taler-deployment

Deployment scripts and configuration files
Log | Files | Refs | README
commit 641ec8b3e0e13b78d67d38b01a4410f5f2a1abdc
parent c0b93a7f28a828da2a0a055140742fb1893e3140
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sat,  4 Mar 2023 17:29:42 +0100

work on exchange setup

Diffstat:

Mnetzbon/install_debian_packages.sh | 1+


Mnetzbon/setup-exchange.sh | 106+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------


2 files changed, 88 insertions(+), 19 deletions(-)

diff --git a/netzbon/install_debian_packages.sh b/netzbon/install_debian_packages.sh
@@ -43,4 +43,5 @@ wget -P /etc/apt/keyrings https://taler.net/taler-systems.gpg
 apt update
 apt install taler-exchange -y
 apt install taler-merchant -y
+apt install taler-harness -y
 apt install libeufin-sandbox libeufin-nexus -y
diff --git a/netzbon/setup-exchange.sh b/netzbon/setup-exchange.sh
@@ -9,41 +9,109 @@ source config/internal.conf
 # Required inputs:
 #
 # - LIBEUFIN_NEXUS_USERNAME (exchange username for libeufin-nexus)
-# - LIBEUFIN_NEXUS_PASSWORD (exchange password for libeufin-nexus)
-# - LIBEUFIN_SANDBOX_EXCHANGE_IBAN (exchange account IBAN)
+# - NEXUS_EXCHANGE_PASSWORD (exchange password for libeufin-nexus)
+# - EXCHANGE_IBAN (exchange account IBAN)
+# - EXCHANGE_PAYTO (exchange account PAYTO)
 
 if test -z ${LIBEUFIN_NEXUS_USERNAME:-}
 then
     say "Failure: LIBEUFIN_NEXUS_USERNAME not set"
     exit 1
 fi
-if test -z ${LIBEUFIN_NEXUS_PASSWORD:-}
+if test -z ${NEXUS_EXCHANGE_PASSWORD:-}
 then
-    say "Failure: LIBEUFIN_NEXUS_PASSWORD not set"
+    say "Failure: NEXUS_EXCHANGE_PASSWORD not set"
     exit 1
 fi
-if test -z ${LIBEUFIN_SANDBOX_EXCHANGE_IBAN:-}
+if test -z ${EXCHANGE_IBAN:-}
 then
-    say "Failure: LIBEUFIN_SANDBOX_EXCHANGE_IBAN not set"
+    say "Failure: EXCHANGE_IBAN not set"
     exit 1
 fi
+if test -z ${EXCHANGE_PAYTO:-}
+then
+    say "Failure: EXCHANGE_PAYTO not set"
+    exit 1
+fi
+
+# Create master key as root *unless* user already
+# set the MASTER_PUBLIC_KEY to some value we can use.
+if test -z ${MASTER_PUBLIC_KEY:-}
+then
+    say "Setting up offline key"
+    mkdir -p ~/.local/share/taler/exchange/offline-keys
+    MASTER_PRIV_FILE=~/.local/share/taler/exchange/offline-keys/master.priv
+    gnunet-ecc -g1 ${MASTER_PRIV_FILE}
+    MASTER_PUBLIC_KEY=`gnunet-ecc -p ~/.local/share/taler/exchange/offline-keys/master.priv`
+fi
+
+export MASTER_PUBLIC_KEY
+echo "MASTER_PUBLIC_KEY=\"${MASTER_PUBLIC_KEY}\"" >> config/taler-internal.conf
+
+
+say "Configuring exchange"
+
+export EXCHANGE_BASE_URL="https://exchange.${DOMAIN_NAME}"
+# Generate /etc/taler/conf.d/setup.conf
+
+echo -e "[taler]\n"\
+        "CURRENCY=${CURRENCY}\n"\
+        "CURRENCY_ROUND_UNIT=${CURRENCY}:0.01\n"\
+        "AML_THRESHOLD=${CURRENCY}:1000000\n"\
+        "\n"\
+        "[exchange]\n"\
+        "MASTER_PUBLIC_KEY=${MASTER_PUBLIC_KEY}\n"\
+        "MASTER_PRIV_FILE=${MASTER_PUBLIC_KEY}\n"\
+        "BASE_URL=${EXCHANGE_BASE_URL}\n"\
+        "\n"\
+        "[exchange-account-default]\n"\
+        "PAYTO_URI=${EXCHANGE_PAYTO}\n"\
+        "ENABLE_DEBIT=YES\n"\
+        "ENABLE_CREDIT=YES\n"\
+        "@inline-secret@ exchange-accountcredentials-default ../secrets/exchange-accountcredentials-default.secret.conf\n"
+     > /etc/taler/conf.d/setup.conf
+
+echo -e "[exchange-accountcredentials-default]\n"\
+        "WIRE_GATEWAY_URL=${CURRENCY}\n"\
+        "WIRE_GATEWAY_AUTH_METHOD=basic\n"\
+        "USERNAME=${LIBEUFIN_NEXUS_USERNAME}\n"\
+        "PASSWORD=${NEXUS_EXCHANGE_PASSWORD}\n"\
+     >> /etc/taler/secrets/exchange-accountcredentials-default.secret.conf
+
+taler-harness deployment gen-coin-config \
+              --min-amount ${CURRENCY}:0.01 \
+              --max-amount ${CURRENCY}:100 \
+    | sed -e "s/FEE_DEPOSIT = ${CURRENCY}:0.01/FEE_DEPOSIT = ${CURRENCY}:0/" \
+    > /etc/taler/conf.d/${CURRENCY}-coins.conf
 
-# Create master key as root
+say "Launching exchange"
+systemctl enable --now taler-exchange
 
-mkdir -p ~/.local/share/taler/exchange/offline-keys
-gnunet-ecc -g1 ~/.local/share/taler/exchange/offline-keys/master.priv
 
-# Modify config/taler.conf
+echo -n "Waiting for exchange..."
+curl --max-time 2 \
+     --retry-connrefused \
+     --retry-delay 1 \
+     --retry 10 \
+     ${EXCHANGE_BASE_URL}/config &> /dev/null
+echo "DONE"
 
-# Then, modify the MASTER_PUBLIC_KEY option in taler.conf to contain
-# the public key. You can see the value to add using:
+say "Offline interaction..."
 
-# FIXME: Debian package not using /etc/taler.conf!?!?
-# FIXME: how is this supposed to work!?!?
-su -c "gnunet-ecc -p ~/.local/share/taler/exchange/offline-keys/master.priv" exchange > MASTER_PUBLIC_KEY
-echo ${MASTER_PUBLIC_KEY} >> config/taler-internal.conf
+taler-exchange-offline \
+    -c /etc/taler/taler.conf \
+    download \
+    sign \
+    enable-account ${EXCHANGE_PAYTO} \
+    wire-fee now iban ${CURRENCY}:0 ${CURRENCY}:0 \
+    global-fee now ${CURRENCY}:0 ${CURRENCY}:0 ${CURRENCY}:0 1h 6y 0 \
+    upload
 
-# Set a password for the exchange account at the bank
 
-# Next, set a password for the Exchange account at the bank, using
-# the 'bank' user:
+echo -n "Waiting for exchange /keys..."
+curl --max-time 2 \
+     --retry-connrefused \
+     --retry-delay 1 \
+     --retry 10 \
+     ${EXCHANGE_BASE_URL}/keys &> /dev/null
+echo "DONE"