-add CS-helpers to Debian package - exchange - Base system with REST service to issue digital coins, run by the payment service provider

commit 0141a8216162a33b4656f95a2d5305843ca4aeba
parent 3cd6156513dbf6cc665a5485d7957b7aca9dbb27
Author: Christian Grothoff <christian@grothoff.org>
Date:   Tue, 22 Feb 2022 13:29:52 +0100

-add CS-helpers to Debian package

Diffstat:
M debian/taler-exchange.install  | 2 ++
M debian/taler-exchange.postinst  | 4 ++++
M debian/taler-exchange.taler-exchange-httpd.service  | 4 ++--
A debian/taler-exchange.taler-exchange-secmod-cs.service  | 16 ++++++++++++++++

4 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/debian/taler-exchange.install b/debian/taler-exchange.install
@@ -2,6 +2,7 @@ usr/bin/taler-exchange-aggregator
 usr/bin/taler-exchange-closer
 usr/bin/taler-exchange-dbinit
 usr/bin/taler-exchange-httpd
+usr/bin/taler-exchange-secmod-cs
 usr/bin/taler-exchange-secmod-eddsa
 usr/bin/taler-exchange-secmod-rsa
 usr/bin/taler-exchange-transfer
@@ -13,6 +14,7 @@ usr/share/man/man1/taler-exchange-dbinit*
 usr/share/man/man1/taler-exchange-httpd*
 usr/share/man/man1/taler-exchange-secmod-eddsa*
 usr/share/man/man1/taler-exchange-secmod-rsa*
+usr/share/man/man1/taler-exchange-secmod-cs*
 usr/share/man/man1/taler-exchange-transfer*
 usr/share/man/man1/taler-exchange-wirewatch*
 usr/share/man/man1/taler-bank*
diff --git a/debian/taler-exchange.postinst b/debian/taler-exchange.postinst
@@ -9,6 +9,7 @@ _GROUPNAME=taler-exchange-secmod
 _DBGROUPNAME=taler-exchange-db
 _EUSERNAME=taler-exchange-httpd
 _CLOSERUSERNAME=taler-exchange-closer
+_CSECUSERNAME=taler-exchange-secmod-cs
 _RSECUSERNAME=taler-exchange-secmod-rsa
 _ESECUSERNAME=taler-exchange-secmod-eddsa
 _AGGRUSERNAME=taler-exchange-aggregator
@@ -33,6 +34,9 @@ configure)
   if ! getent passwd ${_RSECUSERNAME} >/dev/null; then
     adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_RSECUSERNAME}
   fi
+  if ! getent passwd ${_CSECUSERNAME} >/dev/null; then
+    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_CSECUSERNAME}
+  fi
   if ! getent passwd ${_ESECUSERNAME} >/dev/null; then
     adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_ESECUSERNAME}
   fi
diff --git a/debian/taler-exchange.taler-exchange-httpd.service b/debian/taler-exchange.taler-exchange-httpd.service
@@ -1,8 +1,8 @@
 [Unit]
 Description=GNU Taler payment system exchange REST API
 AssertPathExists=/run/taler/exchange-httpd
-Requires=taler-exchange-httpd.socket taler-exchange-secmod-rsa.service taler-exchange-secmod-eddsa.service
-After=postgres.service network.target taler-exchange-secmod-rsa.service taler-exchange-secmod-eddsa.service
+Requires=taler-exchange-httpd.socket taler-exchange-secmod-cs.service taler-exchange-secmod-rsa.service taler-exchange-secmod-eddsa.service
+After=postgres.service network.target taler-exchange-secmod-cs.service taler-exchange-secmod-rsa.service taler-exchange-secmod-eddsa.service
 PartOf=taler-exchange.target
 
 [Service]
diff --git a/debian/taler-exchange.taler-exchange-secmod-cs.service b/debian/taler-exchange.taler-exchange-secmod-cs.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=GNU Taler payment system exchange CS security module
+AssertPathExists=/run/taler/exchange-secmod-cs
+PartOf=taler-exchange.target
+
+[Service]
+User=taler-exchange-secmod-cs
+Type=simple
+Restart=always
+RestartSec=100ms
+ExecStart=/usr/bin/taler-exchange-secmod-cs -c /etc/taler/taler.conf
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=no
+PrivateDevices=yes
+ProtectSystem=full

	exchange Base system with REST service to issue digital coins, run by the payment service provider
	Log \| Files \| Refs \| Submodules \| README \| LICENSE

M	debian/taler-exchange.install	\|	2	++
M	debian/taler-exchange.postinst	\|	4	++++
M	debian/taler-exchange.taler-exchange-httpd.service	\|	4	++--
A	debian/taler-exchange.taler-exchange-secmod-cs.service	\|	16	++++++++++++++++