taler-deployment

Deployment scripts and configuration files
Log | Files | Refs | README
commit bd1648d36f0522b03475985d4b8a89ae9bc8e351
parent 641ec8b3e0e13b78d67d38b01a4410f5f2a1abdc
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sat,  4 Mar 2023 17:36:06 +0100

comments

Diffstat:

Mnetzbon/config_nginx.sh | 20+++++++++++++-------


Mnetzbon/main.sh | 5+++++


Mnetzbon/setup-exchange.sh | 8+++++++-


3 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/netzbon/config_nginx.sh b/netzbon/config_nginx.sh
@@ -20,12 +20,18 @@ ln -s ${SITES_AVAILABLE_DIR}/taler-exchange ${SITES_ENABLED_DIR}/taler-exchange.
 
 # FIXME: what about libeufin-sandbox?
 
-# FIXME: is this all we need for TLS!?
-say "Obtaining TLS certificates"
-
-letsencrypt certonly -d \
-   backend.${DOMAIN_NAME} \
-   bank.${DOMAIN_NAME} \
-   exchange.${DOMAIN_NAME}
+if test ${ENABLE_TLS} = "y"
+then
+    # FIXME-Javier: is this all we need for TLS!?
+    # Likely need to modify configuration above
+    # to listen on 443, and redirect from 80 to 443
+    # and to enable SSL somehow! This is very incomplete!
+    say "Obtaining TLS certificates"
+
+    letsencrypt certonly -d \
+                backend.${DOMAIN_NAME} \
+                bank.${DOMAIN_NAME} \
+                exchange.${DOMAIN_NAME}
+fi
 
 systemctl start nginx
diff --git a/netzbon/main.sh b/netzbon/main.sh
@@ -28,6 +28,11 @@ then
     read -p "Enter the name of the currency (e.g. 'EUR'): " CURRENCY
     echo "CURRENCY=${CURRENCY}" >> config/user.conf
 fi
+if test -z "${ENABLE_TLS:-}"
+then
+    read -p "Use TLS? (y/n): " ENABLE_TLS
+    echo "ENABLE_TLS=${ENABLE_TLS}" >> config/user.conf
+fi
 if test -z "${SANDBOX_ADMIN_PASSWORD:-}"
 then
     read -s -p "Enter the admin password for the bank: " SANDBOX_ADMIN_PASSWORD
diff --git a/netzbon/setup-exchange.sh b/netzbon/setup-exchange.sh
@@ -51,7 +51,12 @@ echo "MASTER_PUBLIC_KEY=\"${MASTER_PUBLIC_KEY}\"" >> config/taler-internal.conf
 
 say "Configuring exchange"
 
-export EXCHANGE_BASE_URL="https://exchange.${DOMAIN_NAME}"
+if test ${ENABLE_TLS} = "y"
+then
+    export EXCHANGE_BASE_URL="https://exchange.${DOMAIN_NAME}"
+else
+    export EXCHANGE_BASE_URL="http://exchange.${DOMAIN_NAME}"
+fi
 # Generate /etc/taler/conf.d/setup.conf
 
 echo -e "[taler]\n"\
@@ -115,3 +120,4 @@ curl --max-time 2 \
      --retry 10 \
      ${EXCHANGE_BASE_URL}/keys &> /dev/null
 echo "DONE"
+t