commit f39449ac59bf240a66daf41f7814dc969011adbb
parent 42694dcdcf5e1093abc5e9018ba26b200ab2c9c8
Author: Christian Grothoff <christian@grothoff.org>
Date: Thu, 2 Mar 2023 15:00:09 +0100
target
Diffstat:
| M | netzbon/README | | | 56 | ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
1 file changed, 56 insertions(+), 0 deletions(-)
diff --git a/netzbon/README b/netzbon/README
@@ -19,3 +19,59 @@ TODOs.
0. Provide exchange sub-script.
1. Provide merchant sub-script.
2. Replace answers into the Nginx config.
+
+
+
+This directory contains shell scripts to make the installation of GNU Taler
+as easy as possible.
+
+
+Concept
+=======
+
+The different stages of the installation have their own shell scripts, driven
+by the 'main.sh' master script. Splitting up the process into the main stages
+should make it easy to resume if any particular step fails for any reason.
+
+The different stages communicate via environment variables which they may
+consume or export for future stages. The 'main.sh' script also prompts the
+user for key inputs, in particular:
+
+* the main domain name (subdomains may be created automatically)
+* the name of the currency
+* the master password(s) to set for the administrative Web interface(s)
+
+The setup is fundamentally based on the Debian packages. The scripts should
+do the minimal amount necessary to get GNU Taler to work on top of what the
+Debian packages provide. If we can move logic into a Debian package, we should.
+However, the Debian packages MUST install non-interactively, so site-specific
+inputs MUST be done by the shell scripts.
+
+The shell scripts should be kept simple, and for example use default
+configuration(s) from the Debian packages and replace values with 'sed'
+instead of generating complete configurations themselves (where possible,
+so in particular for the reverse HTTPS proxy configuration).
+
+
+Objective
+=========
+
+The goal is not to only setup the Debian packages, but to also configure
+all of the components:
+
+* libeufin-sandbox with an account for the administrator and the exchange
+* libeufin-nexus with access to the exchange account and Taler facade
+* exchange with denominations, fees (all zero) and credentials for the libeufin-nexus
+* merchant backend with the master key of the exchange for the target currency
+
+
+Future
+======
+
+For now, it is assumed that the taler-exchange-offline functionality is run
+locally (online). It should, however, be kept in mind that we probably want to
+modify the script to keep the offline keys offline in the future.
+
+For now, we do not integrate the currency conversion / cash out logic and
+only have the nexus between sandbox and exchange. In the future, we will want
+to support nexus talking to an external bank.
