commit 08234249cc25e75c044af52aa94d6adc1cb520e7
parent 7ac89d0902fc74bed9536e177c12b1e0a253d0ad
Author: Florian Dold <florian@dold.me>
Date: Fri, 30 Jul 2021 16:28:14 +0200
debian: config and services
Diffstat:
12 files changed, 73 insertions(+), 31 deletions(-)
diff --git a/debian/control b/debian/control
@@ -1,5 +1,5 @@
Source: libeufin
-Section: networking
+Section: net
Priority: optional
Maintainer: Taler Systems SA <deb@taler.net>
Uploaders: Christian Grothoff <grothoff@gnu.org>, Florian Dold <dold@taler.net>
diff --git a/debian/etc/libeufin/nexus.env b/debian/etc/libeufin/nexus.env
@@ -0,0 +1,5 @@
+# Configuration settings for LibEuFin nexus.
+# These settings will be passed as environment variables.
+
+LIBEUFIN_NEXUS_PORT=5017
+LIBEUFIN_NEXUS_DB_CONNECTION=jdbc:sqlite:/var/lib/libeufin/nexus/nexus-db.sqlite3
diff --git a/debian/etc/libeufin/sandbox.env b/debian/etc/libeufin/sandbox.env
@@ -0,0 +1,5 @@
+# Configuration settings for the LibEuFin sandbox.
+# These settings will be passed as environment variables.
+
+LIBEUFIN_SANDBOX_PORT=5016
+LIBEUFIN_SANDBOX_DB_CONNECTION=jdbc:sqlite:/var/lib/libeufin/sandbox/sandbox-db.sqlite3
diff --git a/debian/libeufin.install b/debian/libeufin.install
@@ -0,0 +1 @@
+debian/etc/* etc/
diff --git a/debian/libeufin.libeufin-nexus.service b/debian/libeufin.libeufin-nexus.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=LibEuFin Nexus service.
+
+[Service]
+User=libeufin-nexus
+EnvironmentFile=/etc/libeufin/nexus.env
+ExecStart=/usr/bin/libeufin-nexus serve --port=${LIBEUFIN_NEXUS_PORT}
+Restart=on-failure
+SuccessExitStatus=143
+
+[Install]
+WantedBy=multi-user.target
diff --git a/debian/libeufin.libeufin-sandbox.service b/debian/libeufin.libeufin-sandbox.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=LibEuFin Sandbox service.
+
+[Service]
+EnvironmentFile=/etc/libeufin/sandbox.env
+User=libeufin-sandbox
+ExecStart=/usr/bin/libeufin-sandbox serve --port=${LIBEUFIN_SANDBOX_PORT}
+Restart=on-failure
+SuccessExitStatus=143
+
+[Install]
+WantedBy=multi-user.target
diff --git a/debian/libeufin.postinst b/debian/libeufin.postinst
@@ -2,9 +2,33 @@
set -e
+nexus_user=libeufin-nexus
+sandbox_user=libeufin-sandbox
+nexus_group=libeufin-nexus
+sandbox_group=libeufin-sandbox
+libeufin_home=/var/lib/libeufin
+
case "${1}" in
configure)
- if ! id libeufin &> /dev/null; then useradd --no-create-home --system libeufin; fi
+
+ if ! getent group $nexus_group >/dev/null; then
+ addgroup --quiet --system $nexus_group
+ fi
+
+ if ! getent group $sandbox_group >/dev/null; then
+ addgroup --quiet --system $sandbox_group
+ fi
+
+ # Create users if needed
+ if ! getent passwd $nexus_user >/dev/null; then
+ adduser --quiet --system --no-create-home --ingroup $nexus_group --home $libeufin_home $nexus_user
+ fi
+
+ # Create users if needed
+ if ! getent passwd $nexus_user >/dev/null; then
+ adduser --quiet --system --no-create-home --ingroup $sandbox_group --home $libeufin_home $sandbox_user
+ fi
+
;;
abort-upgrade|abort-remove|abort-deconfigure)
diff --git a/debian/libeufin.tmpfiles b/debian/libeufin.tmpfiles
@@ -0,0 +1,3 @@
+#Type Path Mode UID GID Age Argument
+d /var/lib/libeufin/sandbox 0700 libeufin-sandbox libeufin-sandbox - -
+d /var/lib/libeufin/nexus 0700 libeufin-nexus libeufin-nexus - -
diff --git a/debian/libeufinenv.conf b/debian/libeufinenv.conf
@@ -1,5 +0,0 @@
-LIBEUFIN_SANDBOX_PORT=5016
-LIBEUFIN_NEXUS_PORT=5017
-
-LIBEUFIN_SANDBOX_DB_CONNECTION=jdbc:sqlite:/tmp/libeufindb
-LIBEUFIN_NEXUS_DB_CONNECTION=jdbc:sqlite:/tmp/libeufindb
diff --git a/debian/nexus.service b/debian/nexus.service
@@ -1,12 +0,0 @@
-[Unit]
-Description=LibEuFin Nexus service.
-
-[Service]
-User=libeufin
-ExecStart=/usr/bin/libeufin-nexus serve --port=${LIBEUFIN_NEXUS_PORT}
-Restart=on-failure
-EnvironmentFile=/etc/libeufin/libeufinenv.conf
-SuccessExitStatus=143
-
-[Install]
-WantedBy=multi-user.target
diff --git a/debian/rules b/debian/rules
@@ -39,5 +39,14 @@ binary-indep:
override_dh_strip_nondeterminism:
true
+
+override_dh_installsystemd:
+ # Need to specify units manually, since we have multiple
+ # and dh_installsystemd by default only looks for "<package>.service".
+ dh_installsystemd -plibeufin --name=libeufin-nexus --no-start --no-enable
+ dh_installsystemd -plibeufin --name=libeufin-sandbox --no-start --no-enable
+ # final invocation to generate daemon reload
+ dh_installsystemd
+
get-orig-source:
uscan --force-download --rename
diff --git a/debian/sandbox.service b/debian/sandbox.service
@@ -1,12 +0,0 @@
-[Unit]
-Description=LibEuFin Sandbox service.
-
-[Service]
-EnvironmentFile=/etc/libeufin/libeufinenv.conf
-User=libeufin
-ExecStart=/usr/bin/libeufin-sandbox serve --port=${LIBEUFIN_SANDBOX_PORT}
-Restart=on-failure
-SuccessExitStatus=143
-
-[Install]
-WantedBy=multi-user.target
