taler-deployment

Deployment scripts and configuration files
Log | Files | Refs | README
commit 20ea50b69488f4cd0062d8391bd62f0a7d393847
parent 6632034c322fe7518a7751cd6681cb43f668917e
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sat,  4 Mar 2023 16:29:12 +0100

fix libeufin deployment script issues

Diffstat:

Mnetzbon/config_launch_libeufin.sh | 68++++++++++++++++++++++++++++++++++++++++++--------------------------


Mnetzbon/install_debian_packages.sh | 1+


2 files changed, 43 insertions(+), 26 deletions(-)

diff --git a/netzbon/config_launch_libeufin.sh b/netzbon/config_launch_libeufin.sh
@@ -20,10 +20,8 @@
 # OUTPUTS:
 #
 # LIBEUFIN_NEXUS_USERNAME -- username of the exchange
-# LIBEUFIN_NEXUS_PASSWORD -- password of the exchange
-#
-# FIXME: missing output!
-# LIBEUFIN_SANDBOX_EXCHANGE_IBAN -- IBAN of the exchange
+# EXCHANGE_IBAN -- IBAN of the exchange
+# EXCHANGE_PAYTO -- payto-URI of the exchange
 
 set -eu
 
@@ -38,7 +36,9 @@ EBICS_HOST_ID="TALERHOST"
 EBICS_PARTNER_ID="talerop"
 EBICS_USER_ID="exchangeebics"
 EBICS_CONNECTION_NAME="exchangeconn"
-# FIXME: "exchange-at-nexus" also should be one of these
+LIBEUFIN_TALER_FACADE="taler-facade"
+export LIBEUFIN_NEXUS_USERNAME="exchange-at-nexus"
+echo "LIBEUFIN_NEXUS_USERNAME=\"${LIBEUFIN_NEXUS_USERNAME}\"" >> config/internal.conf
 
 # Load configuration with
 # LIBEUFIN_NEXUS_DB_CONNECTION and
@@ -52,6 +52,10 @@ then
     exit 1
 fi
 
+export LIBEUFIN_NEXUS_PASSWORD=$NEXUS_EXCHANGE_PASSWORD
+export LIBEUFIN_NEXUS_URL="http://localhost:${LIBEUFIN_NEXUS_PORT}"
+
+
 # Load configuration with
 # LIBEUFIN_SANDBOX_DB_CONNECTION and
 # LIBEUFIN_SANDBOX_PORT
@@ -64,8 +68,12 @@ then
     exit 1
 fi
 
-# - DATABASE_CONNECTION="jdbc:postgresql://localhost:5432/$DB_NAME?user=$ROLE_NAME"
+export LIBEUFIN_SANDBOX_ADMIN_PASSWORD="${SANDBOX_ADMIN_PASSWORD}"
+# FIXME: this should be done inside the Debian package (incl. pw generation!)
+# We need to add this password to the systemd environment to make it effective.
+echo "LIBEUFIN_SANDBOX_ADMIN_PASSWORD=\"${SANDBOX_ADMIN_PASSWORD}\"" >> /etc/libeufin/sandbox.env
 
+SANDBOX_URL="http://localhost:${LIBEUFIN_SANDBOX_PORT}/"
 
 echo -n "Configure the default demobank with ${CURRENCY}..."
 cd /tmp
@@ -79,23 +87,21 @@ libeufin-sandbox config \
     default
 echo "DONE"
 echo -n "Start the bank..."
-export LIBEUFIN_SANDBOX_ADMIN_PASSWORD="${SANDBOX_ADMIN_PASSWORD}"
-
-echo "LIBEUFIN_SANDBOX_ADMIN_PASSWORD=\"${SANDBOX_ADMIN_PASSWORD}\"" >> /etc/libeufin/sandbox.env
-# TODO: grab port from configuration?
-SANDBOX_URL="http://localhost:${LIBEUFIN_SANDBOX_PORT}/"
 systemctl enable --now libeufin-sandbox
 
 echo "DONE"
 echo -n "Wait for the bank..."
-curl --max-time 2 --retry-connrefused --retry-delay 1 --retry 10 ${SANDBOX_URL} &> /dev/null
+curl --max-time 2 \
+     --retry-connrefused \
+     --retry-delay 1 \
+     --retry 10 \
+     ${SANDBOX_URL} &> /dev/null
 echo "DONE"
 
 
-
 echo -n "Make one superuser at Nexus..."
 sudo -E -u libeufin-nexus libeufin-nexus superuser \
-  exchange-at-nexus \
+  ${LIBEUFIN_NEXUS_USERNAME} \
   --password $NEXUS_EXCHANGE_PASSWORD
 echo "DONE"
 echo -n "Launching Nexus..."
@@ -104,13 +110,21 @@ systemctl enable --now libeufin-nexus
 
 echo "DONE"
 echo -n "Waiting for Nexus..."
-curl --max-time 2 --retry-connrefused --retry-delay 1 --retry 10 http://localhost:5017/ &> /dev/null
+curl --max-time 2 \
+     --retry-connrefused \
+     --retry-delay 1 \
+     --retry 10 \
+     ${LIBEUFIN_NEXUS_URL} &> /dev/null
 echo "DONE"
 
 
 echo -n "Register the exchange Sandbox account..."
 export LIBEUFIN_SANDBOX_USERNAME="exchange-at-sandbox"
-export LIBEUFIN_SANDBOX_PASSWORD=$SANDBOX_EXCHANGE_PASSWORD
+export LIBEUFIN_SANDBOX_PASSWORD="${SANDBOX_EXCHANGE_PASSWORD}"
+# Succeed also if the account already exists...
+# (hopefully with the same password!)
+# FIXME: might be better to DELETE an existing
+# account here instead!??
 libeufin-cli \
   sandbox --sandbox-url ${SANDBOX_URL} \
   demobank register || true
@@ -129,6 +143,8 @@ EXCHANGE_PAYTO=$(echo $EXCHANGE_DETAILS | jq -r .paytoUri)
 # needs it for the /wire response.
 export EXCHANGE_IBAN
 export EXCHANGE_PAYTO
+echo "EXCHANGE_IBAN=\"${EXCHANGE_IBAN}\" >> config/internal.conf
+echo "EXCHANGE_PAYTO=\"${EXCHANGE_PAYTO}\" >> config/internal.conf
 
 echo -n "Setting the default exchange at Sandbox..."
 libeufin-sandbox default-exchange "https://exchange.$DOMAIN_NAME/" $EXCHANGE_PAYTO
@@ -146,15 +162,14 @@ echo "OK"
 echo -n "Create exchange EBICS subscriber at Sandbox..."
 libeufin-cli sandbox \
   --sandbox-url ${SANDBOX_URL} \
-  demobank new-ebicssubscriber --host-id ${EBICS_HOST_ID} \
-  --user-id ${EBICS_USER_ID} --partner-id ${EBICS_PARTNER_ID} \
-  --bank-account exchange-at-sandbox
+  demobank new-ebicssubscriber \
+  --host-id ${EBICS_HOST_ID} \
+  --user-id ${EBICS_USER_ID} \
+  --partner-id ${EBICS_PARTNER_ID} \
+  --bank-account ${LIBEUFIN_SANDBOX_USERNAME}
 echo "OK"
 
 
-export LIBEUFIN_NEXUS_USERNAME="exchange-at-nexus"
-export LIBEUFIN_NEXUS_PASSWORD=$NEXUS_EXCHANGE_PASSWORD
-export LIBEUFIN_NEXUS_URL="http://localhost:${LIBEUFIN_NEXUS_PORT}"
 echo -n "Creating the EBICS connection at Nexus..."
 libeufin-cli connections new-ebics-connection \
   --ebics-url "${SANDBOX_URL}ebicsweb" \
@@ -174,14 +189,15 @@ echo "OK"
 
 echo -n "Importing bank account info into Nexus..."
 libeufin-cli connections import-bank-account \
-  --offered-account-id exchange-at-sandbox \
-  --nexus-bank-account-id exchange-at-nexus \
+  --offered-account-id ${LIBEUFIN_SANDBOX_USERNAME} \
+  --nexus-bank-account-id ${LIBEUFIN_NEXUS_USERNAME} \
   ${EBICS_CONNECTION_NAME}
 echo "OK"
 
 echo -n "Create the Taler facade at Nexus..."
 libeufin-cli facades \
   new-taler-wire-gateway-facade \
-  --currency $CURRENCY --facade-name netzbon-facade \
-  ${EBICS_CONNECTION_NAME} exchange-at-nexus
+  --currency $CURRENCY \
+  --facade-name ${LIBEUFIN_TALER_FACADE} \
+  ${EBICS_CONNECTION_NAME} ${LIBEUFIN_NEXUS_USERNAME}
 echo "OK"
diff --git a/netzbon/install_debian_packages.sh b/netzbon/install_debian_packages.sh
@@ -16,6 +16,7 @@ apt update
 
 apt install uuid-runtime \
     curl \
+    jq \
     wget \
     nginx \
     postgresql-${PG_VERSION} \