commit 7d492fae094befa19003374d91ed1863ae9b6ea0 parent 9470bdf9abf0fb67eb976e6d2c55c2eed8671ac4 Author: Florian Dold <florian@dold.me> Date: Wed, 24 Sep 2025 15:36:26 +0200 fix provisioning from scratch Diffstat:
| M | scripts/demo/setup-sandcastle.sh | | | 131 | ++++++++++++++++++++++++++++++++++++++++++++++++------------------------------- |
1 file changed, 80 insertions(+), 51 deletions(-)
diff --git a/scripts/demo/setup-sandcastle.sh b/scripts/demo/setup-sandcastle.sh @@ -824,63 +824,92 @@ taler-harness deployment wait-taler-service taler-merchant ${MERCHANT_BASEURL}co function reset_merchant_pw() { pw=$(get_credential_pw merchant/$1) - sudo -u taler-merchant-httpd taler-merchant-passwd --instance "$1" "$pw" || true + sudo -u taler-merchant-httpd taler-merchant-passwd --instance "$1" "$pw" + if [[ $? -eq 2 ]]; then + echo "Instance $1 does not exist" >&2 + return 2 + fi + if [[ $? -ne 0 ]]; then + echo "Failed to reset password for merchant instance $1" >&2 + exit 1 + fi } -reset_merchant_pw admin +# FIXME: Move this into a harness tool (that just reads a config file)? + +instance_missing=no +reset_merchant_pw admin || instance_missing=yes +if [[ $instance_missing = yes ]]; then + taler-harness deployment provision-merchant-instance \ + ${MERCHANT_BASEURL} \ + --management-token "secret-token:none" \ + --instance-password $(get_credential_pw merchant/admin) \ + --name Merchant \ + --id admin \ + --payto "$MERCHANT_PAYTO_ADMIN" +fi + ADMIN_TOK=$(taler-harness merchant token ${MERCHANT_BASEURL} admin --password $(get_credential_pw merchant/admin)) -taler-harness deployment provision-merchant-instance \ - ${MERCHANT_BASEURL} \ - --management-token $ADMIN_TOK \ - --instance-password $(get_credential_pw merchant/admin) \ - --name Merchant \ - --id admin \ - --payto "$MERCHANT_PAYTO_ADMIN" -reset_merchant_pw pos -taler-harness deployment provision-merchant-instance \ - ${MERCHANT_BASEURL} \ - --management-token $ADMIN_TOK \ - --instance-password $(get_credential_pw merchant/pos) \ - --name "POS Merchant" \ - --id pos \ - --payto "$MERCHANT_PAYTO_POS" +instance_missing=no +reset_merchant_pw pos || instance_missing=yes +if [[ $instance_missing = yes ]]; then + taler-harness deployment provision-merchant-instance \ + ${MERCHANT_BASEURL} \ + --management-token $ADMIN_TOK \ + --instance-password $(get_credential_pw merchant/pos) \ + --name "POS Merchant" \ + --id pos \ + --payto "$MERCHANT_PAYTO_POS" +fi -reset_merchant_pw blog -taler-harness deployment provision-merchant-instance \ - ${MERCHANT_BASEURL} \ - --management-token $ADMIN_TOK \ - --instance-password $(get_credential_pw merchant/blog) \ - --name "Blog Merchant" \ - --id blog \ - --payto "$MERCHANT_PAYTO_BLOG" +instance_missing=no +reset_merchant_pw blog || instance_missing=yes +if [[ $instance_missing = yes ]]; then + taler-harness deployment provision-merchant-instance \ + ${MERCHANT_BASEURL} \ + --management-token $ADMIN_TOK \ + --instance-password $(get_credential_pw merchant/blog) \ + --name "Blog Merchant" \ + --id blog \ + --payto "$MERCHANT_PAYTO_BLOG" +fi -reset_merchant_pw gnunet -taler-harness deployment provision-merchant-instance \ - ${MERCHANT_BASEURL} \ - --management-token $ADMIN_TOK \ - --instance-password $(get_credential_pw merchant/gnunet) \ - --name "GNUnet Merchant" \ - --id gnunet \ - --payto "$MERCHANT_PAYTO_GNUNET" +instance_missing=no +reset_merchant_pw gnunet || instance_missing=yes +if [[ $instance_missing = yes ]]; then + taler-harness deployment provision-merchant-instance \ + ${MERCHANT_BASEURL} \ + --management-token $ADMIN_TOK \ + --instance-password $(get_credential_pw merchant/gnunet) \ + --name "GNUnet Merchant" \ + --id gnunet \ + --payto "$MERCHANT_PAYTO_GNUNET" +fi -reset_merchant_pw taler -taler-harness deployment provision-merchant-instance \ - ${MERCHANT_BASEURL} \ - --management-token $ADMIN_TOK \ - --instance-password $(get_credential_pw merchant/taler) \ - --name "Taler Merchant" \ - --id taler \ - --payto "$MERCHANT_PAYTO_TALER" +instance_missing=no +reset_merchant_pw taler || instance_missing=yes +if [[ $instance_missing = yes ]]; then + taler-harness deployment provision-merchant-instance \ + ${MERCHANT_BASEURL} \ + --management-token $ADMIN_TOK \ + --instance-password $(get_credential_pw merchant/taler) \ + --name "Taler Merchant" \ + --id taler \ + --payto "$MERCHANT_PAYTO_TALER" +fi -reset_merchant_pw tor -taler-harness deployment provision-merchant-instance \ - ${MERCHANT_BASEURL} \ - --management-token $ADMIN_TOK \ - --instance-password $(get_credential_pw merchant/tor) \ - --name "Tor Merchant" \ - --id tor \ - --payto "$MERCHANT_PAYTO_TOR" +instance_missing=no +reset_merchant_pw tor || instance_missing=yes +if [[ $instance_missing = yes ]]; then + taler-harness deployment provision-merchant-instance \ + ${MERCHANT_BASEURL} \ + --management-token $ADMIN_TOK \ + --instance-password $(get_credential_pw merchant/tor) \ + --name "Tor Merchant" \ + --id tor \ + --payto "$MERCHANT_PAYTO_TOR" +fi # Special instance with fixed "sandbox" password sudo -u taler-merchant-httpd taler-merchant-passwd --instance sandbox sandbox || true @@ -899,8 +928,8 @@ valid_before_ts=$(date -u +%s -d '+1 year') # one year later duration_us=$((30 * 24 * 60 * 60 * 1000000)) # 30 days validity_granularity_us=$((24 * 60 * 60 * 1000000)) # 1 day -for lang in "${langs[@]}"; -do +# FIXME: Move this into a harness tool? +for lang in "${langs[@]}"; do curl -X POST "${MERCHANT_BASEURL}instances/blog/private/tokenfamilies" \ -H "Authorization: Bearer secret-token:$(get_credential_pw merchant/blog)" \ -H "Content-Type: application/json" \