From b2aaf8720b57aeda36f788f90d35c4ceadf2817a Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 27 Oct 2020 09:50:56 +0100 Subject: work on GNUnet setup script --- server-build/QEMU-autobuild/buildReclaim.sh | 34 +++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 7 deletions(-) (limited to 'server-build/QEMU-autobuild/buildReclaim.sh') diff --git a/server-build/QEMU-autobuild/buildReclaim.sh b/server-build/QEMU-autobuild/buildReclaim.sh index d546d17..b433a05 100755 --- a/server-build/QEMU-autobuild/buildReclaim.sh +++ b/server-build/QEMU-autobuild/buildReclaim.sh @@ -44,8 +44,14 @@ apt install \ libsodium-dev\ python3.7\ texi2html\ - texinfo - + texinfo \ + gnunet + +# This installs MHD and GNUnet to /usr, overwriting (!) +# the Debian package. We do that to get some minimal +# setup from Debian, and also so that IF in the future +# Debian does include a sufficiently recent GNUnet +# package, we can simply remove these lines: cd /root git clone git://git.gnunet.org/libmicrohttpd.git cd libmicrohttpd @@ -65,18 +71,32 @@ make install OIDC_CLIENT_SECRET=`uuid` gnunet-config -s reclaim-rest-plugin -o OIDC_CLIENT_SECRET -V "$OIDC_CLIENT_SECRET" -# Restart GNUnet -gnunet-arm -s +# Use the user 'reclaim' for the reclaim/OIDC service. +adduser --system --disabled-password reclaim + +sudo -u reclaim gnunet-config -s arm -o START_USER_SERVICES -V YES +sudo -u reclaim gnunet-config -s arm -o START_SYSTEM_SERVICES -V NO +sudo -u reclaim gnunet-config -s rest -o BIND_TO -V 0.0.0.0 +sudo -u gnunet gnunet-config -s arm -o START_USER_SERVICES -V NO +sudo -u gnunet gnunet-config -s arm -o START_SYSTEM_SERVICES -V YES + +# Restart GNUnet (system service) +systemctl restart gnunet + +# Setup GNUnet reclaim service +# systemctl restart gnunet + +exit 1 # Setup Zone for RP -gnunet-identity -C "$SHOP_ZONE" +sudo -u reclaim gnunet-identity -C "$SHOP_ZONE" OIDC_CLIENT_IDENTITY=`gnunet-identity -dq -e $SHOP_ZONE` # Tell reclaim where the RP expects the authorization callback -gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_REDIRECT -V ${WOOHOST}/wp-admin/admin-ajax.php?action=openid-connect-authorize -e 1h -p +sudo -u reclaim gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_REDIRECT -V ${WOOHOST}/wp-admin/admin-ajax.php?action=openid-connect-authorize -e 1h -p # Tell reclaim the name of the shop that asks for permissions (to be shown to the user) -gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_CLIENT -V "$SHOP_NAME" -e 1h -p +sudo -u reclaim gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_CLIENT -V "$SHOP_NAME" -e 1h -p # Setup ReClaim as OIDC provider with WooCommerce cd /var/www/wordpress -- cgit v1.2.3