bin/bash
-# This file is part of GNU TALER.
-# Copyright (C) 2025 Taler Systems SA
-#
-# TALER is free software; you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free Software
-# Foundation; either version 2.1, or (at your option) any later version.
-#
-# TALER is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License along with
-# TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
-#
-# @author Antoine d'Aligny
-
-# Error checking on
-set -eu
-
-# 1 is true, 0 is false
-RESET_DB=0
-FORCE_PERMS=0
-SKIP_INIT=0
-DBUSER="depolymerizer-ethereum-httpd"
-DBGROUP="depolymerizer-ethereum-db"
-CFGFILE="/etc/depolymerizer-ethereum/depolymerizer-ethereum.conf"
-
-# Parse command-line options
-while getopts 'c:g:hprsu:' OPTION; do
-  case "$OPTION" in
-  c)
-    CFGFILE="$OPTARG"
-    ;;
-  g)
-    DBGROUP="$OPTARG"
-    ;;
-  h)
-    echo 'Supported options:'
-    echo "  -c FILENAME  -- use configuration FILENAME (default: $CFGFILE)"
-    echo "  -g GROUP     -- depolymerizer-ethereum to be run by GROUP (default: $DBGROUP)"
-    echo "  -h           -- print this help text"
-    echo "  -r           -- reset database (dangerous)"
-    echo "  -p           -- force permission setup even without database initialization"
-    echo "  -s           -- skip database initialization"
-    echo "  -u USER      -- depolymerizer-ethereum to be run by USER (default: $DBUSER)"
-    exit 0
-    ;;
-  p)
-    FORCE_PERMS="1"
-    ;;
-  r)
-    RESET_DB="1"
-    ;;
-  s)
-    SKIP_INIT="1"
-    ;;
-  u)
-    DBUSER="$OPTARG"
-    ;;
-  ?)
-    echo "Unrecognized command line option '$OPTION'" 1 &>2
-    exit 1
-    ;;
-  esac
-done
-
-function exit_fail() {
-  echo "$@" >&2
-  exit 1
-}
-
-if ! id postgres >/dev/null; then
-  exit_fail "Could not find 'postgres' user. Please install Postgresql first"
-fi
-
-if ! depolymerizer-ethereum --version 2>/dev/null; then
-  exit_fail "Required 'depolymerizer-ethereum' not found. Please fix your installation."
-fi
-
-if [ "$(id -u)" -ne 0 ]; then
-  exit_fail "This script must be run as root"
-fi
-
-# Check OS users exist
-if ! id "$DBUSER" >/dev/null; then
-  exit_fail "Could not find '$DBUSER' user. Please set it up first"
-fi
-
-# Create DB user matching OS user name
-echo "Setting up database user '$DBUSER'." 1>&2
-if ! sudo -i -u postgres createuser "$DBUSER" 2>/dev/null; then
-  echo "Database user '$DBUSER' already existed. Continuing anyway." 1>&2
-fi
-
-# Check database name
-DBPATH=$(depolymerizer-ethereum -c "$CFGFILE" config get depolymerizer-ethereumdb-postgres CONFIG)
-if ! echo "$DBPATH" | grep "postgres://" >/dev/null; then
-  exit_fail "Invalid database configuration value '$DBPATH'." 1>&2
-fi
-DBNAME=$(echo "$DBPATH" | sed -e "s/postgres:\/\/.*\///" -e "s/?.*//")
-
-# Reset database
-if sudo -i -u postgres psql "$DBNAME" </dev/null 2>/dev/null; then
-  if [ 1 = "$RESET_DB" ]; then
-    echo "Deleting existing database '$DBNAME'." 1>&2
-    if ! sudo -i -u postgres dropdb "$DBNAME"; then
-      exit_fail "Failed to delete existing database '$DBNAME'"
-    fi
-    DO_CREATE=1
-  else
-    echo "Database '$DBNAME' already exists, continuing anyway."
-    DO_CREATE=0
-  fi
-else
-  DO_CREATE=1
-fi
-
-# Create database
-if [ 1 = "$DO_CREATE" ]; then
-  echo "Creating database '$DBNAME'." 1>&2
-  if ! sudo -i -u postgres createdb -O "$DBUSER" "$DBNAME"; then
-    exit_fail "Failed to create database '$DBNAME'"
-  fi
-fi
-
-# Run dbinit
-if [ 0 = "$SKIP_INIT" ]; then
-  if ! sudo -u "$DBUSER" taler-depolymerizer-ethereum dbinit -c "$CFGFILE"; then
-    exit_fail "Failed to initialize database schema"
-  fi
-fi
-
-# Set permission for group user
-if [ 0 = "$SKIP_INIT" ] || [ 1 = "$FORCE_PERMS" ]; then
-  # Create DB group matching OS group name
-  echo "Setting up database group '$DBGROUP'." 1>&2
-  if ! sudo -i -u postgres createuser "$DBGROUP" 2>/dev/null; then
-    echo "Database group '$DBGROUP' already existed. Continuing anyway." 1>&2
-  fi
-  if ! echo "GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \"$DBGROUP\"" |
-    sudo -i -u postgres psql "$DBNAME"; then
-    exit_fail "Failed to grant access to '$DBGROUP'."
-  fi
-
-  # Update group users rights
-  DB_GRP="$(getent group "$DBGROUP" | sed -e "s/.*://g" -e "s/,/ /g")"
-  echo "Initializing permissions for '$DB_GRP' users." 1>&2
-  for GROUPIE in $DB_GRP; do
-    if [ "$GROUPIE" != "$DBUSER" ]; then
-      if ! sudo -i -u postgres createuser "$GROUPIE" 2>/dev/null; then
-        echo "Database user '$GROUPIE' already existed. Continuing anyway." 1>&2
-      fi
-    fi
-    if ! echo "GRANT ROLE \"$DBGROUP\" ON SCHEMA exchange TO \"$GROUPIE\"" |
-      sudo -i -u postgres psql "$DBNAME"; then
-      exit_fail "Failed to make '$GROUPIE' part of '$DBGROUP' db group."
-    fi
-  done
-fi
-
-echo "Database configuration finished." 1>&2
diff --git a/debian/depolymerizer-bitcoin.depolymerizer-bitcoin-httpd.service b/debian/depolymerizer-bitcoin.depolymerizer-bitcoin-httpd.service
@@ -0,0 +1,35 @@
+[Unit]
+Description=GNU Taler Bitcoin depolymerizer REST API
+Requires=depolymerizer-bitcoin-httpd.socket
+After=network.target postgres.service
+PartOf=depolymerizer-bitcoin.target
+
+[Service]
+User=depolymerizer-bitcoin-httpd
+Type=simple
+
+# Depending on the configuration, the service process kills itself and then
+# needs to be restarted. Thus no significant delay on restarts.
+Restart=always
+RestartMode=direct
+RestartSec=1ms
+RestartPreventExitStatus=9
+
+# Disable the service if more than 5 restarts are encountered within 5s.
+# These are usually the systemd defaults, but can be overwritten, thus we set
+# them here explicitly, as the exchange code assumes StartLimitInterval
+# to be >=5s.
+StartLimitBurst=5
+StartLimitInterval=5s
+
+ExecStart=/usr/bin/depolymerizer-bitcoin serve -c /etc/depolymerizer-bitcoin/depolymerizer-bitcoin.conf
+ExecCondition=/usr/bin/depolymerizer-bitcoin serve -c /etc/depolymerizer-bitcoin/depolymerizer-bitcoin.conf --check
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectSystem=full
+Slice=depolymerizer-bitcoin.slice
+
+[Install]
+WantedBy=multi-user.target
diff --git a/debian/depolymerizer-bitcoin.depolymerizer-bitcoin-httpd.socket b/debian/depolymerizer-bitcoin.depolymerizer-bitcoin-httpd.socket
@@ -0,0 +1,14 @@
+[Unit]
+Description=GNU Taler Bitcoin depolymerizer socket
+PartOf=depolymerizer-bitcoin-httpd.service
+
+[Socket]
+ListenStream=/run/depolymerizer-bitcoin/httpd/depolymerizer-bitcoin-http.sock
+Accept=no
+Service=depolymerizer-bitcoin-httpd.service
+SocketUser=depolymerizer-bitcoin-httpd
+SocketGroup=www-data
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target
+\ No newline at end of file
diff --git a/debian/depolymerizer-bitcoin.depolymerizer-bitcoin-worker.service b/debian/depolymerizer-bitcoin.depolymerizer-bitcoin-worker.service
@@ -0,0 +1,33 @@
+[Unit]
+Description=GNU Taler Bitcoin depolymerizer worker
+After=network.target postgres.service
+PartOf=depolymerizer-bitcoin.target
+
+[Service]
+User=depolymerizer-bitcoin-worker
+Type=simple
+
+# Depending on the configuration, the service process kills itself and then
+# needs to be restarted. Thus no significant delay on restarts.
+Restart=always
+RestartMode=direct
+RestartSec=1ms
+RestartPreventExitStatus=9
+
+# Disable the service if more than 5 restarts are encountered within 5s.
+# These are usually the systemd defaults, but can be overwritten, thus we set
+# them here explicitly, as the exchange code assumes StartLimitInterval
+# to be >=5s.
+StartLimitBurst=5
+StartLimitInterval=5s
+
+ExecStart=/usr/bin/depolymerizer-bitcoin worker -c /etc/depolymerizer-bitcoin/depolymerizer-bitcoin.conf
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectSystem=full
+Slice=depolymerizer-bitcoin.slice
+
+[Install]
+WantedBy=multi-user.target
diff --git a/debian/depolymerizer-bitcoin.depolymerizer-bitcoin.slice b/debian/depolymerizer-bitcoin.depolymerizer-bitcoin.slice
@@ -0,0 +1,3 @@
+[Unit]
+Description=Slice for GNU Taler Bitcoin depolymerizer processes
+Before=slices.target
+\ No newline at end of file
diff --git a/debian/depolymerizer-bitcoin.depolymerizer-bitcoin.target b/debian/depolymerizer-bitcoin.depolymerizer-bitcoin.target
@@ -0,0 +1,9 @@
+[Unit]
+Description=GNU Taler Bitcoin depolymerizer
+After=postgres.service network.target
+
+Wants=depolymerizer-bitcoin-httpd.service
+Wants=depolymerizer-bitcoin-worker.service
+
+[Install]
+WantedBy=multi-user.target
+\ No newline at end of file
diff --git a/debian/depolymerizer-bitcoin.postinst b/debian/depolymerizer-bitcoin.postinst
@@ -0,0 +1,45 @@
+#!/bin/bash
+
+set -e
+
+# Group with access to our database
+_DBGROUP=depolymerizer-bitcoin-db
+
+# Different users for the different components
+_HTTPDUSER=depolymerizer-bitcoin-httpd
+_WORKERUSER=depolymerizer-bitcoin-worker
+
+if [ "$1" = "configure" ] ; then
+  # Create taler groups as needed
+  if ! getent group ${_DBGROUP} >/dev/null; then
+    addgroup --quiet --system ${_DBGROUP}
+  fi
+  # Create users as needed
+  if ! getent passwd ${_HTTPDUSER} >/dev/null; then
+    adduser --quiet --system --no-create-home --ingroup ${_DBGROUP} ${_HTTPDUSER}
+  fi
+  if ! getent passwd ${_WORKERUSER} >/dev/null; then
+    adduser --quiet --system --no-create-home --ingroup ${_DBGROUP} ${_WORKERUSER}
+  fi
+
+  # Update secret files permissions
+  if ! dpkg-statoverride --list /etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-db.secret.conf >/dev/null 2>&1; then
+    dpkg-statoverride --add --update \
+      root ${_DBGROUP} 460 \
+      /etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-db.secret.conf
+  fi
+  if ! dpkg-statoverride --list /etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-httpd.secret.conf >/dev/null 2>&1; then
+    dpkg-statoverride --add --update \
+      ${_HTTPDUSER} root 640 \
+      /etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-httpd.secret.conf
+  fi
+  if ! dpkg-statoverride --list /etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-worker.secret.conf >/dev/null 2>&1; then
+    dpkg-statoverride --add --update \
+      ${_WORKERUSER} root 640 \
+      /etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-worker.secret.conf
+  fi
+fi
+
+#DEBHELPER#
+
+exit 0
+\ No newline at end of file
diff --git a/debian/depolymerizer-bitcoin.postrm b/debian/depolymerizer-bitcoin.postrm
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+set -e
+
+# Group with access to our database
+_DBGROUP=depolymerizer-bitcoin-db
+
+# Different users for the different components
+_HTTPDUSER=depolymerizer-bitcoin-httpd
+_WORKERUSER=depolymerizer-bitcoin-worker
+
+if [ "$1" = "purge" ] ; then
+  # Remove permissions override
+  for fs in depolymerizer-bitcoin-db.secret.conf depolymerizer-bitcoin-httpd.secret.conf depolymerizer-bitcoin-worker.secret.conf; do
+    dpkg-statoverride --remove /etc/depolymerizer-bitcoin/secrets/$fs || true 
+  done
+  # Remove users
+  deluser --quiet --system ${_HTTPDUSER} || true
+  deluser --quiet --system ${_WORKERUSER} || true
+  # Remove groups
+  delgroup --only-if-empty --quiet ${_DBGROUP} || true
+fi
+
+#DEBHELPER#
+
+exit 0
+\ No newline at end of file
diff --git a/debian/etc/apache2/sites-available/depolymerizer-bitcoin.conf b/debian/etc/apache2/sites-available/depolymerizer-bitcoin.conf
@@ -0,0 +1,22 @@
+# Make sure to enable the following Apache modules before
+# integrating this into your configuration:
+#
+# a2enmod proxy
+# a2enmod proxy_http
+# a2enmod headers
+#
+# NOTE:
+# - consider to adjust the location
+# - consider putting all this into a VirtualHost
+# - strongly consider setting up TLS support
+#
+# For all of the above, please read the respective
+# Apache documentation.
+#
+<Location "/depolymerizer-bitcoin/">
+  ProxyPass "unix:/var/run/depolymerizer-bitcoin/httpd/depolymerizer-bitcoin-http.sock|http://example.com/"
+
+  # NOTE:
+  # - Uncomment this line if you use TLS/HTTPS
+  RequestHeader add "X-Forwarded-Proto" "https"
+</Location>
diff --git a/debian/etc/depolymerizer-bitcoin/conf.d/depolymerizer-bitcoin-httpd.conf b/debian/etc/depolymerizer-bitcoin/conf.d/depolymerizer-bitcoin-httpd.conf
@@ -0,0 +1,9 @@
+# Configuration the bitcoin depolymerizer worker REST API.
+
+[depolymerizer-bitcoin-httpd-wire-gateway-api]
+# ENABLED = YES
+@inline-secret@ depolymerizer-bitcoin-httpd-wire-gateway-api ../secrets/depolymerizer-bitcoin-httpd.secret.conf
+
+[depolymerizer-bitcoin-httpd-revenue-api]
+# ENABLED = YES
+@inline-secret@ depolymerizer-bitcoin-httpd-revenue-api ../secrets/depolymerizer-bitcoin-httpd.secret.conf
+\ No newline at end of file
diff --git a/debian/etc/depolymerizer-bitcoin/conf.d/depolymerizer-bitcoin-system.conf b/debian/etc/depolymerizer-bitcoin/conf.d/depolymerizer-bitcoin-system.conf
@@ -0,0 +1,6 @@
+# Configuration for system aspects of the bitcoin depolymerizer.
+
+# Read secret sections into configuration, but only
+# if we have permission to do so.
+@inline-secret@ depolymerizer-bitcoindb-postgres ../secrets/depolymerizer-bitcoin-db.secret.conf
+
diff --git a/debian/etc/depolymerizer-bitcoin/conf.d/depolymerizer-bitcoin-worker.conf b/debian/etc/depolymerizer-bitcoin/conf.d/depolymerizer-bitcoin-worker.conf
@@ -0,0 +1,5 @@
+# Configuration the bitcoin depolymerizer worker.
+
+[depolymerizer-bitcoin-worker]
+WALLET_NAME = 
+@inline-secret@ depolymerizer-bitcoin-worker ../secrets/depolymerizer-bitcoin-worker.secret.conf
+\ No newline at end of file
diff --git a/debian/etc/depolymerizer-bitcoin/depolymerizer-bitcoin.conf b/debian/etc/depolymerizer-bitcoin/depolymerizer-bitcoin.conf
@@ -0,0 +1,26 @@
+# Main entry point for the Bitcoin Depolymerizer configuration.
+#
+# Structure:
+# - depolymerizer-bitcoin is the main configuration entry point
+#   used by all Bitcoin Depolymerizer components (the file you are currently
+#   looking at.
+# - overrides.conf contains configuration overrides that are
+#   set by some tools that help with the configuration,
+#   and should not be edited by humans.  Comments in this file
+#   are not preserved.
+# - conf.d/ contains configuration files for
+#   Taler components, which can be read by all
+#   users of the system and are included by the main
+#   configuration.
+# - secrets/ contains configuration snippets
+#   with secrets for particular services.
+#   These files should have restrictive permissions
+#   so that only users of the relevant services
+#   can read it.  All files in it should end with
+#   ".secret.conf".
+
+# Inline configurations from all Bitcoin Depolymerizer components.
+@inline-matching@ conf.d/*.conf
+
+# Overrides from tools that help with configuration.
+@inline@ overrides.conf
+\ No newline at end of file
diff --git a/debian/etc/depolymerizer-bitcoin/overrides.conf b/debian/etc/depolymerizer-bitcoin/overrides.conf
@@ -0,0 +1 @@
+# This configuration will be changed by tooling.  Do not touch it manually.
diff --git a/debian/etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-db.secret.conf b/debian/etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-db.secret.conf
@@ -0,0 +1,8 @@
+[depolymerizer-bitcoindb-postgres]
+
+# Typically, there should only be a single line here, of the form:
+
+CONFIG=postgres:///depolymerizer-bitcoin
+
+# The details of the URI depend on where the database lives and how
+# access control was configured.
diff --git a/debian/etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-httpd.secret.conf b/debian/etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-httpd.secret.conf
@@ -0,0 +1,7 @@
+[depolymerizer-bitcoin-httpd-wire-gateway-api]
+# AUTH_METHOD = bearer
+# TOKEN =
+
+[depolymerizer-bitcoin-httpd-revenue-api]
+# AUTH_METHOD = bearer
+# TOKEN =
+\ No newline at end of file
diff --git a/debian/etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-worker.secret.conf b/debian/etc/depolymerizer-bitcoin/secrets/depolymerizer-bitcoin-worker.secret.conf
@@ -0,0 +1,2 @@
+[depolymerizer-bitcoin-worker]
+PASSWORD =
+\ No newline at end of file
diff --git a/debian/etc/nginx/sites-available/depolymerizer-bitcoin b/debian/etc/nginx/sites-available/depolymerizer-bitcoin
@@ -0,0 +1,31 @@
+server {
+  # NOTE:
+  # - urgently consider configuring TLS instead
+  # - maybe keep a forwarder from HTTP to HTTPS
+  listen 80;
+
+  # NOTE:
+  # - Comment out this line if you have no IPv6
+  listen [::]:80;
+
+  # NOTE:
+  # - replace with your actual server name
+  server_name localhost;
+
+  access_log /var/log/nginx/depolymerizer-bitcoin.log;
+  error_log /var/log/nginx/depolymerizer-bitcoin.err;
+  
+  location /depolymerizer-bitcoin/ {
+    proxy_pass http://unix:/var/run/depolymerizer-bitcoin/httpd/depolymerizer-bitcoin-http.sock;
+    proxy_redirect off;
+    proxy_set_header Host $host;
+
+    # NOTE:
+    # - put your actual DNS name here
+    proxy_set_header X-Forwarded-Host "localhost";
+
+    # NOTE:
+    # - uncomment the following line if you are using HTTPS
+    # proxy_set_header X-Forwarded-Proto "https";
+  }
+}
+\ No newline at end of file
diff --git a/depolymerizer-bitcoin/Cargo.toml b/depolymerizer-bitcoin/Cargo.toml
@@ -1,6 +1,7 @@
 [package]
 name = "depolymerizer-bitcoin"
-version = "0.1.0"
+version = "0.0.0"
+description = "Bitcoin depolymerizer"
 edition.workspace = true
 authors.workspace = true
 homepage.workspace = true
@@ -12,21 +13,14 @@ license-file.workspace = true
 fail = []
 
 [dependencies]
-# Typed bitcoin rpc types
+bech32 = "0.11.0"
+serde_repr = "0.1.16"
+common = { path = "../common" }
 bitcoin.workspace = true
-# Cli args parser
 clap.workspace = true
-# Bech32 encoding and decoding
-bech32 = "0.11.0"
-# Serialization library
 serde.workspace = true
 serde_json.workspace = true
-serde_repr = "0.1.16"
-# Error macros
 thiserror.workspace = true
-# Common lib
-common = { path = "../common" }
-# Hexadecimal encoding
 hex.workspace = true
 anyhow.workspace = true
 taler-api.workspace = true
@@ -45,3 +39,54 @@ taler-test-utils.workspace = true
 [[bench]]
 name = "metadata"
 harness = false
+
+
+[package.metadata.deb]
+name = "depolymerizer-bitcoin"
+priority = "optional"
+section = "net"
+maintainer = "Taler Systems SA <deb@taler.net>"
+maintainer-scripts = "../debian/"
+systemd-units = [
+    { unit-name = "depolymerizer-bitcoin", enable = false, start = false, stop-on-upgrade = false },
+    { unit-name = "depolymerizer-bitcoin-httpd", enable = false, start = false, stop-on-upgrade = false },
+    { unit-name = "depolymerizer-bitcoinworker", enable = false, start = false, stop-on-upgrade = false },
+]
+recommends = ["nginx | apache2 | httpd", "postgresql (>= 15.0)"]
+assets = [
+    # Binary
+    [
+        "target/release/depolymerizer-bitcoin",
+        "/usr/bin/",
+        "755",
+    ],
+    # Scripts
+    [
+        "../contrib/depolymerizer-bitcoin-dbconfig",
+        "/usr/bin/",
+        "755",
+    ],
+    # Sql
+    [
+        "../database-versioning/versioning.sql",
+        "/usr/share/depolymerizer-bitcoin/sql/",
+        "644",
+    ],
+    [
+        "../database-versioning/depolymerizer-bitcoin*.sql",
+        "/usr/share/depolymerizer-bitcoin/sql/",
+        "644",
+    ],
+    # Default config
+    [
+        "depolymerizer-bitcoin.conf",
+        "/usr/share/depolymerizer-bitcoin/config.d/",
+        "644",
+    ],
+    # Configs
+    [
+        "../debian/etc/**/*",
+        "/etc",
+        "644",
+    ],
+]
diff --git a/depolymerizer-bitcoin/src/bin/segwit-demo.rs b/depolymerizer-bitcoin/src/bin/segwit-demo.rs
@@ -60,7 +60,7 @@ pub fn main() {
     let minimum = rpc_utils::segwit_min_amount().to_btc();
     println!("Send a single bitcoin transaction with the three addresses as recipient as follow:");
     println!(
-        "\nIn bitcoincore wallet use 'Add Recipient' button to add two additional recipient and copy adresses and amounts"
+        "\nIn bitcoincore wallet use 'Add Recipient' button to add two additional recipient and copy addresses and amounts"
     );
     let first = Address::from_str(&first).unwrap().assume_checked();
     let second = Address::from_str(&second).unwrap().assume_checked();
diff --git a/depolymerizer-bitcoin/src/rpc.rs b/depolymerizer-bitcoin/src/rpc.rs
@@ -248,7 +248,7 @@ impl Rpc {
 
     /* ----- Wallet utils ----- */
 
-    /// Generate a new address fot the current wallet
+    /// Generate a new address for the current wallet
     pub async fn gen_addr(&mut self) -> Result<Address> {
         Ok(self
             .call::<Address<NetworkUnchecked>>("getnewaddress", &EMPTY)
@@ -467,7 +467,7 @@ pub struct TransactionDetail {
     pub amount: SignedAmount,
     #[serde(default, with = "bitcoin::amount::serde::as_btc::opt")]
     pub fee: Option<SignedAmount>,
-    /// Ony for send transaction
+    /// Only for send transaction
     pub abandoned: Option<bool>,
 }
 
diff --git a/depolymerizer-bitcoin/src/segwit.rs b/depolymerizer-bitcoin/src/segwit.rs
@@ -46,7 +46,7 @@ fn encode_segwit_key_half(
     encode_segwit_addr(hrp, &buf)
 }
 
-/// Encode a 32B key into two segwit adresses
+/// Encode a 32B key into two segwit addresses
 pub fn encode_segwit_key(hrp: Hrp, msg: &[u8; 32]) -> [String; 2] {
     // Generate a random prefix
     let prefix = rand_slice();
@@ -63,13 +63,13 @@ pub fn encode_segwit_key(hrp: Hrp, msg: &[u8; 32]) -> [String; 2] {
 pub enum DecodeSegWitErr {
     #[error("There is less than 2 segwit addresses")]
     MissingSegWitAddress,
-    #[error("No adresses are sharing a common prefix")]
+    #[error("No addresses are sharing a common prefix")]
     NoPrefixMatch,
     #[error("More than two addresses are sharing a common prefix")]
     PrefixCollision,
 }
 
-/// Decode a 32B key into from adresses
+/// Decode a 32B key into from addresses
 pub fn decode_segwit_msg(
     segwit_addrs: &[impl AsRef<str>],
 ) -> Result<EddsaPublicKey, DecodeSegWitErr> {
diff --git a/makefile b/makefile
@@ -43,7 +43,7 @@ doc:
 
 .PHONY: deb
 deb:
-	cargo deb -v -p taler-magnet-bank --deb-version=$(shell ./contrib/ci/version.sh)
+	cargo deb -v -p depolymerizer-bitcoin --deb-version=$(shell ./contrib/ci/version.sh)
 
 .PHONY: ci
 ci: