commit a8f12d6c5424ec48bf50dec400fb759c0031b4e6 parent a5e9361b7c2e648d974df3407b9f47bebb214be7 Author: bohdan-potuzhnyi <bohdan.potuzhnyi@gmail.com> Date: Mon, 7 Apr 2025 17:19:21 +0200 Merge branch 'master' into dev/bohdan-potuzhnyi/donau-integration Diffstat:
36 files changed, 588 insertions(+), 105 deletions(-)
diff --git a/configure.ac b/configure.ac @@ -18,7 +18,7 @@ # This configure file is in the public domain AC_PREREQ([2.69]) -AC_INIT([taler-merchant],[0.14.5],[taler-bug@gnunet.org]) +AC_INIT([taler-merchant],[0.14.6],[taler-bug@gnunet.org]) AC_CONFIG_SRCDIR([src/backend/taler-merchant-httpd.c]) AC_CONFIG_HEADERS([taler_merchant_config.h]) # support for non-recursive builds diff --git a/contrib/merchant-spa.lock b/contrib/merchant-spa.lock @@ -1 +1 @@ -0.14.0-dev.3 +0.14.12-dev.1 diff --git a/debian/changelog b/debian/changelog @@ -1,3 +1,9 @@ +taler-merchant (0.14.6) unstable; urgency=low + + * Release version 0.14.6 + + -- Christian Grothoff <grothoff@gnu.org> Fri, 4 Apr 2025 06:51:13 +0200 + taler-merchant (0.14.5) unstable; urgency=low * Release version 0.14.5 diff --git a/debian/control b/debian/control @@ -8,8 +8,8 @@ Build-Depends: autopoint, debhelper-compat (= 12), gettext, - libgnunet-dev (>=0.23.1), - libtalerexchange-dev (>=0.14.1), + libgnunet-dev (>=0.24.0), + libtalerexchange-dev (>=0.14.7), libpq-dev (>=15.0), po-debconf, libqrencode-dev, @@ -48,7 +48,7 @@ Pre-Depends: ${misc:Pre-Depends} Depends: libtalermerchant (= ${binary:Version}), - libtalerexchange (>= 0.14.1), + libtalerexchange (>= 0.14.7), adduser, lsb-base, netbase, @@ -69,8 +69,8 @@ Package: libtalermerchant-dev Section: libdevel Architecture: any Depends: - libtalerexchange-dev (>= 0.14.1), - libgnunet-dev (>=0.22.3), + libtalerexchange-dev (>= 0.14.7), + libgnunet-dev (>=0.24.0), ${misc:Depends}, ${shlibs:Depends} Description: libraries to talk to a GNU Taler merchant (development). diff --git a/debian/etc/apache2/sites-available/taler-merchant.conf b/debian/etc/apache2/sites-available/taler-merchant.conf @@ -13,10 +13,36 @@ # For all of the above, please read the respective # Apache documentation. # -<Location "/"> - ProxyPass "unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://example.com/" +<VirtualHost *:80> + ServerName %%your.domain%% - # NOTE: - # - Uncomment this line if you use TLS/HTTPS - RequestHeader add "X-Forwarded-Proto" "https" -</Location> + ErrorLog /var/log/apache2/merchant-error.log + CustomLog /var/log/apache2/merchant-access.log combined + + ProxyPreserveHost On + ProxyRequests Off + + ProxyPass / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/ + ProxyPassReverse / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/ + + RequestHeader set X-Forwarded-Proto "http" +</VirtualHost> + +<VirtualHost *:443> + ServerName %%your.domain%% + + ErrorLog /var/log/apache2/merchant-error.log + CustomLog /var/log/apache2/merchant-access.log combined + + SSLEngine On + SSLCertificateFile /etc/letsencrypt/live/%%your.domain%%/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/%%your.domain%%/privkey.pem + + ProxyPreserveHost On + ProxyRequests Off + + ProxyPass / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/ + ProxyPassReverse / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/ + + RequestHeader set X-Forwarded-Proto "https" +</VirtualHost> diff --git a/debian/etc/nginx/sites-available/taler-merchant b/debian/etc/nginx/sites-available/taler-merchant @@ -10,22 +10,47 @@ server { # NOTE: # - replace with your actual server name - server_name localhost; + server_name %%your.domain%%; access_log /var/log/nginx/merchant.log; error_log /var/log/nginx/merchant.err; - location /taler-merchant/ { + + location / { proxy_pass http://unix:/var/run/taler-merchant/httpd/merchant-http.sock; proxy_redirect off; proxy_set_header Host $host; # NOTE: # - put your actual DNS name here - proxy_set_header X-Forwarded-Host "localhost"; - - # NOTE: - # - uncomment the following line if you are using HTTPS - # proxy_set_header X-Forwarded-Proto "https"; + proxy_set_header X-Forwarded-Host "%%your.domain%%"; + proxy_set_header X-Forwarded-Proto "http"; } +} + +server { + # NOTE: + # - This block provides the TLS/HTTPS configuration + listen 443 ssl; + listen [::]:443 ssl; + # NOTE: + # - replace with your actual server name + server_name %%your.domain%%; + + ssl_certificate /etc/letsencrypt/live/%%your.domain%%/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/%%your.domain%%/privkey.pem; + + access_log /var/log/nginx/merchant.log; + error_log /var/log/nginx/merchant.err; + + location / { + proxy_pass http://unix:/var/run/taler-merchant/httpd/merchant-http.sock; + proxy_redirect off; + proxy_set_header Host $host; + + # NOTE: + # - put your actual DNS name here + proxy_set_header X-Forwarded-Host "%%your.domain%%"; + proxy_set_header X-Forwarded-Proto "https"; + } } \ No newline at end of file diff --git a/debian/taler-merchant.install b/debian/taler-merchant.install @@ -1,6 +1,5 @@ usr/bin/taler-merchant-* -# FIXME: Why does this not go into libtalermerchant? usr/lib/*/libtalermerchantdb.so.* usr/lib/*/taler-merchant/*.so diff --git a/debian/taler-merchant.postinst b/debian/taler-merchant.postinst @@ -7,14 +7,35 @@ if [ -d /run/systemd/system ]; then fi if [ "$1" = "remove" ]; then if [ -x "/usr/bin/deb-systemd-helper" ]; then + deb-systemd-helper mask 'taler-merchant-depositcheck.service' >/dev/null || true + deb-systemd-helper mask 'taler-merchant-exchangekeyupdate.service' >/dev/null || true deb-systemd-helper mask 'taler-merchant-httpd.service' >/dev/null || true + deb-systemd-helper mask 'taler-merchant-kyccheck.service' >/dev/null || true + deb-systemd-helper mask 'taler-merchant-reconciliation.service' >/dev/null || true + deb-systemd-helper mask 'taler-merchant-webhook.service' >/dev/null || true + deb-systemd-helper mask 'taler-merchant-wirewatch.service' >/dev/null || true + deb-systemd-helper mask 'taler-merchant.target' >/dev/null || true fi fi if [ "$1" = "purge" ]; then if [ -x "/usr/bin/deb-systemd-helper" ]; then + deb-systemd-helper purge 'taler-merchant-depositcheck.service' >/dev/null || true + deb-systemd-helper unmask 'taler-merchant-depositcheck.service' >/dev/null || true + deb-systemd-helper purge 'taler-merchant-exchangekeyupdate.service' >/dev/null || true + deb-systemd-helper unmask 'taler-merchant-exchangekeyupdate.service' >/dev/null || true deb-systemd-helper purge 'taler-merchant-httpd.service' >/dev/null || true deb-systemd-helper unmask 'taler-merchant-httpd.service' >/dev/null || true + deb-systemd-helper purge 'taler-merchant-kyccheck.service' >/dev/null || true + deb-systemd-helper unmask 'taler-merchant-kyccheck.service' >/dev/null || true + deb-systemd-helper purge 'taler-merchant-reconciliation.service' >/dev/null || true + deb-systemd-helper unmask 'taler-merchant-reconciliation.service' >/dev/null || true + deb-systemd-helper purge 'taler-merchant-webhook.service' >/dev/null || true + deb-systemd-helper unmask 'taler-merchant-webhook.service' >/dev/null || true + deb-systemd-helper purge 'taler-merchant-wirewatch.service' >/dev/null || true + deb-systemd-helper unmask 'taler-merchant-wirewatch.service' >/dev/null || true + deb-systemd-helper purge 'taler-merchant.target' >/dev/null || true + deb-systemd-helper unmask 'taler-merchant.target' >/dev/null || true fi fi diff --git a/debian/taler-merchant.prerm b/debian/taler-merchant.prerm @@ -3,7 +3,7 @@ set -e if [ -d /run/systemd/system ] && [ "$1" = remove ]; then - deb-systemd-invoke stop 'taler-merchant-httpd.service' >/dev/null || true + deb-systemd-invoke stop 'taler-merchant*' >/dev/null || true fi exit 0 diff --git a/doc/Makefile.am b/doc/Makefile.am @@ -11,6 +11,7 @@ man_MANS = \ prebuilt/man/taler-merchant-kyccheck.1 \ prebuilt/man/taler-merchant-passwd.1 \ prebuilt/man/taler-merchant-reconciliation.1 \ + prebuilt/man/taler-merchant-rproxy-setup.1 \ prebuilt/man/taler-merchant-webhook.1 \ prebuilt/man/taler-merchant-wirewatch.1 diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c @@ -523,7 +523,7 @@ TMH_lookup_instance (const char *instance_id) struct GNUNET_HashCode h_instance; if (NULL == instance_id) - instance_id = "default"; + instance_id = "admin"; GNUNET_CRYPTO_hash (instance_id, strlen (instance_id), &h_instance); @@ -552,7 +552,7 @@ TMH_add_instance (struct TMH_MerchantInstance *mi) id = mi->settings.id; if (NULL == id) - id = "default"; + id = "admin"; GNUNET_CRYPTO_hash (id, strlen (id), &mi->h_instance); @@ -624,7 +624,7 @@ spa_redirect (const struct TMH_RequestHandler *rh, MHD_HTTP_HEADER_CONTENT_TYPE, "text/plain")); if ( (NULL == hc->instance) || - (0 == strcmp ("default", + (0 == strcmp ("admin", hc->instance->settings.id)) ) dst = GNUNET_strdup ("/webui/"); else @@ -1371,7 +1371,7 @@ url_handler (void *cls, }; static struct TMH_RequestHandler public_handlers[] = { { - /* for "default" instance, it does not even + /* for "admin" instance, it does not even have to exist before we give the WebUI */ .url_prefix = "/", .method = MHD_HTTP_METHOD_GET, @@ -1624,7 +1624,7 @@ url_handler (void *cls, instance_id = GNUNET_strndup (istart, slash - istart); if (0 == strcmp (instance_id, - "default")) + "admin")) { MHD_RESULT ret; struct MHD_Response *response; @@ -1660,10 +1660,10 @@ url_handler (void *cls, } hc->instance = TMH_lookup_instance (instance_id); if ( (NULL == hc->instance) && - (0 == strcmp ("default", + (0 == strcmp ("admin", instance_id)) ) hc->instance = TMH_lookup_instance (NULL); - if ( (0 == strcmp ("default", + if ( (0 == strcmp ("admin", instance_id)) && (NULL != TMH_default_auth) && (NULL != hc->instance) ) diff --git a/src/backend/taler-merchant-httpd_helper.c b/src/backend/taler-merchant-httpd_helper.c @@ -803,7 +803,7 @@ TMH_base_url_by_connection (struct MHD_Connection *connection, uri_path); } if (0 != strcmp (instance, - "default")) + "admin")) { GNUNET_buffer_write_path (buf, "/instances/"); @@ -870,7 +870,7 @@ TMH_taler_uri_by_connection (struct MHD_Connection *connection, if (NULL != uri_path) GNUNET_buffer_write_path (buf, uri_path); - if (0 != strcmp ("default", + if (0 != strcmp ("admin", instance)) { GNUNET_buffer_write_path (buf, diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-abort.c b/src/backend/taler-merchant-httpd_post-orders-ID-abort.c @@ -797,6 +797,7 @@ begin_transaction (struct AbortContext *ac) &h_contract_terms)) { GNUNET_break_op (0); + TMH_db->rollback (TMH_db->cls); resume_abort_with_error (ac, MHD_HTTP_FORBIDDEN, TALER_EC_MERCHANT_POST_ORDERS_ID_ABORT_CONTRACT_HASH_MISSMATCH, diff --git a/src/backend/taler-merchant-httpd_private-post-instances-ID-auth.c b/src/backend/taler-merchant-httpd_private-post-instances-ID-auth.c @@ -182,7 +182,7 @@ retry: } mi->auth_override = false; if (0 == strcmp (mi->settings.id, - "default")) + "admin")) { /* The default auth string should've been cleared with the first request diff --git a/src/backend/taler-merchant-httpd_private-post-instances.c b/src/backend/taler-merchant-httpd_private-post-instances.c @@ -365,7 +365,7 @@ retry: TMH_reload_instances (mi->settings.id); } if (0 == strcmp (is.id, - "default")) + "admin")) { GNUNET_free (TMH_default_auth); /* clear it if the default instance was created */ diff --git a/src/backenddb/pg_statistics_examples.sql b/src/backenddb/pg_statistics_examples.sql @@ -56,16 +56,16 @@ VALUES ('deposits' ,'sales (before refunds)' ,'amount' - ,generate_series (1, 10, 1) || generate_series (60, 180, 60), - ,array_fill (1, 10) || array_fill (5, 3)] + ,ARRAY(SELECT generate_series (1, 10, 1)) || ARRAY(SELECT generate_series (60, 180, 60)), + ,array_fill (1, ARRAY[10]) || array_fill (5, ARRAY[3]) ), ('products-sold' ,'number of products sold' ,'number' - ,generate_series (1, 10, 1) || [60], - ,array_fill (1, 10) || [10] + ,ARRAY(SELECT generate_series (1, 10, 1)) || [60], + ,array_fill (1, ARRAY[10]) || [10] ) -ON CONFLICT DO NOTHING; +ON CONFLICT DO NOTHING; DROP FUNCTION IF EXISTS merchant_deposits_statistics_trigger CASCADE; CREATE FUNCTION merchant_deposits_statistics_trigger() @@ -134,7 +134,7 @@ VALUES ,ARRAY['second'::statistic_range, 'minute', 'day', 'week', 'month', 'quarter', 'year'] ,ARRAY[120, 120, 60, 12, 24, 8, 10] -- track last 120s, 120 minutes, 60 days, 12 weeks, 24 months, 8 quarters and 10 years ) -ON CONFLICT DO NOTHING; +ON CONFLICT DO NOTHING; DROP FUNCTION IF EXISTS merchant_products_sold_statistics_trigger CASCADE; CREATE FUNCTION merchant_products_sold_statistics_trigger() diff --git a/src/backenddb/test_merchantdb.c b/src/backenddb/test_merchantdb.c @@ -720,6 +720,7 @@ make_product (const char *id, product->product.description_i18n = json_array (); GNUNET_assert (NULL != product->product.description_i18n); product->product.unit = "boxes"; + product->product.minimum_age = 0; GNUNET_assert (GNUNET_OK == TALER_string_to_amount ("EUR:120.40", &product->product.price)); @@ -1115,6 +1116,7 @@ pre_test_products (struct TestProducts_Closure *cls) &cls->products[1]); cls->products[1].product.description = "This is a another test product"; cls->products[1].product.unit = "cans"; + cls->products[1].product.minimum_age = 0; GNUNET_assert (GNUNET_OK == TALER_string_to_amount ("EUR:4.95", &cls->products[1].product.price)); @@ -1438,18 +1440,25 @@ make_order (const char *order_id, &order->claim_token, sizeof (order->claim_token)); refund_deadline = GNUNET_TIME_relative_to_timestamp (GNUNET_TIME_UNIT_WEEKS); - json_object_set_new (order->contract, - "fulfillment_url", - json_string ("a")); - json_object_set_new (order->contract, - "order_id", - json_string (order_id)); - json_object_set_new (order->contract, - "pay_deadline", - GNUNET_JSON_from_timestamp (order->pay_deadline)); - json_object_set_new (order->contract, - "refund_deadline", - GNUNET_JSON_from_timestamp (refund_deadline)); + GNUNET_assert (0 == + json_object_set_new (order->contract, + "fulfillment_url", + json_string ("a"))); + GNUNET_assert (0 == + json_object_set_new (order->contract, + "order_id", + json_string (order_id))); + GNUNET_assert (0 == + json_object_set_new ( + order->contract, + "pay_deadline", + GNUNET_JSON_from_timestamp (order->pay_deadline)) + ); + GNUNET_assert (0 == + json_object_set_new (order->contract, + "refund_deadline", + GNUNET_JSON_from_timestamp ( + refund_deadline))); } @@ -2113,9 +2122,10 @@ pre_test_orders (struct TestOrders_Closure *cls) make_order ("test_orders_od_2", &cls->orders[2]); - GNUNET_assert (0 == json_object_set_new (cls->orders[1].contract, - "other_field", - json_string ("Second contract"))); + GNUNET_assert (0 == + json_object_set_new (cls->orders[1].contract, + "other_field", + json_string ("Second contract"))); cls->orders[2].pay_deadline = GNUNET_TIME_UNIT_ZERO_TS; GNUNET_assert (0 == @@ -2252,9 +2262,10 @@ run_test_orders (struct TestOrders_Closure *cls) } } /* Test update contract terms */ - json_object_set_new (cls->orders[0].contract, - "some_new_field", - json_string ("another value")); + GNUNET_assert (0 == + json_object_set_new (cls->orders[0].contract, + "some_new_field", + json_string ("another value"))); TEST_RET_ON_FAIL (test_update_contract_terms (&cls->instance, &cls->orders[0], GNUNET_DB_STATUS_SUCCESS_ONE_RESULT)); diff --git a/src/merchant-tools/Makefile.am b/src/merchant-tools/Makefile.am @@ -11,12 +11,16 @@ bin_PROGRAMS = \ taler-merchant-passwd \ taler-merchant-benchmark +bin_SCRIPTS = \ + taler-merchant-rproxy-setup + EXTRA_DIST = \ benchmark-common.conf \ benchmark-cs.conf \ benchmark-rsa.conf \ coins-cs.conf \ - coins-rsa.conf + coins-rsa.conf \ + $(bin_SCRIPTS) taler_merchant_benchmark_SOURCES = \ taler-merchant-benchmark.c diff --git a/src/merchant-tools/taler-merchant-benchmark.c b/src/merchant-tools/taler-merchant-benchmark.c @@ -180,9 +180,9 @@ run (void *cls, "set-auth-valid", apikey), TALER_TESTING_cmd_merchant_post_instances ( - "instance-create-default", + "instance-create-admin", merchant_url, - "default", + "admin", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_merchant_post_account ( "instance-create-default-account", @@ -261,9 +261,9 @@ run (void *cls, "set-auth-valid", apikey), TALER_TESTING_cmd_merchant_post_instances ( - "instance-create-default", + "instance-create-admin", merchant_url, - "default", + "admin", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_merchant_post_account ( "instance-create-default-account", diff --git a/src/merchant-tools/taler-merchant-passwd.c b/src/merchant-tools/taler-merchant-passwd.c @@ -76,7 +76,7 @@ run (void *cls, return; } if (NULL == instance) - instance = GNUNET_strdup ("default"); + instance = GNUNET_strdup ("admin"); cfg = GNUNET_CONFIGURATION_dup (config); if (NULL == (plugin = TALER_MERCHANTDB_plugin_load (cfg))) diff --git a/src/merchant-tools/taler-merchant-rproxy-setup b/src/merchant-tools/taler-merchant-rproxy-setup @@ -0,0 +1,388 @@ +#!/usr/bin/env bash +# +# Usage: +# taler-merchant-rproxy-setup --domain some.domain.name [--nginx | --apache] [--httponly | --httpsonly] +# +# If neither --nginx nor --apache is specified, the script: +# 1) Detects if exactly one of them is installed -> uses it +# 2) Otherwise, errors out +# +# Description: +# - Requires --domain <name> +# - At most one of {--nginx, --apache} (or auto-detection) +# - Optionally {--httponly} or {--httpsonly} (but not both) +# - Checks for required packages (nginx/apache2, certbot (unless HTTP-only)) +# - Verifies Apache modules if using --apache (proxy, proxy_http, headers, ssl) +# - Attempts to start the selected web server +# - Runs certbot to get certificates (unless HTTP-only) +# - Updates config(s), backs up originals, optionally forces HTTP->HTTPS +# - Activates the new configuration +# +# Paths used: +# - Nginx: /etc/nginx/sites-available/taler-merchant +# - Apache: /etc/apache2/sites-available/taler-merchant.conf +# + +########################### +# 0. Parse input arguments +########################### + +DOMAIN="" +USE_NGINX=0 +USE_APACHE=0 +HTTP_ONLY=0 +HTTPS_ONLY=0 + +usage() { + echo "Usage:" + echo " taler-merchant-rproxy-setup --domain <example.com> [--nginx | --apache] [--httponly | --httpsonly]" + echo + echo "Description:" + echo " Configures reverse proxy settings for Taler merchant under either Nginx or Apache." + echo " If no server type is specified, the script auto-detects if exactly one of them is installed." + echo + echo "Options:" + echo " --domain <example.com> (Required) Domain name to configure" + echo " --nginx Force use of Nginx" + echo " --apache Force use of Apache" + echo " --httponly Only configure HTTP (no TLS). Skips certbot." + echo " --httpsonly Configure HTTPS with automatic redirect from HTTP." + echo " -h, --help Show this help message and exit." + exit 0 +} + +########################## +# 0.a. Must run as root +########################## +if [[ $EUID -ne 0 ]]; then + echo "ERROR: This script must be run as root (e.g. with sudo)." + exit 1 +fi + +while [[ $# -gt 0 ]]; do + case "$1" in + --domain) + DOMAIN="$2" + shift 2 + ;; + --nginx) + USE_NGINX=1 + shift + ;; + --apache) + USE_APACHE=1 + shift + ;; + --httponly) + HTTP_ONLY=1 + shift + ;; + --httpsonly) + HTTPS_ONLY=1 + shift + ;; + -h|--help) + usage + ;; + *) + echo "Unknown argument: $1" + echo "Use --help for usage information." + exit 1 + ;; + esac +done + +# Check domain +if [[ -z "$DOMAIN" ]]; then + echo "ERROR: --domain <name> is required." + echo "Use --help for usage information." + exit 1 +fi + +############################## +# 0.b. Optional DNS check +############################## +# Checks that the domain resolves to at least one local IP. +# If it doesn't, you can either warn or exit. Below, we exit. +# If your environment uses NAT or multiple interfaces, you may +# wish to relax this check into a warning. + +if command -v dig &>/dev/null; then + # Gather the local machine's IP addresses + local_ips="$(hostname -I 2>/dev/null || true)" + # Attempt to resolve $DOMAIN via DNS + domain_ips="$(dig +short A "$DOMAIN")" + + if [[ -z "$domain_ips" ]]; then + echo "ERROR: DNS lookup for '$DOMAIN' returned no A record." + echo "Please ensure the domain name is configured correctly in DNS." + exit 1 + fi + + echo "Local IP(s): $local_ips" + echo "Domain IP(s): $domain_ips" + + match_found=0 + while read -r dip; do + if echo "$local_ips" | grep -qw "$dip"; then + match_found=1 + break + fi + done <<< "$domain_ips" + + if [[ $match_found -eq 0 ]]; then + echo "ERROR: None of the DNS IPs for '$DOMAIN' match this server's IP(s)." + echo "Fix DNS or check networking before continuing." + exit 1 + fi +else + echo "WARNING: 'dig' not installed; skipping DNS check." +fi + +############################## +# Detect installed web server +############################## +check_installed() { + dpkg -s "$1" &>/dev/null +} + +# If user did NOT specify --nginx or --apache, see if exactly one is installed. +if [[ $USE_NGINX -eq 0 && $USE_APACHE -eq 0 ]]; then + NGINX_INSTALLED=0 + APACHE_INSTALLED=0 + if check_installed nginx; then + NGINX_INSTALLED=1 + fi + if check_installed apache2; then + APACHE_INSTALLED=1 + fi + + if [[ $NGINX_INSTALLED -eq 1 && $APACHE_INSTALLED -eq 0 ]]; then + USE_NGINX=1 + echo "Detected only nginx installed; proceeding with nginx." + elif [[ $NGINX_INSTALLED -eq 0 && $APACHE_INSTALLED -eq 1 ]]; then + USE_APACHE=1 + echo "Detected only apache2 installed; proceeding with apache." + else + echo "ERROR: Both or neither of nginx/apache2 are installed." + echo " Please install one or specify --nginx / --apache explicitly." + exit 1 + fi +fi + +# At this point, we have either USE_NGINX=1 or USE_APACHE=1. + +# Check that at most one of {--httponly, --httpsonly} +if [[ $HTTP_ONLY -eq 1 && $HTTPS_ONLY -eq 1 ]]; then + echo "ERROR: Cannot specify both --httponly and --httpsonly." + exit 1 +fi + +# We need certbot only if HTTPS is involved +if [[ $HTTP_ONLY -eq 0 ]]; then + if ! check_installed certbot; then + echo "ERROR: certbot is not installed." + echo "Install it via: sudo apt-get install certbot" + exit 1 + fi +fi + +################################### +# 1. Check presence of chosen server +################################### +if [[ $USE_NGINX -eq 1 ]]; then + if ! check_installed nginx; then + echo "ERROR: nginx is not installed or not detected." + echo "Install it via: sudo apt-get install nginx" + exit 1 + fi +else + if ! check_installed apache2; then + echo "ERROR: apache2 is not installed or not detected." + echo "Install it via: sudo apt-get install apache2" + exit 1 + fi + + # Check Apache modules. If missing, enable them. Then restart Apache. + APACHE_MODULES="$(apache2ctl -M 2>/dev/null)" + for mod in proxy proxy_http headers ssl; do + if ! echo "$APACHE_MODULES" | grep -qE "^ $mod(_module)?"; then + echo "Apache module '$mod' not enabled. Enabling it now..." + a2enmod "$mod" + NEED_RESTART=1 + fi + done + + if [[ -n "$NEED_RESTART" ]]; then + echo "Restarting apache2 to load newly enabled module(s)..." + systemctl restart apache2 + fi +fi + +########################################### +# 2. Start/ensure the requested service is up +########################################### +start_service() { + local service_name="$1" + if ! systemctl is-active --quiet "$service_name"; then + echo "Attempting to start $service_name ..." + if ! systemctl start "$service_name"; then + echo "ERROR: Could not start $service_name. Fix manually or switch server type." + exit 1 + fi + fi +} + +if [[ $USE_NGINX -eq 1 ]]; then + start_service "nginx" +else + start_service "apache2" +fi + +####################################################### +# 2.5 Adjust config for HTTP-only (if requested FIRST) +####################################################### +CONFIG_FILE_NGINX="/etc/nginx/sites-available/taler-merchant" +CONFIG_FILE_APACHE="/etc/apache2/sites-available/taler-merchant.conf" + +backup_and_edit_nginx_http_only() { + if [[ ! -f "${CONFIG_FILE_NGINX}.legacy" && -f "$CONFIG_FILE_NGINX" ]]; then + sudo cp "$CONFIG_FILE_NGINX" "${CONFIG_FILE_NGINX}.legacy" + fi + if [[ -f "${CONFIG_FILE_NGINX}.legacy" ]]; then + sudo cp "${CONFIG_FILE_NGINX}.legacy" "$CONFIG_FILE_NGINX" + fi + sudo sed -i "s/%%your\.domain%%/$DOMAIN/g" "$CONFIG_FILE_NGINX" 2>/dev/null + # Remove any 'server { ... listen 443 ... }' block + sudo sed -i '/listen 443/,/}/d' "$CONFIG_FILE_NGINX" 2>/dev/null +} + +backup_and_edit_apache_http_only() { + if [[ ! -f "${CONFIG_FILE_APACHE}.legacy" && -f "$CONFIG_FILE_APACHE" ]]; then + sudo cp "$CONFIG_FILE_APACHE" "${CONFIG_FILE_APACHE}.legacy" + fi + if [[ -f "${CONFIG_FILE_APACHE}.legacy" ]]; then + sudo cp "${CONFIG_FILE_APACHE}.legacy" "$CONFIG_FILE_APACHE" + fi + sudo sed -i "s/%%your\.domain%%/$DOMAIN/g" "$CONFIG_FILE_APACHE" 2>/dev/null + # Remove everything from "<VirtualHost *:443>" to "</VirtualHost>" + sudo sed -i '/<VirtualHost \*:443>/,/<\/VirtualHost>/d' "$CONFIG_FILE_APACHE" 2>/dev/null +} + +if [[ $HTTP_ONLY -eq 1 ]]; then + if [[ $USE_NGINX -eq 1 ]]; then + backup_and_edit_nginx_http_only + if ! systemctl reload nginx; then + echo "ERROR: Failed to reload nginx after HTTP-only config changes." + exit 1 + fi + else + backup_and_edit_apache_http_only + if ! systemctl reload apache2; then + echo "ERROR: Failed to reload apache2 after HTTP-only config changes." + exit 1 + fi + fi +fi + +############################################# +# 3. Acquire certificate via certbot +############################################# +if [[ $HTTP_ONLY -eq 0 ]]; then + echo "Running certbot to obtain certificate for $DOMAIN ..." + echo "Please follow the certbot prompts." + if ! certbot certonly --webroot -w /var/www/html -d "$DOMAIN"; then + echo "ERROR: certbot failed. Exiting." + exit 1 + fi +fi + +############################################################## +# 4. Update config to use SSL (unless strictly HTTP only) +############################################################## +backup_and_edit_nginx_https() { + if [[ ! -f "${CONFIG_FILE_NGINX}.legacy" && -f "$CONFIG_FILE_NGINX" ]]; then + sudo cp "$CONFIG_FILE_NGINX" "${CONFIG_FILE_NGINX}.legacy" + fi + if [[ -f "${CONFIG_FILE_NGINX}.legacy" ]]; then + sudo cp "${CONFIG_FILE_NGINX}.legacy" "$CONFIG_FILE_NGINX" + fi + sudo sed -i "s/%%your\.domain%%/$DOMAIN/g" "$CONFIG_FILE_NGINX" 2>/dev/null + + if [[ $HTTPS_ONLY -eq 1 ]]; then + # Insert a simple HTTP->HTTPS redirect into the server block with "listen 80;" + sudo sed -i '/listen 80;/a \ + if ($scheme = http) { return 301 https://$host$request_uri; }' "$CONFIG_FILE_NGINX" 2>/dev/null + fi +} + +backup_and_edit_apache_https() { + if [[ ! -f "${CONFIG_FILE_APACHE}.legacy" && -f "$CONFIG_FILE_APACHE" ]]; then + sudo cp "$CONFIG_FILE_APACHE" "${CONFIG_FILE_APACHE}.legacy" + fi + if [[ -f "${CONFIG_FILE_APACHE}.legacy" ]]; then + sudo cp "${CONFIG_FILE_APACHE}.legacy" "$CONFIG_FILE_APACHE" + fi + sudo sed -i "s/%%your\.domain%%/$DOMAIN/g" "$CONFIG_FILE_APACHE" 2>/dev/null + + if [[ $HTTPS_ONLY -eq 1 ]]; then + # Insert naive rewrite for forcing HTTPS + sudo sed -i '/<VirtualHost \*:80>/a \ + RewriteEngine On\nRewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R=301,L]' "$CONFIG_FILE_APACHE" 2>/dev/null + fi +} + +if [[ $HTTP_ONLY -eq 0 ]]; then + if [[ $USE_NGINX -eq 1 ]]; then + backup_and_edit_nginx_https + if ! systemctl reload nginx; then + echo "ERROR: Failed to reload nginx after enabling HTTPS." + exit 1 + fi + else + backup_and_edit_apache_https + if ! systemctl reload apache2; then + echo "ERROR: Failed to reload apache2 after enabling HTTPS." + exit 1 + fi + fi +else + echo "HTTP-only mode requested; skipping HTTPS config edits." +fi + +################################################## +# 5. Activate the configuration and final reload +################################################## +if [[ $USE_NGINX -eq 1 ]]; then + # Symlink into sites-enabled if not already done + if [[ -f "/etc/nginx/sites-available/taler-merchant" && ! -e "/etc/nginx/sites-enabled/taler-merchant" ]]; then + echo "Linking /etc/nginx/sites-available/taler-merchant to /etc/nginx/sites-enabled/" + ln -s /etc/nginx/sites-available/taler-merchant /etc/nginx/sites-enabled/ + fi + + echo "Testing nginx configuration..." + if ! nginx -t; then + echo "ERROR: 'nginx -t' reported a problem. Please fix the config before proceeding." + exit 1 + fi + + echo "Reloading nginx with new configuration..." + if ! systemctl reload nginx; then + echo "ERROR: Failed to reload nginx after final activation." + exit 1 + fi +else + echo "Enabling the taler-merchant site in Apache..." + if ! a2ensite taler-merchant; then + echo "ERROR: Failed to run 'a2ensite taler-merchant'." + exit 1 + fi + + echo "Reloading Apache with new configuration..." + if ! systemctl reload apache2; then + echo "ERROR: Failed to reload apache2 after final activation." + exit 1 + fi +fi + +echo "Done. Configuration updated and activated for $DOMAIN." +\ No newline at end of file diff --git a/src/testing/test_kyc_api.c b/src/testing/test_kyc_api.c @@ -225,7 +225,7 @@ run (void *cls, TALER_TESTING_cmd_merchant_kyc_get ( "kyc-auth-done-check", merchant_url, - NULL, /* default instance */ + NULL, /* admin instance */ "instance-create-default-account", /* h_wire_ref: which account to query */ EXCHANGE_URL, TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, @@ -279,7 +279,7 @@ run (void *cls, TALER_TESTING_cmd_merchant_kyc_get ( "kyc-pending", merchant_url, - NULL, /* default instance */ + NULL, /* admin instance */ "instance-create-default-account", /* h_wire_ref: which account to query */ EXCHANGE_URL, TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, @@ -531,7 +531,7 @@ run (void *cls, TALER_TESTING_cmd_merchant_post_instances ( "instance-create-default-setup", merchant_url, - "default", + "admin", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_merchant_post_account ( "instance-create-default-account", diff --git a/src/testing/test_merchant_accounts.sh b/src/testing/test_merchant_accounts.sh @@ -37,11 +37,11 @@ setup -c test_template.conf -m CONF="test_template.conf.edited" LAST_RESPONSE=$(mktemp -p "${TMPDIR:-/tmp}" test_response.conf-XXXXXX) -echo -n "Configuring 'default' instance ..." >&2 +echo -n "Configuring 'admin' instance ..." >&2 STATUS=$(curl -H "Content-Type: application/json" -X POST \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"token","token":"secret-token:new_value"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ + -d '{"auth":{"method":"token","token":"secret-token:new_value"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] diff --git a/src/testing/test_merchant_api.c b/src/testing/test_merchant_api.c @@ -207,9 +207,9 @@ run (void *cls, { struct TALER_TESTING_Command get_private_order_id[] = { TALER_TESTING_cmd_merchant_post_instances ( - "instance-create-default", + "instance-create-admin", merchant_url, - "default", + "admin", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_merchant_post_account ( "instance-create-default-account", @@ -256,9 +256,9 @@ run (void *cls, "4", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_merchant_purge_instance ( - "purge-default", + "purge-admin", merchant_url, - "default", + "admin", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_end () }; @@ -1882,7 +1882,7 @@ run (void *cls, TALER_TESTING_cmd_merchant_post_instances ( "instance-create-default-setup", merchant_url, - "default", + "admin", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_merchant_post_account ( "instance-create-default-account", @@ -2011,12 +2011,12 @@ run (void *cls, TALER_TESTING_cmd_merchant_purge_instance ( "instance-purge-default-middle", merchant_url, - "default", + "admin", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_merchant_post_instances ( "instance-create-default-after-purge", merchant_url, - "default", + "admin", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_merchant_post_account ( "instance-create-default-account-after-purge", diff --git a/src/testing/test_merchant_api_twisted.c b/src/testing/test_merchant_api_twisted.c @@ -331,9 +331,9 @@ run (void *cls, NULL, true, true), - TALER_TESTING_cmd_merchant_post_instances ("instance-create-default", + TALER_TESTING_cmd_merchant_post_instances ("instance-create-admin", twister_merchant_url, - "default", + "admin", MHD_HTTP_NO_CONTENT), TALER_TESTING_cmd_merchant_post_account ( "instance-create-default-account", diff --git a/src/testing/test_merchant_instance_auth.sh b/src/testing/test_merchant_instance_auth.sh @@ -37,11 +37,11 @@ setup -c test_template.conf -m CONF="test_template.conf.edited" LAST_RESPONSE=$(mktemp -p "${TMPDIR:-/tmp}" test_response.conf-XXXXXX) -echo -n "Configuring 'default' instance ..." >&2 +echo -n "Configuring 'admin' instance ..." >&2 STATUS=$(curl -H "Content-Type: application/json" -X POST \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"token","token":"secret-token:new_value"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ + -d '{"auth":{"method":"token","token":"secret-token:new_value"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] @@ -156,7 +156,7 @@ fi echo "OK" >&2 -echo -n "Updating 'second' instance token using the 'default' auth token..." >&2 +echo -n "Updating 'second' instance token using the 'new_one' auth token..." >&2 STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer '"$NEW_SECRET" \ diff --git a/src/testing/test_merchant_instance_creation.sh b/src/testing/test_merchant_instance_creation.sh @@ -23,7 +23,7 @@ setup -c test_template.conf -m -echo -n "Configuring a merchant instance before configuring the default instance ..." +echo -n "Configuring a merchant instance before configuring the admin instance ..." STATUS=$(curl -H "Content-Type: application/json" -X POST \ http://localhost:9966/management/instances \ @@ -38,12 +38,12 @@ fi echo " OK" -echo -n "Configuring default instance ..." +echo -n "Configuring admin instance ..." STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"external"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ + -d '{"auth":{"method":"external"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "401" ] diff --git a/src/testing/test_merchant_instance_purge.sh b/src/testing/test_merchant_instance_purge.sh @@ -22,12 +22,12 @@ # Launch only the merchant. setup -c test_template.conf -m -echo -n "Configuring default instance ..." >&2 +echo -n "Configuring admin instance ..." >&2 STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"external"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ + -d '{"auth":{"method":"external"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] diff --git a/src/testing/test_merchant_instance_response.sh b/src/testing/test_merchant_instance_response.sh @@ -29,7 +29,7 @@ STATUS=$(curl -H "Content-Type: application/json" -X OPTIONS \ if [ "$STATUS" != "204" ] then - exit_fail "Expected 204 when default instance does not exist yet. got: $STATUS" + exit_fail "Expected 204 when admin instance does not exist yet. got: $STATUS" fi STATUS=$(curl -H "Content-Type: application/json" -X GET \ @@ -39,13 +39,13 @@ STATUS=$(curl -H "Content-Type: application/json" -X GET \ if [ "$STATUS" != "404" ] then - exit_fail "Expected 404 when the default instance is not yet created. got: $STATUS" + exit_fail "Expected 404 when the admin instance is not yet created. got: $STATUS" fi STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"token","token":"secret-token:other_secret"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ + -d '{"auth":{"method":"token","token":"secret-token:other_secret"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] @@ -59,7 +59,7 @@ STATUS=$(curl -H "Content-Type: application/json" -X GET \ if [ "$STATUS" != "401" ] then - exit_fail "Expected 401 without the token for the list of product when the default instance was created. got: $STATUS" + exit_fail "Expected 401 without the token for the list of product when the admin instance was created. got: $STATUS" fi STATUS=$(curl -H "Content-Type: application/json" -X GET \ @@ -69,7 +69,7 @@ STATUS=$(curl -H "Content-Type: application/json" -X GET \ if [ "$STATUS" != "200" ] then - exit_fail "Expected 200 for the list of product when the default instance was created. got: $STATUS" + exit_fail "Expected 200 for the list of product when the admin instance was created. got: $STATUS" fi STATUS=$(curl -H "Content-Type: application/json" -X POST \ @@ -121,7 +121,7 @@ STATUS=$(curl -H "Content-Type: application/json" -X GET \ if [ "$STATUS" != "404" ] then - exit_fail "Expected 404 when trying to list the product and the default instance was deleted. got: $STATUS" + exit_fail "Expected 404 when trying to list the product and the admin instance was deleted. got: $STATUS" fi echo "Test PASSED" diff --git a/src/testing/test_merchant_kyc.sh b/src/testing/test_merchant_kyc.sh @@ -29,12 +29,12 @@ setup \ -u "exchange-account-2" LAST_RESPONSE=$(mktemp -p "${TMPDIR:-/tmp}" test_response.conf-XXXXXX) -echo -n "Configuring a merchant default instance ..." +echo -n "Configuring a merchant admin instance ..." STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"external"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ + -d '{"auth":{"method":"external"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] diff --git a/src/testing/test_merchant_order_autocleanup.sh b/src/testing/test_merchant_order_autocleanup.sh @@ -97,7 +97,7 @@ fi STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ "http://localhost:9966/management/instances" \ - -d '{"auth":{"method":"external"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ + -d '{"auth":{"method":"external"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] diff --git a/src/testing/test_merchant_order_creation.sh b/src/testing/test_merchant_order_creation.sh @@ -97,7 +97,7 @@ echo -n "Configuring merchant instance ..." STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"external"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000000},"default_pay_delay":{"d_us": 60000000000}}' \ + -d '{"auth":{"method":"external"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000000},"default_pay_delay":{"d_us": 60000000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] diff --git a/src/testing/test_merchant_order_refund.sh b/src/testing/test_merchant_order_refund.sh @@ -97,7 +97,7 @@ echo -n "Configuring merchant instance ..." STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"external"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000000},"default_pay_delay":{"d_us": 60000000000}}' \ + -d '{"auth":{"method":"external"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000000},"default_pay_delay":{"d_us": 60000000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] diff --git a/src/testing/test_merchant_product_creation.sh b/src/testing/test_merchant_product_creation.sh @@ -66,7 +66,7 @@ echo -n "Configuring merchant instance ..." STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ "http://localhost:9966/management/instances" \ - -d '{"auth":{"method":"external"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ + -d '{"auth":{"method":"external"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] diff --git a/src/testing/test_merchant_transfer_tracking.sh b/src/testing/test_merchant_transfer_tracking.sh @@ -99,7 +99,7 @@ echo " OK" # CREATE INSTANCE FOR TESTING # -echo -n "Configuring merchant default instance ..." +echo -n "Configuring merchant admin instance ..." if [ 1 = "$USE_FAKEBANK" ] then TOR_PAYTO="payto://x-taler-bank/localhost/tor?receiver-name=tor" @@ -117,7 +117,7 @@ fi STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"external"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ + -d '{"auth":{"method":"external"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] @@ -273,7 +273,7 @@ set +e echo -n "Notifying merchant of correct wire transfer, but on wrong instance..." #issue 6912 -#here we are notifying the transfer into a wrong instance (default) and the payto_uri of the default instance +#here we are notifying the transfer into a wrong instance (admin) and the payto_uri of the admin instance STATUS=$(curl 'http://localhost:9966/private/transfers' \ -d "{\"credit_amount\":\"$CREDIT_AMOUNT\",\"wtid\":\"$WTID\",\"payto_uri\":\"$TOR_PAYTO\",\"exchange_url\":\"$WURL\"}" \ -m 3 \ @@ -287,7 +287,7 @@ fi echo " OK" -echo -n "Fetching wire transfers of DEFAULT instance ..." +echo -n "Fetching wire transfers of ADMIN instance ..." STATUS=$(curl 'http://localhost:9966/private/transfers' \ -w "%{http_code}" -s -o "$LAST_RESPONSE") diff --git a/src/testing/test_merchant_wirewatch.sh b/src/testing/test_merchant_wirewatch.sh @@ -82,7 +82,7 @@ else export NEXUS_ACCOUNT_NAME="GnunetCredit" # The 'gnunet' account is created by # taler-bank-manage-testing and used for - # the 'default' instance, so this must be used here. + # the 'admin' instance, so this must be used here. export SANDBOX_ACCOUNT_NAME="gnunet" export LIBEUFIN_NEXUS_URL="http://localhost:8082" @@ -206,7 +206,7 @@ echo " OK" # CREATE INSTANCE FOR TESTING # -echo -n "Configuring merchant default instance ..." +echo -n "Configuring merchant admin instance ..." if [ 1 = "$USE_FAKEBANK" ] then GNUNET_PAYTO="payto://x-taler-bank/localhost/gnunet?receiver-name=gnunet" @@ -216,7 +216,7 @@ fi STATUS=$(curl -H "Content-Type: application/json" -X POST \ -H 'Authorization: Bearer secret-token:super_secret' \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"external"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ + -d '{"auth":{"method":"external"},"id":"admin","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 50000000},"default_pay_delay":{"d_us": 60000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] @@ -331,7 +331,7 @@ taler-merchant-wirewatch \ -L INFO &> merchant-wirewatch.log echo " OK" -echo -n "Fetching wire transfers of DEFAULT instance ..." +echo -n "Fetching wire transfers of ADMIN instance ..." STATUS=$(curl 'http://localhost:9966/private/transfers' \ -w "%{http_code}" \ -s \