taler-deployment

Deployment scripts and configuration files
Log | Files | Refs | README
commit ac277e06d543205dddc9f184b9bfc6bcc0fb44ce
parent 193972baa1de6d0c98f54dd4f1420d880507c4b3
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sat,  4 Mar 2023 11:04:22 +0100

misc FIXMEs

Diffstat:

Mnetzbon/config_nginx.sh | 6++++++


Mnetzbon/main.sh | 2++


Mnetzbon/setup-exchange.sh | 41++++++++++++++++++++++++++++-------------


Mnetzbon/setup-merchant.sh | 2++


4 files changed, 38 insertions(+), 13 deletions(-)

diff --git a/netzbon/config_nginx.sh b/netzbon/config_nginx.sh
@@ -3,6 +3,7 @@
 
 # Inputs: DOMAIN_NAME
 
+say "Configuring Nginx"
 systemctl stop nginx
 
 SITES_AVAILABLE_DIR=/etc/nginx/sites-available
@@ -13,6 +14,11 @@ sed -i 's/server_name localhost/server_name merchant.${DOMAIN_NAME}/g' ${SITES_A
 ln -s ${SITES_AVAILABLE_DIR}/taler-merchant ${SITES_ENABLED_DIR}/taler-merchant.conf
 ln -s ${SITES_AVAILABLE_DIR}/taler-exchange ${SITES_ENABLED_DIR}/taler-exchange.conf
 
+# FIXME: what about libeufin-sandbox?
+
+# FIXME: is this all we need for TLS!?
+say "Obtaining TLS certificates"
+
 letsencrypt certonly -d \
    backend.${DOMAIN_NAME} \
    bank.${DOMAIN_NAME} \
diff --git a/netzbon/main.sh b/netzbon/main.sh
@@ -81,7 +81,9 @@ check_user
 # which should dump a configuration file!
 DATABASE_CONNECTION="jdbc:postgresql://localhost:5432/nexus?user=nexus"
 
+# FIXME: make this step idempotent!
 . config_launch_libeufin.sh
+
 . config_nginx.sh
 . setup-exchange.sh
 . setup-merchant.sh
diff --git a/netzbon/setup-exchange.sh b/netzbon/setup-exchange.sh
@@ -1,15 +1,39 @@
 #!/bin/bash
 
-# Create master key
-
-su -c "mkdir -p ~/.local/share/taler/exchange/offline-keys" exchange
-su -c "gnunet-ecc -g1 ~/.local/share/taler/exchange/offline-keys/master.priv" exchange
+# Required inputs:
+#
+# - LIBEUFIN_NEXUS_USERNAME (exchange username for libeufin-nexus)
+# - LIBEUFIN_NEXUS_PASSWORD (exchange password for libeufin-nexus)
+# - LIBEUFIN_SANDBOX_EXCHANGE_IBAN (exchange account IBAN)
+
+if test -z ${LIBEUFIN_NEXUS_USERNAME:-}
+then
+    say "Failure: LIBEUFIN_NEXUS_USERNAME not set"
+    exit 1
+fi
+if test -z ${LIBEUFIN_NEXUS_PASSWORD:-}
+then
+    say "Failure: LIBEUFIN_NEXUS_PASSWORD not set"
+    exit 1
+fi
+if test -z ${LIBEUFIN_SANDBOX_EXCHANGE_IBAN:-}
+then
+    say "Failure: LIBEUFIN_SANDBOX_EXCHANGE_IBAN not set"
+    exit 1
+fi
+
+# Create master key as root
+
+mkdir -p ~/.local/share/taler/exchange/offline-keys
+gnunet-ecc -g1 ~/.local/share/taler/exchange/offline-keys/master.priv
 
 # Modify config/taler.conf
 
 # Then, modify the MASTER_PUBLIC_KEY option in taler.conf to contain
 # the public key. You can see the value to add using:
 
+# FIXME: Debian package not using /etc/taler.conf!?!?
+# FIXME: how is this supposed to work!?!?
 su -c "gnunet-ecc -p ~/.local/share/taler/exchange/offline-keys/master.priv" exchange > MASTER_PUBLIC_KEY
 echo ${MASTER_PUBLIC_KEY} >> config/taler-internal.conf
 
@@ -17,12 +41,3 @@ echo ${MASTER_PUBLIC_KEY} >> config/taler-internal.conf
 
 # Next, set a password for the Exchange account at the bank, using
 # the 'bank' user:
-
-read -p "Exchange account bank password: " EXCHANGE_PASSWORD
-echo ${EXCHANGE_PASSWORD} >> config/taler-internal.conf
-
-# Now setup the wire responses, database and online signing keys:
-
-# taler-exchange-wire
-# taler-exchange-dbinit
-# taler-exchange-keyup -o auditor.in
diff --git a/netzbon/setup-merchant.sh b/netzbon/setup-merchant.sh
@@ -1,6 +1,8 @@
 #!/bin/bash
 
 # To initialize the merchant, simply run
+# FIXME: run as the correct user!?
+# FIXME: or was this done by the Debian package?!
 
 taler-merchant-dbinit