commit ed161edaee17ba6760fce787601db18b635fa16b
parent a5ccd3f53a4f3d08fc5cbed975a8799449903a59
Author: Antoine A <>
Date: Thu, 29 Feb 2024 13:42:33 +0100
Improve regional currency manual
Diffstat:
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/libeufin/regional-automated-manual.rst b/libeufin/regional-automated-manual.rst
@@ -23,7 +23,7 @@
Regional Currency Automated Setup Manual
########################################
-This manual describes how to setup a regional currency backed by a fiat currency using a script that largely automates the process. If you want to do a custom setup you can follow the :doc:`custom setup manual<regional-custom-manual>`.
+This manual describes how to setup a regional currency using a script that largely automates the process. If you want to do a custom setup you can follow the :doc:`custom setup manual<regional-custom-manual>`.
.. contents:: Table of Contents
@@ -38,7 +38,7 @@ Prerequisites
+++++++++++++
For this manual, we assume that the system is deployed on a contemporary
-Debian GNU/Linux or Ubuntu LTS system using the binary packages provided.
+Debian GNU/Linux Bookworm or Ubuntu Mantic system using the binary packages provided.
Furthermore, you should run the process on a system with one or more globally
reachable IP address(es) *and* with various DNS names already pointing to
these IPs.
@@ -66,7 +66,7 @@ You can check this from your terminal very easily with the "ping" command, as th
You can also use `this tool <https://toolbox.googleapps.com/apps/dig/>`_ for the same purpose, and to check the propagation status.
.. warning::
- Take into account some hosting providers providing virtualized servers (VPS or VDS), can enable by default the firewall program "UFW", blocking by default the port number 443. So you have to either disable this firewall program, or open to this 443 port number to allow https.
+ Take into account some hosting providers providing virtualized servers (VPS or VDS) can enable by default the firewall program "UFW", blocking by default the port number 443. So you have to either disable this firewall program, or open to this 443 port number to allow https.
Now you are ready to go with the next step.
@@ -90,10 +90,10 @@ Navigate into the *regional-currency/* directory and run *main.sh* as **root**:
$ cd deployment/regional-currency/
# ./main.sh
-The script will start by installing required packages and then asking you fundamental questions about the desired setup, in particular :
+The script will start by installing the required packages and then asking you fundamental questions about the desired setup, in particular:
#. The name of the regional currency. It must have 3 to 11 letters.
-#. Whether to setup your regional currency to be backed by a fiat currency. You will need bank account at a bank dealing in fiat currency that offers an online banking protocol supported by LibEuFin Nexus. If you say `y` you will have to also provide the following information:
+#. Whether to setup the regional currency to be backed by a fiat currency. You'll need a bank account at a fiat currency bank offering an online banking protocol supported by LibEuFin Nexus. If you answer ``y``, you will also need to provide the following information:
#. The ISO code of the fiat currency. Use 'CHF' or 'EUR'.
#. The IBAN of the fiat bank account.
@@ -103,7 +103,6 @@ The script will start by installing required packages and then asking you fundam
#. The name of the regional currency bank. It will be shown to business users when they interact with the system.
#. The DNS domain name of your setup (i.e: domain.tld). The installer will create by itself all the needed subdomains for your domain name, as (``bank.$DOMAIN_NAME``, ``exchange.$DOMAIN_NAME`` and ``backend.$DOMAIN_NAME``). But, these subdomain names as explained before, must have been added beforehand to your DNS domain control panel, and they must be pointing to the IP address of the server on which you are running the installation (before you execute the installer).
#. Whether to use TLS or not. You should answer ``y`` in most cases.
-#. Whether to store Taler Exchange keys on this server or externally on another server. Unless you need a high-security setup and expect to run an offline key management process, say ``y``. If you say ``n``, you will need to run ``taler-exchange-offline setup`` on your offline system and provide the master public key. Furthermore, you should then study the exchange manual on offline key management to finish the exchange setup process later.
#. Whether to setup SMS two-factor authentication using `Telesign <https://www.telesign.com>`_, multi-factor authentication is strongly recommended, especially when regional currency can be converted to fiat currency. This requires `a Customer ID and an API Key <https://developer.telesign.com/enterprise/docs/authentication#basic-authentication>`_. You should answer ``y`` in most cases.
#. The admin password for the bank. Be absolutely sure to enter a very, very long and high-entropy password, preferably using the autogenerated one.
@@ -233,6 +232,7 @@ By default, the exchange is setup to perform conversion without any restrictions
.. code-block:: console
+ $ . config/user.conf
$ sudo -u taler-exchange-offline taler-exchange-offline \
enable-account \
"${CONVERSION_PAYTO}" \
diff --git a/libeufin/regional-custom-manual.rst b/libeufin/regional-custom-manual.rst
@@ -94,6 +94,7 @@ the possibility of currency conversion (cash in):
enable-account \
payto://iban/$IBAN?receiver-name=$NAME \
conversion-url "$CONVERSION_URL" \
+ # restrictions ...
upload
Here, the ``$CONVERSION_URL`` must be set to the base URL of the conversion
