[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-deployment] branch master updated: Utilities.
|
From: |
gnunet |
|
Subject: |
[taler-deployment] branch master updated: Utilities. |
|
Date: |
Fri, 24 Sep 2021 14:01:46 +0200 |
This is an automated email from the git hooks/post-receive script.
ms pushed a commit to branch master
in repository deployment.
The following commit(s) were added to refs/heads/master by this push:
new eb0957b Utilities.
eb0957b is described below
commit eb0957b02c7158de33d1066fd7fd12843919edfd
Author: ms <ms@taler.net>
AuthorDate: Fri Sep 24 13:58:43 2021 +0200
Utilities.
Converting the prepare script (for local setups)
to Python, in order to be more consistent with
the builder script.
---
bin/WIP/taler-prepare-local | 962 +++++++++++++++++++++++++++++++-------------
1 file changed, 690 insertions(+), 272 deletions(-)
diff --git a/bin/WIP/taler-prepare-local b/bin/WIP/taler-prepare-local
index 467fd56..fb70b27 100755
--- a/bin/WIP/taler-prepare-local
+++ b/bin/WIP/taler-prepare-local
@@ -1,285 +1,703 @@
-#!/bin/bash
-
-# Values needed:
-#
-# currency
-
-set -eu
-
-# The script stops what started along the flow.
-# This function should help against processes left
-# somehow running.
-function stop_running() {
- for n in `jobs -p`
- do
- kill $n 2> /dev/null || true
- done
- wait
-}
-
-trap "stop_running" EXIT
-
-CURRENCY="EUR"
-IBAN_EXCHANGE="EX00000000000000000000"
-IBAN_MERCHANT="ME00000000000000000001"
-IBAN_CUSTOMER="WA00000000000000000000"
-FRONTENDS_APITOKEN="secret"
-WIRE_METHOD="sepa"
-NEXUS_DB_FILESYSTEM="/tmp/nexus.sqlite"
-SANDBOX_DB_FILESYSTEM="/tmp/sandbox.sqlite"
-SANDBOX_ADMIN_PASSWORD="secret"
-REV_PROXY="http://localhost:8080";
-SANDBOX_URL="${REV_PROXY}/sandbox"
-NEXUS_URL="${REV_PROXY}/nexus"
-EBICS_HOST="ebicsDeployedHost"
-# Only the exchange needs Nexus.
-EXCHANGE_NEXUS_USERNAME=exchange-nexus-user
-EXCHANGE_NEXUS_PASSWORD=exchange-nexus-password
-# Needed to create the default instance
-TALER_MERCHANT_TOKEN="secret"
-
-function generate_preliminary_config() {
- # Known later:
-
- # exchange pub, needed by merchant
- # wire gateway URL, credentials, method
-
- mkdir -p "$HOME/.config"
- taler-config-local \
- --currency "$CURRENCY" \
- --outdir "$HOME/.config" \
- --exchange-wire-address $IBAN_EXCHANGE \
- --frontends-apitoken "$TALER_ENV_FRONTENDS_APITOKEN"
-}
-
-echo -n "Reset and init exchange DB.."
-taler-exchange-dbinit --reset
-echo " OK"
-
-echo -n "Remove previous key and data files.."
-rm -fr ~/.taler-data/*
-echo " OK"
-
-##
-## Step 3: Set up the exchange key material
-##
-
-echo -n "Setup exchange's key material.."
-
-# New version
-EXCHANGE_PID=$(taler-exchange > /tmp/exchange.log 2>&1 & echo $!)
-SECMOD_RSA_PID=$(taler-exchange-secmod-rsa > /tmp/exchange-secmod-rsa.log 2>&1
& echo $!)
-SECMOD_EDDSA_PID=$(taler-exchange-secmod-eddsa >
/tmp/exchange-secmod-eddsa.log 2>&1 & echo $!)
-
-# FIXME: check the three services above are running correctly.
-
-taler-exchange-offline download sign upload
-
-PAYTO_URI=$(taler-config -s exchange-account-1 -o payto_uri)
-taler-exchange-offline enable-account "$PAYTO_URI" upload
+#!/usr/bin/env python3
+
+from sys import exit
+from os import remove
+import errno
+from pathlib import Path
+from subprocess import check_call as Popen, DEVNULL
+from datetime import datetime
+
+# Print No Newline.
+def print_nn(msg):
+ print(msg, env="")
+
+# Runs a command synchronously.
+def cmd(name, args, env=os.environ):
+ handle = launch(args, env)
+ return_code = handle.wait()
+ if return_code != 0:
+ print("Command: " + " ".join(args) + " failed, return code: " +
str(return_code))
+ print(f"See logs in /tmp/{name}.log")
+ return False
+ return handle
+
+def kill(name, s):
+ s.terminate()
+ s.wait()
+
+# Runs a command in the background.
+def launch(name, cmd, env=os.environ):
+ log_file = open("/tmp/{name}.log", "w")
+ handle = Popen(
+ cmd,
+ stdin=DEVNULL,
+ stdout=log_file,
+ stderr=log_file,
+ env=env
+ )
+ atexit.register(lambda: kill(name, handle))
+ return handle
+
+def check_running(name, check_url):
+ print_nn(f"Checking {name} is running...")
+ for i in range(10):
+ print_nn(".")
+ try:
+ # Raises if the service is not reachable.
+ response = get(check_url)
+ # Raises if the request gets a non 200 OK.
+ response.raise_for_status()
+ except:
+ if i = 10:
+ print("ERROR: {name} is not running (correctly)")
+ return False
+ print(" OK")
+ return True
+
+def get_nexus_cli_env(
+ username, password,
+ nexus_url
+):
+ env = os.env.copy()
+ env["LIBEUFIN_NEXUS_USERNAME"] = username
+ env["LIBEUFIN_NEXUS_PASSWORD"] = password,
+ env["LIBEUFIN_NEXUS_URL"] = nexus_url
+ return env
+
+def get_sandbox_cli_env(
+ username, password
+):
+ env = os.env.copy()
+ env["LIBEUFIN_SANDBOX_USERNAME"] = username
+ env["LIBEUFIN_SANDBOX_PASSWORD"] = password
+ return env
+
+def prepare_nexus_account(
+ ebics_url,
+ ebics_host_id,
+ ebics_partner,
+ ebics_user_id,
+ bank_connection_name,
+ bank_account_name_sandbox,
+ bank_account_name_nexus,
+ env
+):
+ # make connection
+ cmd(
+ "new-ebics-connection",
+ [
+ "libeufin-cli", "connections",
+ "new-ebics-connection",
+ "--ebics-url", ebics_url,
+ "--host-id", ebics_host_id,
+ "--partner-id", ebics_partner_id,
+ "--ebics-user-id", ebics_user_id,
+ bank_connection_name
+ ],
+ env
+ )
+ # connect
+ cmd(
+ "bankconnection-connect",
+ [
+ "libeufin-cli", "connections",
+ "connect", bank_connection_name
+ ],
+ env
+ )
+ # Import bank account
+ cmd(
+ "download-bank-accounts",
+ [
+ "libeufin-cli", "connections",
+ "download-bank-accounts",
+ bank_connection_name
+ ],
+ env
+ )
+ cmd(
+ "import-bank-account",
+ [
+ "libeufin-cli", "connections",
+ "import-bank-account",
+ "--offered-account",
+ bank_account_name_sandbox,
+ "--nexus-bank-account",
+ bank_account_name_nexus,
+ bank_connection_name
+ ],
+ env
+ )
+ # Set background tasks.
+ cmd(
+ "task-schedule-submit-payments",
+ [
+ "libeufin-cli", "accounts",
+ "task-schedule", bank_account_name_nexus,
+ "--task-type", "submit",
+ "--task-name", "submit-payments-each-second",
+ "--task-cronspec"= "* * *"
+ ],
+ env
+ )
+ cmd(
+ "task-schedule-fetch-reports",
+ [
+ "libeufin-cli", "accounts",
+ "task-schedule", bank_account_name_nexus,
+ "--task-type", "fetch",
+ "--task-name", "fetch-reports-each-second",
+ "--task-cronspec", "* * *",
+ "--task-param-level", "report",
+ "--task-param-range-type", "latest"
+ ],
+ env
+ )
+
+def prepare_sandbox_account(
+ currency,
+ sandbox_url,
+ ebics_host_id,
+ ebics_partner_id,
+ ebics_user_id,
+ person_name,
+ bank_account_name,
+ bank_account_iban
+ env
+):
+ cmd(
+ "ebicssubscriber-create",
+ [
+ "libeufin-cli", "sandbox",
+ "--sandbox-url", sandbox_url,
+ "ebicssubscriber", "create",
+ "--host-id", ebics_host_id,
+ "--partner-id", ebics_partner_id,
+ "--user-id", ebics_user_id
+ ],
+ env
+ )
+ cmd(
+ "ebicsbankaccount-create"
+ [
+ "libeufin-cli", "sandbox",
+ "--sandbox-url", sandbox_url,
+ "ebicsbankaccount", "create",
+ "--iban", bank_account_iban,
+ "--bic", "ABCDEFGH",
+ "--person-name", person_name,
+ "--account-name", bank_account_name,
+ "--ebics-user-id", ebics_user_id,
+ "--ebics-host-id", ebics_host_id,
+ "--ebics-partner-id", ebics_partner_id,
+ "--currency", currency
+ ],
+ env
+ )
+
+class ConfigFile:
+ def __init__(self, filename):
+ self.sections = OrderedDict()
+ self.filename = filename
+
+ def destroy(self):
+ del self.sections
+ self.sections = OrderedDict()
+
+ def cfg_put(self, section_name, key, value):
+ s = self.sections[section_name] = self.sections.get(section_name,
OrderedDict())
+ s[key] = value
+
+ def cfg_write(self, outdir):
+
+ if outdir:
+ fstream = open(os.path.join(outdir, self.filename), "w")
+ else:
+ fstream = open(sys.stdout)
+
+ for section_name, section in self.sections.items():
+ fstream.write("[" + section_name + "]" + "\n")
+ for key, value in section.items():
+ fstream.write(key + " = " + value + "\n")
+ fstream.write("\n")
+ fstream.close()
+
+def config_main(
+ filename,
+ currency,
+ rev_proxy_url,
+ wire_method,
+ exchange_wire_address,
+ merchant_wire_address,
+ exchange_wire_gateway_username,
+ exchange_wire_gateway_password,
+ frontend_api_key,
+):
+ def coin(
+ obj,
+ currency,
+ name,
+ value,
+ d_withdraw="3 years",
+ d_spend="5 years",
+ d_legal="10 years",
+ f_withdraw="0.01",
+ f_deposit="0.01",
+ f_refresh="0.01",
+ f_refund="0.01",
+ rsa_keysize="2048",
+ ):
+ sec = "coin_" + currency + "_" + name
+ obj.cfg_put(sec, "value", currency + ":" + value)
+ obj.cfg_put(sec, "duration_withdraw", d_withdraw)
+ obj.cfg_put(sec, "duration_spend", d_spend)
+ obj.cfg_put(sec, "duration_legal", d_legal)
+ obj.cfg_put(sec, "fee_withdraw", currency + ":" + f_withdraw)
+ obj.cfg_put(sec, "fee_refresh", currency + ":" + f_refresh)
+ obj.cfg_put(sec, "fee_refund", currency + ":" + f_refund)
+ obj.cfg_put(sec, "fee_deposit", currency + ":" + f_deposit)
+ obj.cfg_put(sec, "rsa_keysize", rsa_keysize)
+
+
+ obj = ConfigFile("taler.conf")
+ obj.cfg_put("paths", "TALER_DATA_HOME", "${HOME}/.taler-data")
+ obj.cfg_put("paths", "TALER_RUNTIME_DIR", "${HOME}/.taler-runtime")
+ obj.cfg_put("taler", "CURRENCY", currency)
+ obj.cfg_put("taler", "CURRENCY_ROUND_UNIT", f"{currency}:0.01")
+
+ obj.cfg_put("bank", "serve", "uwsgi")
+ obj.cfg_put("bank", "uwsgi_serve", "unix")
+ obj.cfg_put("bank", "uwsgi_unixpath", "/tmp/bank.sock")
+ obj.cfg_put("bank", "uwsgi_unixpath_mode", "660")
+ obj.cfg_put("bank", "database", "taler")
+ obj.cfg_put("bank", "max_debt", "%s:500.0" % currency)
+ obj.cfg_put("bank", "max_debt_bank", "%s:1000000000.0" % currency)
+ obj.cfg_put("bank", "allow_registrations", "YES")
+ obj.cfg_put("bank", "base_url", rev_proxy_url + "/bank/")
+ obj.cfg_put("bank", "database", "postgres:///taler")
+ obj.cfg_put("bank", "suggested_exchange", rev_proxy_url + "/exchange/")
+
+ obj.cfg_put("donations", "serve", "uwsgi")
+ obj.cfg_put("donations", "uwsgi_serve", "unix")
+ obj.cfg_put("donations", "uwsgi_unixpath", "/tmp/donations.sock")
+ obj.cfg_put("donations", "uwsgi_unixpath_mode", "660")
+
+ obj.cfg_put("landing", "serve", "uwsgi")
+ obj.cfg_put("landing", "uwsgi_serve", "unix")
+ obj.cfg_put("landing", "uwsgi_unixpath", "/tmp/landing.sock")
+ obj.cfg_put("landing", "uwsgi_unixpath_mode", "660")
+
+ obj.cfg_put("blog", "serve", "uwsgi")
+ obj.cfg_put("blog", "uwsgi_serve", "unix")
+ obj.cfg_put("blog", "uwsgi_unixpath", "/tmp/blog.sock")
+ obj.cfg_put("blog", "uwsgi_unixpath_mode", "660")
+
+ obj.cfg_put("survey", "serve", "uwsgi")
+ obj.cfg_put("survey", "uwsgi_serve", "unix")
+ obj.cfg_put("survey", "uwsgi_unixpath", "/tmp/survey.sock")
+ obj.cfg_put("survey", "uwsgi_unixpath_mode", "660")
+ obj.cfg_put("survey", "bank_password", "x")
+
+ obj.cfg_put("merchant", "serve", "unix")
+ obj.cfg_put("merchant", "unixpath", "/tmp/merchant-backend.sock")
+ obj.cfg_put("merchant", "wire_transfer_delay", "0 s")
+ obj.cfg_put("merchant", "default_max_wire_fee", obj.currency + ":" +
"0.01")
+ obj.cfg_put("merchant", "default_max_deposit_fee", obj.currency + ":" +
"0.05")
+ obj.cfg_put("merchantdb-postgres", "config", "postgres:///taler")
+
+ obj.cfg_put("frontends", "backend", rev_proxy_url + "/merchant-backend/")
+ obj.cfg_put(
+ "merchant-exchange-{}".format(currency),
+ "exchange_base_url", rev_proxy_url + "/exchange/",
+ )
+
+ obj.cfg_put("auditor", "serve", "unix")
+ # FIXME: both below used?
+ obj.cfg_put("auditor", "base_url", rev_proxy_url + "/auditor")
+ obj.cfg_put("auditor", "auditor_url", rev_proxy_url + "/auditor")
+ obj.cfg_put("auditor", "unixpath", "/tmp/auditor.sock")
+ obj.cfg_put("auditor", "tiny_amount", currency + ":0.01")
+
+ obj.cfg_put("taler-exchange-secmod-eddsa", "unixpath",
"/tmp/exchange-secmod-eddsa.sock")
+ obj.cfg_put("taler-exchange-secmod-rsa", "unixpath",
"/tmp/exchange-secmod-rsa.sock")
+ obj.cfg_put("taler-exchange-secmod-rsa", "sm_priv_key",
+ "/tmp/taler-data/taler-exchange-secmod-rsa/secmod-private-key"
+ )
+ obj.cfg_put("exchange", "base_url", rev_proxy_url + "/exchange/")
+
+ obj.cfg_put("exchange", "serve", "unix")
+ obj.cfg_put("exchange", "unixpath", "/tmp/exchange.sock")
+
+ obj.cfg_put("exchange", "terms_etag", "0")
+ obj.cfg_put("exchange", "terms_dir",
"$HOME/local/share/taler-exchange/tos")
+ obj.cfg_put("exchange", "privacy_etag", "0")
+ obj.cfg_put("exchange", "privacy_dir",
"$HOME/local/share/taler-exchange/pp")
+
+
+ obj.cfg_put("exchangedb-postgres", "db_conn_str", "postgres:///taler")
+ obj.cfg_put("exchangedb-postgres", "config", "postgres:///taler")
+ obj.cfg_put("auditordb-postgres", "db_conn_str", "postgres:///taler")
+ obj.cfg_put("auditordb-postgres", "config", "postgres:///taler")
+
+ obj.cfg_put(
+ "exchange-account-1",
+ "payto_uri",
+ f"payto://{wire_method}/{rev_proxy_url +
'/bank'}/{exchange_wire_address}"
+ )
+ obj.cfg_put("exchange-account-1", "enable_debit", "yes")
+ obj.cfg_put("exchange-account-1", "enable_credit", "yes")
+ obj.cfg_put("merchant-account-merchant", "payto_uri",
+ f"payto://{wire_method}/{rev_proxy_url +
'/bank'}/{merchant_wire_address}"
+ )
+ obj.cfg_put("merchant-account-merchant",
+ "wire_response",
+ "${TALER_DATA_HOME}/merchant/wire/merchant.json",
+ )
+ obj.cfg_put("merchant-account-merchant", "wire_file_mode", "770")
+
+ obj.cfg_put("frontends", "backend_apikey", f"{frontend_api_key}")
+ coin(obj, currency, "ct_10", "0.10")
+ coin(obj, currency, "1", "1")
+ coin(obj, currency, "2", "2")
+ coin(obj, currency, "5", "5")
+ coin(obj, currency, "10", "10")
+ coin(obj, currency, "1000", "1000")
+ obj.cfg_write(outdir)
+
+def config_sync(filename, outdir, currency, api_key, rev_proxy_url):
+ obj = ConfigFile(filename)
+ obj.cfg_put("taler", "currency", currency)
+ obj.cfg_put("sync", "serve", "unix")
+ obj.cfg_put("sync", "unixpath", "$HOME/sockets/sync.http")
+ obj.cfg_put("sync", "apikey", f"Bearer {api_key}")
+ obj.cfg_put("sync", "annual_fee", f"{currency}:0.1")
+ obj.cfg_put("sync", "fulfillment_url", "taler://fulfillment-success/")
+ obj.cfg_put("sync", "payment_backend_url", rev_proxy_url +
"merchant-backend/instances/Taler/")
+ obj.cfg_put("syncdb-postgres", "config", f"postgres:///taler")
+ obj.cfg_write(outdir)
+
+def config_anastasis(filename, outdir, currency, api_key):
+ obj = ConfigFile(filename)
+ obj.cfg_put("taler", "currency", currency)
+ obj.cfg_put("anastasis", "serve", "unix")
+ obj.cfg_put("anastasis", "business_name", f"GNU Taler Demo Anastasis
Provider")
+ obj.cfg_put("anastasis", "unixpath", "/tmp/anastasis.sock")
+ obj.cfg_put("anastasis", "annual_fee", f"{currency}:0")
+ obj.cfg_put("anastasis", "question_cost", f"{currency}:0")
+ obj.cfg_put("anastasis", "insurance", f"{currency}:0")
+ obj.cfg_put("anastasis", "truth_upload_fee", f"{currency}:0")
+ obj.cfg_put("anastasis", "fulfillment_url", "taler://fulfillment-success/")
+ obj.cfg_put("anastasis", "server_salt", "kreb3ia9dmj43gfa")
+ obj.cfg_put("stasis-postgres", "config", f"postgres:///taler")
+ obj.cfg_put("anastasis-merchant-backend",
+ "payment_backend_url",
+ rev_proxy_url "merchant-backend/instances/anastasis/"
+ )
+ obj.cfg_put("anastasis-merchant-backend", "api_key", f"Bearer {api_key}")
+ obj.cfg_put("authorization-question", "cost", f"{currency}:0")
+ obj.cfg_put("authorization-question", "enabled", "yes")
+ obj.cfg_write(outdir)
+
+CURRENCY = "EUR"
+WIRE_METHOD = "sepa"
+CFG_OUTDIR = Path.home() / ".config"
+
+# IBANs
+IBAN_EXCHANGE = "EX00000000000000000000"
+IBAN_MERCHANT = "ME00000000000000000001"
+IBAN_CUSTOMER = "WA00000000000000000000"
+
+# Credentials / API keys
+SANDBOX_ADMIN_USERNAME = "admin"
+SANDBOX_ADMIN_PASSWORD = "secret"
+EXCHANGE_NEXUS_USERNAME = exchange-nexus-user
+EXCHANGE_NEXUS_PASSWORD = exchange-nexus-password
+FRONTENDS_API_KEY = "secret:secret"
+TALER_MERCHANT_TOKEN = "secret" # same as above?
+
+# EBICS
+EBICS_HOST_ID = "ebicsDeployedHost"
+EXCHANGE_EBICS_USER_ID = "exchangeEbicsUserId"
+EXCHANGE_EBICS_PARTNER_ID = "exchangeEbicsPartnerId"
+EBICS_URL = REV_PROXY + "/sandbox/ebicsweb"
+
+# URLs
+REV_PROXY = "http://localhost:8080";
+SANDBOX_URL = REV_PROXY + "/sandbox"
+NEXUS_URL = REV_PROXY + "/nexus"
+
+# euFin
+NEXUS_DB_FILESYSTEM = "/tmp/nexus.sqlite"
+SANDBOX_DB_FILESYSTEM = "/tmp/sandbox.sqlite"
+EXCHANGE_BANK_ACCOUNT_NEXUS = "exchange-imported-account-nexus"
+EXCHANGE_BANK_ACCOUNT_SANDBOX = "exchange-account-sandbox"
+EXCHANGE_BANK_CONNECTION = "exchange-ebics-connection"
+EXCHANGE_FACADE_NAME = "exchange-taler-facade"
+
+config_main(
+ "taler.conf",
+ outdir=CFG_OUTDIR,
+ currency=CURRENCY,
+ rev_proxy_url=REV_PROXY,
+ wire_method=WIRE_METHOD,
+ exchange_wire_address=IBAN_EXCHANGE,
+ exchange_wire_gateway_username=EXCHANGE_NEXUS_USERNAME,
+ exchange_wire_gateway_password=EXCHANGE_NEXUS_PASSWORD,
+ frontend_api_key=FRONTENDS_API_KEY
+)
+config_sync(
+ "sync.conf",
+ outdir=CFG_OUTDIR,
+ currency=CURRENCY,
+ api_key=FRONTENDS_API_KEY,
+ rev_proxy_url=REV_PROXY
+)
+config_anastasis(
+ "anastasis.conf",
+ outdir=CFG_OUTDIR,
+ currency=CURRENCY,
+ api_key=FRONTENDS_API_KEY
+)
+
+print_nn("Reset and init exchange DB..")
+cmd(["taler-exchange-dbinit", "--reset"])
+print(" OK")
+
+print_nn("Remove previous key and data files..")
+cmd(["rm", "-fr", Path.home() / ".taler-data" / "*"])
+print(" OK")
+
+print_nn("Launching the exchange...")
+exchange_handle = launch("exchange", ["taler-exchange-httpd"])
+if not check_running(rev_proxy + "/exchange/keys")
+ exit(1)
+print(" OK")
+print_nn("Launching the exchange RSA helper...")
+exchange_rsa_handle = launch("exchange-rsa", ["taler-exchange-secmod-rsa"])
+print_nn("Launching the exchange RSA helper...")
+exchange_eddsa_handle = launch("exchange-eddsa",
["taler-exchange-secmod-eddsa"])
+print_nn("exchange-offline: signing the exchange keys, hence testing the
crypto helpers are correct...")
+cmd(["taler-exchange-offline", "download", "sign", "upload"])
+print(" OK")
+PAYTO_URI=mc.sections["exchange-account-1"]["payto-uri"]
+print_nn("exchange-offline: enabling {PAYTO_URI}...")
+cmd(["taler-exchange-offline", "enable-account", PAYTO_URI, "upload"])
+print(" OK")
# Set up wire fees for next 5 years
-YEAR=$(date +%Y)
-for y in $(seq $year $((year + 5))); do
- taler-exchange-offline wire-fee $y $WIRE_METHOD "$CURRENCY:0.01"
"$CURRENCY:0.01" upload
-done
+NOW = datetime.now()
+YEAR = NOW.year
+print_nn("Setting wire fees for the next 5 years...")
+for year in range(YEAR, YEAR+5):
+ cmd([
+ "taler-exchange-offline",
+ "wire-fee",
+ year,
+ WIRE_METHOD,
+ CURRENCY + ":0.01",
+ CURRENCY + ":0.01",
+ "upload"
+ ])
+print(" OK")
+print_nn("Getting exchange master public key via /keys..")
+try:
+ response = get(REV_PROXY + "/exchange/keys")
+ response.raise_for_status()
+except:
+ EXCHANGE_MASTER_PUB = response.json().get("master_public_key")
+print(" OK")
+print_nn("Stopping exchange HTTP daemon and crypto helpers...")
+kill("exchange-rsa", exchange_rsa_handle)
+kill("exchange-eddsa", exchange_eddsa_handle)
+print(" OK")
+print_nn("Add this exchange to the auditor...")
+cmd(["taler-auditor-exchange", "-m", EXCHANGE_MASTER_PUB, "-u", REV_PROXY +
"/exchange"])
-echo " OK"
-echo -n "Getting exchange public key via /keys.."
-EXCHANGE_URL=$(taler-config -s exchange -o base_url)
-EXCHANGE_MASTER_PUB=$(curl -s "$EXCHANGE_URL/keys" | jq .master_public_key)
-echo " OK"
-echo -n "Add this exchange to the auditor..."
-taler-auditor-exchange \
- -m "$EXCHANGE_MASTER_PUB" \
- -u "$(taler-config -s exchange -o base_url)" || true
-# Make configuration accessible to auditor
-chmod 750 "$HOME/.config"
-echo " OK"
-stop_running
-
-##
## Step 4: Set up euFin
-##
-
-echo -n "Resetting euFin databases.."
-rm $SANDBOX_DB_FILESYSTEM
-rm $NEXUS_DB_FILESYSTEM
-echo " OK"
-export LIBEUFIN_SANDBOX_USERNAME="admin"
-export LIBEUFIN_SANDBOX_PASSWORD=$SANDBOX_ADMIN_PASSWORD
-# $1 = ebics user id, $2 = ebics partner, $3 = bank connection name
-# $4 = bank account name local to Nexus, $5 = bank account name as known
-# by Sandbox
-function prepare_nexus_account() {
- echo -n "Making bank connection $3 ..."
- libeufin-cli connections new-ebics-connection \
- --ebics-url="${SANDBOX_URL}ebicsweb" \
- --host-id=$EBICS_HOST \
- --partner-id=$2 \
- --ebics-user-id=$1 \
- $3 > /dev/null
- echo " OK"
- echo -n "Connecting $3 ..."
- libeufin-cli connections connect $3 > /dev/null
- echo " OK"
- echo -n "Importing Sandbox bank account ($5) to Nexus ($4) ..."
- libeufin-cli connections download-bank-accounts $3 > /dev/null
- libeufin-cli connections import-bank-account \
- --offered-account-id=$5 --nexus-bank-account-id=$4 $3 > /dev/null
- echo " OK"
- # Set how often the automatic routing must fetch the bank account.
- echo -n "Setting background payment initiator.."
- libeufin-cli accounts task-schedule $4 \
- --task-type="submit" \
- --task-name='submit-payments-every-second' \
- --task-cronspec='* * *'
- echo " OK"
- echo -n "Setting background history fetch.."
- libeufin-cli accounts task-schedule $4 \
- --task-type="fetch" \
- --task-name='fetch-reports-every-second' \
- --task-cronspec='* * *' \
- --task-param-level=report \
- --task-param-range-type=latest
- echo " OK"
-}
-
-# $1=ebics username, $2=ebics partner name,
-# $3=person name, $4=sandbox bank account name, $5=iban
-function prepare_sandbox_account() {
- echo -n "Activating ebics subscriber $1 at the sandbox ..."
- libeufin-cli \
- sandbox --sandbox-url=$SANDBOX_URL \
- ebicssubscriber create \
- --host-id=$EBICS_HOST \
- --partner-id=$2 \
- --user-id=$1
- echo " OK"
- echo -n "Giving a bank account ($4) to $1 ..."
- libeufin-cli \
- sandbox --sandbox-url=$SANDBOX_URL \
- ebicsbankaccount create \
- --iban=$5 \
- --bic="BCMAESM1XXX"\
- --person-name="$3" \
- --account-name=$4 \
- --ebics-user-id=$1 \
- --ebics-host-id=$EBICS_HOST \
- --ebics-partner-id=$2 \
- --currency=$CURRENCY
- echo " OK"
-}
-
-echo -n "Making Sandbox superuser..."
-libeufin-sandbox superuser admin --password=${SANDBOX_ADMIN_PASSWORD}
+print_nn("Resetting euFin databases...")
+try:
+ remove(SANDBOX_DB_FILE)
+ remove(NEXUS_DB_FILE)
+except OSError as error:
+ if error.errno != errno.ENOENT:
+ raise error
echo " OK"
-echo -n "Lunching Sandbox..."
-SANDBOX_PID=$(libeufin-sandbox serve --with-unix-socket > /tmp/sandbox.log
2>&1 & echo $!)
-if ! curl -s --retry 5 --retry-connrefused $SANDBOX_URL > /dev/null; then
- echo "Could not launch Sandbox"
- stop_running
- exit 1
-fi
-echo " OK"
-
-echo -n "Launching Nexus..."
-NEXUS_PID=$(libeufin-nexus serve --with-unix-socket > /tmp/nexus.log 2>&1 &
echo $!)
-if ! curl -s --retry 5 --retry-connrefused $NEXUS_URL > /dev/null; then
- echo "Could not launch Nexus"
- stop_running
- exit 1
-fi
-echo " OK"
-
-echo -n "Make Sandbox EBICS host..."
-libeufin-cli \
- sandbox --sandbox-url=$SANDBOX_URL \
- ebicshost create \
- --host-id=$EBICS_HOST
-echo " OK"
-
-# note: Ebisc schema doesn't allow dashed names.
-prepare_sandbox_account \
- ebicsuserExchange \
- ebicspartnerExchange \
- "Person Exchange" \
- sandbox-account-exchange \
- $IBAN_EXCHANGE
-prepare_sandbox_account \
- ebicsuserMerchant \
- ebicspartnerMerchant \
- "Person Merchant" \
- sandbox-account-merchant \
- $IBAN_MERCHANT
-prepare_sandbox_account \
- ebicsuserCustomer \
- ebicspartnerCustomer \
- "Person Customer" \
- sandbox-account-customer \
- $IBAN_CUSTOMER
-
-echo -n "Make Nexus superuser ..."
-libeufin-nexus superuser $EXCHANGE_NEXUS_USERNAME
--password=$EXCHANGE_NEXUS_PASSWORD
-echo " OK"
-
-export LIBEUFIN_NEXUS_URL=$NEXUS_URL
-export LIBEUFIN_NEXUS_USERNAME=$EXCHANGE_NEXUS_USERNAME
-export LIBEUFIN_NEXUS_PASSWORD=$EXCHANGE_NEXUS_PASSWORD
-prepare_nexus_account \
- ebicsuserExchange \
- ebicspartnerExchange \
- bankconnection-exchange \
- nexus-bankaccount-exchange \
- sandbox-account-exchange
-
-echo -n "Create Taler facade ..."
-libeufin-cli facades new-taler-wire-gateway-facade \
- --currency=$CURRENCY \
- --facade-name=facade-exchange \
- bankconnection-exchange nexus-bankaccount-exchange
-echo " OK"
-FACADE_URL=$(libeufin-cli facades list | jq .facades[0].baseUrl | tr -d \")
-
-stop_running
+print_nn("Create Sandbox superuser...")
+cmd([
+ "libeufin-cli", "superuser",
+ SANDBOX_USERNAME,
+ "--password", SANDBOX_PASSWORD
+])
+print(" OK")
+print_nn("Launching Sandbox...")
+handle_sandbox = launch("sandbox", [
+ "libeufin-sandbox", "serve",
+ "--with-unix-socket", "/tmp/sandbox.sock"
+])
+if not check_running("sandbox", SANDBOX_URL):
+ exit(1)
+print(" OK")
+
+print_nn("Make Sandbox EBICS host...")
+cmd(
+ [
+ "libeufin-cli", "sandbox",
+ "--sandbox-url", SANDBOX_URL,
+ "ebicshost", "create",
+ "--host-id", EBICS_HOST_ID,
+ ],
+ get_sandbox_cli_env(SANDBOX_USERNAME, SANDBOX_PASSWORD)
+)
+print(" OK")
+
+prepare_sandbox_account(
+ currency=CURRENCY,
+ sandbox_url=SANDBOX_URL,
+ ebics_host_id=EBICS_HOST_ID,
+ ebics_partner_id=EXCHANGE_EBICS_PARTNER_ID,
+ ebics_user_id=EXCHANGE_EBICS_USER_ID,
+ person_name="Exchange Owner",
+ bank_account_name="sandbox-account-exchange",
+ bank_account_iban=IBAN_EXCHANGE
+)
+prepare_sandbox_account(
+ currency=CURRENCY,
+ sandbox_url=SANDBOX_URL,
+ ebics_host_id=EBICS_HOST_ID,
+ ebics_partner_id="unusedMerchantEbicsPartnerId",
+ ebics_user_id="unusedMerchantEbicsUserId",
+ person_name="Shop Owner",
+ bank_account_name="sandbox-account-merchant",
+ bank_account_iban=IBAN_MERCHANT
+)
+prepare_sandbox_account(
+ currency=CURRENCY,
+ sandbox_url=SANDBOX_URL,
+ ebics_host_id=EBICS_HOST_ID,
+ ebics_partner_id="unusedCustomerEbicsPartnerId",
+ ebics_user_id="unusedCustomerEbicsUserId",
+ person_name="Customer Person",
+ bank_account_name="sandbox-account-customer",
+ bank_account_iban=IBAN_CUSTOMER
+)
+
+print_nn("Make Nexus superuser ...")
+cmd([
+ "libeufin-nexus", "superuser",
+ EXCHANGE_NEXUS_USERNAME,
+ "--password", EXCHANGE_NEXUS_PASSWORD
+])
+print(" OK")
+
+print_nn("Launching Nexus...")
+handle_nexus = launch("nexus", [
+ "libeufin-nexus", "serve",
+ "--with-unix-socket", "/tmp/nexus.sock"
+])
+if not check_running("nexus", NEXUS_URL):
+ exit(1)
+print(" OK")
+
+prepare_nexus_account(
+ ebics_url=EBICS_URL,
+ ebics_host_id=EBICS_HOST_ID,
+ ebics_partner=EXCHANGE_EBICS_PARTNER_ID,
+ ebics_user_id=EXCHANGE_EBICS_USER_ID,
+ bank_connection_name=EXCHANGE_BANK_CONNECTION_NEXUS,
+ bank_account_name_sandbox=EXCHANGE_BANK_ACCOUNT_SANDBOX,
+ bank_account_name_nexus=EXCHANGE_BANK_ACCOUNT_NEXUS,
+ get_nexus_cli_env(
+ EXCHANGE_NEXUS_USERNAME,
+ EXCHANGE_NEXUS_PASSWORD,
+ NEXUS_URL
+ )
+)
+
+print_nn("Create Taler facade ...")
+cmd(
+ "create-taler-facade",
+ [
+ "libeufin-cli", "facades",
+ "new-taler-wire-gateway-facade",
+ "--currency", CURRENCY,
+ "--facade-name", EXCHANGE_FACADE_NAME,
+ EXCHANGE_BANK_CONNECTION,
+ EXCHANGE_BANK_ACCOUNT_NEXUS
+ ],
+ get_nexus_cli_env(
+ EXCHANGE_NEXUS_USERNAME,
+ EXCHANGE_NEXUS_PASSWORD,
+ NEXUS_URL
+ )
+])
+print(" OK")
+try:
+ response = get(
+ NEXUS_URL + "/facades",
+ auth=auth.HTTPBasicAuth(
+ EXCHANGE_NEXUS_USERNAME,
+ EXCHANGE_NEXUS_PASSWORD
+ )
+ )
+ response.raise_for_status()
+except as error:
+ print(error)
+ exit(1)
+FACADE_URL=response.json().get("facade")[0].get("baseUrl")
+
+print_nn("Terminating Nexus...")
+kill("nexus", handle_nexus)
+print(" OK")
+print_nn("Terminating Sandbox...")
+kill("sandbox", handle_sandbox)
+print(" OK")
# Finish configuration now:
-taler-config -s merchant-exchange-$CURRENCY \
- -o master_key -V $EXCHANGE_MASTER_PUB
+cmd(
+ "specify-exchange-pub-for-merchant",
+ [
+ "taler-config", "-s"
+ f"merchant-exchange-{CURRENCY}",
+ "-o" "master_key", "-V",
+ EXCHANGE_MASTER_PUB
+ ]
+)
# Point the exchange to the facade.
-taler-config -s exchange-accountcredentials-1 \
- -o WIRE_GATEWAY_URL \
- -V "${FACADE_URL}"
-
-taler-config -s exchange-accountcredentials-1 \
- -o USERNAME \
- -V "${EXCHANGE_NEXUS_USERNAME}"
-
-taler-config -s exchange-accountcredentials-1 \
- -o PASSWORD \
- -V "${EXCHANGE_NEXUS_PASSWORD}"
-##
-## Step 6: Set up merchant
-##
-
-echo -n "Reset and init merchant database.."
-taler-merchant-dbinit --reset
-echo " OK"
-
-echo "Configuring instances"
-# Obsoleted: do all here.
-# taler-deployment-config-instances-iban
-export TALER_MERCHANT_TOKEN
-MERCHANT_BACKEND_PID=$(taler-merchant-httpd > /tmp/merchant.log 2>&1 & echo $!)
-
-# Create default instance
-# Create one instance
-
-
+cmd(
+ "specify-facade-url",
+ [
+ "taler-config", "-s"
+ f"exchange-account-credentials-1",
+ "-o" "wire_gateway_url",
+ "-V", FACADE_URL
+ ]
+)
+
+cmd(
+ "specify-username-for-facade",
+ [
+ "taler-config", "-s"
+ f"exchange-account-credentials-1",
+ "-o" "username",
+ "-V", EXCHANGE_NEXUS_USERNAME
+ ]
+)
+cmd(
+ "specify-password-for-facade",
+ [
+ "taler-config", "-s"
+ f"exchange-account-credentials-1",
+ "-o" "password",
+ "-V", EXCHANGE_NEXUS_PASSWORD
+ ]
+)
+## Step 6: Set up merchant
+print_nn("Reset and init merchant database...")
+cmd(["taler-merchant-dbinit", "--reset"])
+print(" OK")
-echo "Stopping all the services"
-stop_running
+# FIXME: Configure instances here!
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-deployment] branch master updated: Utilities.,
gnunet <=