sandcastle-ng

Scripts for the deployment of Sandcastle (GNU Taler)
Log | Files | Refs | README
commit 19d5e6d4c93b950607d2d9818dd8a557709a9b71
parent 5522cfa999ed6ffe141629658a8ad99cab0cde87
Author: Florian Dold <florian@dold.me>
Date:   Tue,  3 Dec 2024 01:56:56 +0100

wip

Diffstat:

Mbuildconfig/merchant.tag | 2+-


Mscripts/demo/setup-sandcastle.sh | 39+++++++++++++++++++++++++++------------


2 files changed, 28 insertions(+), 13 deletions(-)

diff --git a/buildconfig/merchant.tag b/buildconfig/merchant.tag
@@ -1 +1 @@
-v0.14.1-dev.10
+v0.14.1-dev.11
diff --git a/scripts/demo/setup-sandcastle.sh b/scripts/demo/setup-sandcastle.sh
@@ -71,6 +71,8 @@ PORT_INTERNAL_BANK_SPA=8505
 PORT_INTERNAL_CHALLENGER=8506
 PORT_INTERNAL_AUDITOR=8507
 
+ENABLE_AUDITOR=0
+
 # Just make sure the services are stopped
 systemctl stop taler-auditor.target
 systemctl stop taler-exchange.target
@@ -477,6 +479,15 @@ AML_THRESHOLD = $CURRENCY:1000000
 MASTER_PUBLIC_KEY = $MASTER_PUBLIC_KEY
 BASE_URL = $PROTO://$EXCHANGE_DOMAIN$PORT_SUFFIX/
 
+[taler-exchange-secmod-rsa]
+LOOKAHEAD_SIGN = 4 weeks
+
+[taler-exchange-secmod-eddsa]
+LOOKAHEAD_SIGN = 4 weeks
+
+[taler-exchange-secmod-cs]
+LOOKAHEAD_SIGN = 4 weeks
+
 [exchange-account-default]
 PAYTO_URI = $EXCHANGE_FULL_PAYTO
 ENABLE_DEBIT = YES
@@ -587,9 +598,11 @@ if [[ ! -e /etc/taler-exchange/conf.d/sandcastle-$CURRENCY-coins.conf ]]; then
     >"/etc/taler-exchange/conf.d/sandcastle-$CURRENCY-coins.conf"
 fi
 
-# Add auditor user to DB group *before* running taler-exchange-dbconfig,
-# so that DB permissions are adjusted accordingly.
-usermod taler-auditor-httpd -aG taler-exchange-db
+if [[ $ENABLE_AUDITOR = 1 ]]; then
+  # Add auditor user to DB group *before* running taler-exchange-dbconfig,
+  # so that DB permissions are adjusted accordingly.
+  usermod taler-auditor-httpd -aG taler-exchange-db
+fi
 
 echo "Initializing exchange database"
 taler-exchange-dbconfig
@@ -622,22 +635,24 @@ systemctl enable --now taler-exchange-offline.timer
 # Set up exchange auditor
 #
 
-# Make sandcastle exchange config available to auditor
-cp /etc/taler-exchange/conf.d/sandcastle-exchange.conf /etc/taler-auditor/conf.d/sandcastle-exchange.conf
+if [[ $ENABLE_AUDITOR = 1 ]]; then
+  # Make sandcastle exchange config available to auditor
+  cp /etc/taler-exchange/conf.d/sandcastle-exchange.conf /etc/taler-auditor/conf.d/sandcastle-exchange.conf
 
-# We run the offline tooling as root, maybe in the future there should be
-# a separate user created by the Debian package for that.
-AUDITOR_PUB=$(taler-auditor-offline setup)
+  # We run the offline tooling as root, maybe in the future there should be
+  # a separate user created by the Debian package for that.
+  AUDITOR_PUB=$(taler-auditor-offline setup)
 
-cat <<EOF >/etc/taler-auditor/conf.d/sandcastle-auditor.conf
+  cat <<EOF >/etc/taler-auditor/conf.d/sandcastle-auditor.conf
 [auditor]
 PUBLIC_KEY = $AUDITOR_PUB
 EOF
 
-taler-auditor-dbconfig
+  taler-auditor-dbconfig
 
-systemctl enable --now taler-auditor.target
-# FIXME: also enable auditor helpers!
+  systemctl enable --now taler-auditor.target
+  # FIXME: also enable auditor helpers!
+fi
 
 # Set up merchant backend