aboutsummaryrefslogtreecommitdiff
path: root/taler-exchange
diff options
context:
space:
mode:
authorSlack Coder <slackcoder@server.ky>2023-11-29 10:35:20 -0500
committerSlack Coder <slackcoder@server.ky>2024-03-12 16:38:56 -0500
commitb9eaaf853abd4250a6bc424914dae5189bc23de6 (patch)
tree873ca2d04e4c7f5516876822dafd0f0b38b01f5b /taler-exchange
parentd978a115ef800c22e5cc1a30d075b26c896cabad (diff)
downloadslackbuilds-b9eaaf853abd4250a6bc424914dae5189bc23de6.tar.xz
Add GNU Taler
Add the following packages and dependencies to build them from their git source repositories. - taler-exchange - taler-merchant - libeufin
Diffstat (limited to 'taler-exchange')
-rw-r--r--taler-exchange/README59
-rw-r--r--taler-exchange/doinst.sh146
-rwxr-xr-xtaler-exchange/download.sh29
-rw-r--r--taler-exchange/root/etc/httpd/sites-available/taler-exchange.conf.new4
-rwxr-xr-xtaler-exchange/root/etc/rc.d/rc.taler-exchange.new305
-rw-r--r--taler-exchange/root/etc/taler/conf.d/exchange-business.conf.new48
-rw-r--r--taler-exchange/root/etc/taler/conf.d/exchange-coins.conf.new34
-rw-r--r--taler-exchange/root/etc/taler/conf.d/exchange-system.conf.new10
-rw-r--r--taler-exchange/root/etc/taler/secrets/exchange-accountcredentials-1.secret.conf.new16
-rw-r--r--taler-exchange/root/etc/taler/secrets/exchange-db.secret.conf.new10
-rw-r--r--taler-exchange/slack-desc6
-rwxr-xr-xtaler-exchange/taler-exchange.SlackBuild49
-rw-r--r--taler-exchange/taler-exchange.info8
13 files changed, 673 insertions, 51 deletions
diff --git a/taler-exchange/README b/taler-exchange/README
index 2ea3751..de731fe 100644
--- a/taler-exchange/README
+++ b/taler-exchange/README
@@ -1,6 +1,59 @@
The exchange for the Taler payment system.
-The development version is used for this build. Taler also requires some
-bootstrapping in order to follow the usual build steps.
+Building this package on Slackware 15.0 requires:
-Download and create the expected sourcecode into a tar file by running ./download.sh.
+ - Postgres 15.x or greater, slackbuilds.org has version 14.x.
+ - Build a newer version of llvm, by setting CC=clang, and installing llvm from Slackware Current.
+ - The pre-release version of Gnunet.
+
+Installing this package automatically creates a number of supporting system
+users for the exchange. All are listed in the 'taler-exchange' user group.
+
+The taler exchange runs in a system of services, and a postgres database must
+be configured to service them. The setup described here assumes postgres was
+installed with using 'Peer authentication' by default (omitting '-A md5' when
+running 'initdb' after postgres installation).
+
+Create the database and its users for system users which require it:
+
+```
+sudo -u postgres -- createuser taler-exchange-httpd
+sudo -u postgres -- createuser taler-exchange-aggregator
+sudo -u postgres -- createuser taler-exchange-closer
+sudo -u postgres -- createuser taler-exchange-transfer
+sudo -u postgres -- createuser taler-exchange-wirewatch
+sudo -u postgres -- createdb taler-exchange --owner taler-exchange-httpd
+```
+
+Initialize the database schema, which should also be done after upgrades:
+
+```
+sudo -u taler-exchange-httpd -- taler-exchange-dbinit
+```
+
+Grant the user access to their tables in the database:
+
+```
+sudo -u taler-exchange-httpd psql taler-exchange << EOF
+ GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN SCHEMA exchange TO "taler-exchange-aggregator";
+ GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN SCHEMA exchange TO "taler-exchange-closer";
+ GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN SCHEMA exchange TO "taler-exchange-transfer";
+ GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN SCHEMA exchange TO "taler-exchange-wirewatch";
+ GRANT USAGE ON ALL SEQUENCES IN SCHEMA exchange TO "taler-exchange-aggregator";
+ GRANT USAGE ON ALL SEQUENCES IN SCHEMA exchange TO "taler-exchange-closer";
+ GRANT USAGE ON ALL SEQUENCES IN SCHEMA exchange TO "taler-exchange-transfer";
+ GRANT USAGE ON ALL SEQUENCES IN SCHEMA exchange TO "taler-exchange-wirewatch";
+EOF
+```
+
+To have the taler system start and stop with your host, add to /etc/rc.d/rc.local:
+
+ if [ -x /etc/rc.d/rc.taler-exchange ]; then
+ /etc/rc.d/rc.taler-exchange start
+ fi
+
+And to /etc/rc.d/rc.local_shutdown (creating if needed):
+
+ if [ -x /etc/rc.d/rc.taler-exchange ]; then
+ /etc/rc.d/rc.taler-exchange stop
+ fi
diff --git a/taler-exchange/doinst.sh b/taler-exchange/doinst.sh
new file mode 100644
index 0000000..e9cbe05
--- /dev/null
+++ b/taler-exchange/doinst.sh
@@ -0,0 +1,146 @@
+config() {
+ NEW="$1"
+ OLD="$(dirname $NEW)/$(basename $NEW .new)"
+ # If there's no config file by that name, mv it over:
+ if [ ! -r $OLD ]; then
+ mv $NEW $OLD
+ elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+ # toss the redundant copy
+ rm $NEW
+ fi
+ # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+# Group for all taler exchange users.
+if ! getent group taler >/dev/null; then
+ groupadd taler \
+ --system \
+ || true
+fi
+
+# Group for all Taler users with direct database access.
+if ! getent group taler-exchange-db >/dev/null; then
+ groupadd taler-exchange-db \
+ --system \
+ || true
+fi
+
+# Group for processes with access to online signing keys.
+if ! getent group taler-exchange-secmod >/dev/null; then
+ groupadd taler-exchange-secmod \
+ --system \
+ || true
+fi
+
+# Group for the access to the offline private key.
+if ! getent group taler-exchange-offline >/dev/null; then
+ groupadd taler-exchange-offline \
+ --system \
+ || true
+fi
+
+if ! getent passwd taler-exchange-offline >/dev/null; then
+ useradd taler-exchange-offline \
+ --comment 'Runs the HTTP daemon with the core business logic' \
+ --groups taler-exchange-db \
+ --system \
+ --home-dir /var/lib/taler \
+ || true
+fi
+
+if ! getent passwd taler-exchange-secmod-rsa >/dev/null; then
+ useradd taler-exchange-secmod-rsa \
+ --comment 'Manages the RSA private online signing keys' \
+ --gid taler \
+ --groups taler-exchange-secmod \
+ --system \
+ --home-dir /var/lib/taler \
+ || true
+fi
+
+if ! getent passwd taler-secmod-cs >/dev/null; then
+ useradd taler-exchange-secmod-cs \
+ --comment 'Manages the CS private online signing keys' \
+ --gid taler \
+ --groups taler-exchange-secmod \
+ --system \
+ --home-dir /var/lib/taler \
+ || true
+fi
+
+if ! getent passwd taler-exchange-secmod-eddsa >/dev/null; then
+ useradd taler-exchange-secmod-eddsa \
+ --comment 'Manages the EdDSA private online signing keys' \
+ --gid taler \
+ --groups taler-exchange-secmod \
+ --system \
+ --home-dir /var/lib/taler \
+ || true
+fi
+
+if ! getent passwd taler-exchange-closer >/dev/null; then
+ useradd taler-exchange-closer \
+ --comment 'Closes idle reserves by triggering wire transfers that refund the originator' \
+ --gid taler \
+ --groups taler-exchange-db \
+ --system \
+ --home-dir /var/lib/taler \
+ || true
+fi
+
+if ! getent passwd taler-exchange-aggregator >/dev/null; then
+ useradd taler-exchange-aggregator \
+ --comment 'Aggregates deposits into larger wire transfer requests' \
+ --gid taler \
+ --groups taler-exchange-db \
+ --system \
+ --home-dir /var/lib/taler \
+ || true
+fi
+
+if ! getent passwd taler-exchange-transfer >/dev/null; then
+ useradd taler-exchange-transfer \
+ --comment 'Performs wire transfers with the bank (via LibEuFin/Nexus)' \
+ --gid taler \
+ --groups taler-exchange-db \
+ --system \
+ --home-dir /var/lib/taler \
+ || true
+fi
+
+if ! getent passwd taler-exchange-wirewatch >/dev/null; then
+ useradd taler-exchange-wirewatch \
+ --comment 'Checks for incoming wire transfers with the bank (via LibEuFin/Nexus)' \
+ --gid taler \
+ --groups taler-exchange-db \
+ --system \
+ --home-dir /var/lib/taler \
+ || true
+fi
+
+if ! getent passwd taler-exchange-offline >/dev/null; then
+ useradd taler-exchange-offline \
+ --comment 'User for the access to the offline private key.' \
+ --gid taler \
+ --groups taler-exchange-offline \
+ --system \
+ --home-dir /var/lib/taler \
+ || true
+fi
+
+config etc/httpd/sites-available/taler-exchange.conf.new
+config etc/rc.d/rc.taler-exchange.new
+config etc/taler/conf.d/exchange-business.conf.new
+config etc/taler/conf.d/exchange-coins.conf.new
+config etc/taler/conf.d/exchange-system.conf.new
+config etc/taler/secrets/exchange-accountcredentials-1.secret.conf.new
+config etc/taler/secrets/exchange-db.secret.conf.new
+
+chown root:taler etc/taler/secrets
+chown root:taler var/cache/taler
+chown root:taler var/lib/taler
+chown root:taler var/log/taler
+
+chown :taler etc/taler/secrets/exchange-accountcredentials-1.secret.conf.new
+chown :taler-exchange-db etc/taler/secrets/exchange-db.secret.conf.new
+chown :taler-exchange-db etc/taler/secrets/exchange-db.secret.conf.new
diff --git a/taler-exchange/download.sh b/taler-exchange/download.sh
deleted file mode 100755
index 31d62bd..0000000
--- a/taler-exchange/download.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-
-# exit early on error
-set -e
-
-GIT_REPO=${GIT_REPO:-https://git.taler.net/exchange.git}
-GIT_REPO_NAME=exchange
-PRGNAM=taler-exchange
-VERSION=${VERSION:-dadb96}
-
-CWD=$(pwd)
-OUTPUT="${OUTPUT:-/tmp}"
-PKG="$TMP/package-$PRGNAM"
-TMP=${TMP:-/tmp/sky}
-
-mkdir -p "$TMP"
-cd "$TMP"
-rm -fr "$GIT_REPO_NAME" "$PRGNAM-$VERSION"
-git clone "$GIT_REPO"
-mv "$GIT_REPO_NAME" "$PRGNAM-$VERSION"
-
-cd "$PRGNAM-$VERSION"
-git checkout "$VERSION"
-./bootstrap
-rm -fr .git
-
-cd "$TMP"
-tar -f "$OUTPUT/$PRGNAM-$VERSION.tar.gz" -C "$TMP" -cj "$PRGNAM-$VERSION"
-echo "$OUTPUT/$PRGNAM-$VERSION.tar.gz"
diff --git a/taler-exchange/root/etc/httpd/sites-available/taler-exchange.conf.new b/taler-exchange/root/etc/httpd/sites-available/taler-exchange.conf.new
new file mode 100644
index 0000000..39f2643
--- /dev/null
+++ b/taler-exchange/root/etc/httpd/sites-available/taler-exchange.conf.new
@@ -0,0 +1,4 @@
+<Location "/taler-exchange/">
+ ProxyPass "unix:/run/taler/exchange-httpd/exchange-http.sock|http://example.com/"
+ RequestHeader add "X-Forwarded-Proto" "https"
+</Location>
diff --git a/taler-exchange/root/etc/rc.d/rc.taler-exchange.new b/taler-exchange/root/etc/rc.d/rc.taler-exchange.new
new file mode 100755
index 0000000..b032830
--- /dev/null
+++ b/taler-exchange/root/etc/rc.d/rc.taler-exchange.new
@@ -0,0 +1,305 @@
+#!/bin/sh
+#
+# Startup/shutdown script for GNU Taler's exchange.
+#
+
+create_run_dir() {
+ if [ ! -d /run/taler/ ]; then
+ mkdir -p /run/taler
+ chown :taler /run/taler
+ chmod g+wX /run/taler
+ fi
+}
+
+start_httpd() {
+ echo "Starting Taler Exchange's httpd service"
+ create_run_dir
+
+ daemon \
+ --name=taler-exchange-httpd \
+ --user=taler-exchange-httpd \
+ --pidfiles=/run/taler \
+ --output=/var/log/taler/taler-exchange-httpd.log \
+ -- taler-exchange-httpd --config /etc/taler/taler.conf
+}
+
+status_httpd() {
+ /usr/bin/daemon --name=taler-exchange-httpd --pidfiles=/run/taler --running --verbose
+}
+
+stop_httpd() {
+ echo "Stopping Taler Exchange's httpd service"
+ /usr/bin/daemon --name=taler-exchange-httpd --pidfiles=/run/taler --stop
+}
+
+start_aggregator() {
+ echo "Starting Taler Exchange's aggregator service"
+ create_run_dir
+
+ daemon \
+ --name=taler-exchange-aggregator \
+ --user=taler-exchange-aggregator \
+ --pidfiles=/run/taler \
+ --output=/var/log/taler/taler-exchange-aggregator.log \
+ -- taler-exchange-aggregator --config /etc/taler/taler.conf
+}
+
+status_aggregator() {
+ /usr/bin/daemon --name=taler-exchange-aggregator --pidfiles=/run/taler --running --verbose
+}
+
+stop_aggregator() {
+ echo "Stopping Taler Exchange's aggregator service"
+ /usr/bin/daemon --name=taler-exchange-aggregator --pidfiles=/run/taler --stop
+}
+
+start_closer() {
+ echo "Starting Taler Exchange's closer service"
+ create_run_dir
+
+ daemon \
+ --name=taler-exchange-closer \
+ --user=taler-exchange-closer \
+ --pidfiles=/run/taler \
+ --output=/var/log/taler/taler-exchange-closer.log \
+ -- taler-exchange-closer --config /etc/taler/taler.conf
+}
+
+status_closer() {
+ /usr/bin/daemon --name=taler-exchange-closer --pidfiles=/run/taler --running --verbose
+}
+
+stop_closer() {
+ echo "Stopping Taler Exchange's closer service"
+ /usr/bin/daemon --name=taler-exchange-closer --pidfiles=/run/taler --stop
+}
+
+start_secmod_cs() {
+ echo "Starting Taler Exchange's secmod-cs service"
+ create_run_dir
+
+ daemon \
+ --name=taler-exchange-secmod-cs \
+ --user=taler-exchange-secmod-cs \
+ --pidfiles=/run/taler \
+ --output=/var/log/taler/taler-exchange-secmod-cs.log \
+ -- taler-exchange-secmod-cs --config /etc/taler/taler.conf
+}
+
+status_secmod_cs() {
+ /usr/bin/daemon --name=taler-exchange-secmod-cs --pidfiles=/run/taler --running --verbose
+}
+
+stop_secmod_cs() {
+ echo "Stopping Taler Exchange's secmod-cs service"
+ /usr/bin/daemon --name=taler-exchange-secmod-cs --pidfiles=/run/taler --stop
+}
+
+start_secmod_rsa() {
+ echo "Starting Taler Exchange's secmod-rsa service"
+ create_run_dir
+
+ daemon \
+ --name=taler-exchange-secmod-rsa \
+ --user=taler-exchange-secmod-rsa \
+ --pidfiles=/run/taler \
+ --output=/var/log/taler/taler-exchange-secmod-rsa.log \
+ -- taler-exchange-secmod-rsa --config /etc/taler/taler.conf
+}
+
+status_secmod_rsa() {
+ /usr/bin/daemon --name=taler-exchange-secmod-rsa --pidfiles=/run/taler --running --verbose
+}
+
+stop_secmod_rsa() {
+ echo "Stopping Taler Exchange's secmod-rsa service"
+ /usr/bin/daemon --name=taler-exchange-secmod-rsa --pidfiles=/run/taler --stop
+}
+
+start_secmod_eddsa() {
+ echo "Starting Taler Exchange's secmod-eddsa service"
+ create_run_dir
+
+ daemon \
+ --name=taler-exchange-secmod-eddsa \
+ --user=taler-exchange-secmod-eddsa \
+ --pidfiles=/run/taler \
+ --output=/var/log/taler/taler-exchange-secmod-eddsa.log \
+ -- taler-exchange-secmod-eddsa --config /etc/taler/taler.conf
+}
+
+stop_secmod_eddsa() {
+ echo "Stopping Taler Exchange's secmod-eddsa service"
+ /usr/bin/daemon --name=taler-exchange-secmod-eddsa --pidfiles=/run/taler --stop
+}
+
+start_transfer() {
+ echo "Starting Taler Exchange's transfer service"
+ create_run_dir
+
+ daemon \
+ --name=taler-exchange-transfer \
+ --user=taler-exchange-transfer \
+ --pidfiles=/run/taler \
+ --output=/var/log/taler/taler-exchange-transfer.log \
+ -- taler-exchange-transfer --config /etc/taler/taler.conf
+}
+
+status_transfer() {
+ /usr/bin/daemon --name=taler-exchange-transfer --pidfiles=/run/taler --running --verbose
+}
+
+stop_transfer() {
+ echo "Stopping Taler Exchange's transfer service"
+ /usr/bin/daemon --name=taler-exchange-transfer --pidfiles=/run/taler --stop
+}
+
+start_wirewatch() {
+ echo "Starting Taler Exchange's wirewatch service"
+ create_run_dir
+
+ daemon \
+ --name=taler-exchange-wirewatch \
+ --user=taler-exchange-wirewatch \
+ --pidfiles=/run/taler \
+ --output=/var/log/taler/taler-exchange-wirewatch.log \
+ -- taler-exchange-wirewatch --config /etc/taler/taler.conf
+}
+
+status_wirewatch() {
+ /usr/bin/daemon --name=taler-exchange-wirewatch --pidfiles=/run/taler --running --verbose
+}
+
+stop_wirewatch() {
+ echo "Stopping Taler Exchange's wirewatch service"
+ /usr/bin/daemon --name=taler-exchange-wirewatch --pidfiles=/run/taler --stop
+}
+
+start() {
+ start_httpd
+ start_aggregator
+ start_closer
+ start_secmod_cs
+ start_secmod_rsa
+ start_secmod_eddsa
+ start_transfer
+ start_wirewatch
+}
+
+status() {
+ status_httpd
+ status_aggregator
+ status_closer
+ status_secmod_cs
+ status_secmod_rsa
+ status_transfer
+ status_wirewatch
+}
+
+stop() {
+ stop_httpd
+ stop_aggregator
+ stop_closer
+ stop_secmod_cs
+ stop_secmod_rsa
+ stop_transfer
+ stop_wirewatch
+}
+
+case "$1" in
+start-httpd)
+ start_httpd
+ ;;
+status-httpd)
+ status_httpd
+ ;;
+stop-httpd)
+ stop_httpd
+ ;;
+
+start-aggregator)
+ start_aggregator
+ ;;
+status-aggregator)
+ status_aggregator
+ ;;
+stop-aggregator)
+ stop_aggregator
+ ;;
+
+start-closer)
+ start_closer
+ ;;
+status-closer)
+ status_closer
+ ;;
+stop-closer)
+ stop_closer
+ ;;
+
+start-secmod_cs)
+ start_secmod_cs
+ ;;
+status-secmod_cs)
+ status_secmod_cs
+ ;;
+stop-secmod_cs)
+ stop_secmod_cs
+ ;;
+
+start-secmod_rsa)
+ start_secmod_rsa
+ ;;
+status-secmod_rsa)
+ status_secmod_rsa
+ ;;
+stop-secmod_rsa)
+ stop_secmod_rsa
+ ;;
+
+start-secmod_eddsa)
+ start_secmod_eddsa
+ ;;
+status-secmod_eddsa)
+ status_secmod_eddsa
+ ;;
+stop-secmod_eddsa)
+ stop_secmod_eddsa
+ ;;
+
+start-transfer)
+ start_transfer
+ ;;
+status-transfer)
+ status_transfer
+ ;;
+stop-transfer)
+ stop_transfer
+ ;;
+
+start-wirewatch)
+ start_wirewatch
+ ;;
+status-wirewatch)
+ status_wirewatch
+ ;;
+stop-wirewatch)
+ stop_wirewatch
+ ;;
+
+start)
+ start
+ ;;
+status)
+ status
+ ;;
+stop)
+ stop
+ ;;
+*)
+ echo "Usage: $0 {start\(-*\)|stop\(-*\)|status\(-*\)}"
+ exit 1
+esac
+
+
+
diff --git a/taler-exchange/root/etc/taler/conf.d/exchange-business.conf.new b/taler-exchange/root/etc/taler/conf.d/exchange-business.conf.new
new file mode 100644
index 0000000..f56e47b
--- /dev/null
+++ b/taler-exchange/root/etc/taler/conf.d/exchange-business.conf.new
@@ -0,0 +1,48 @@
+# Configuration for business-level aspects of the exchange.
+
+[exchange]
+
+# Here you MUST add the master public key of the offline system
+# which you can get using `taler-exchange-offline setup`.
+# This is just an example, your key will be different!
+# MASTER_PUBLIC_KEY = YE6Q6TR1EDB7FD0S68TGDZGF1P0GHJD2S0XVV8R2S62MYJ6HJ4ZG
+# MASTER_PUBLIC_KEY =
+
+# Publicly visible base URL of the exchange.
+# BASE_URL = https://example.com/
+# BASE_URL =
+
+# Here you MUST configure the amount above which transactions are
+# always subject to manual AML review.
+# AML_THRESHOLD =
+
+# Attribute encryption key for storing attributes encrypted
+# in the database. Should be a high-entropy nonce.
+ATTRIBUTE_ENCRYPTION_KEY = SET_ME_PLEASE
+
+# For your terms of service and privacy policy, you should specify
+# an Etag that must be updated whenever there are significant
+# changes to either document. The format is up to you, what matters
+# is that the value is updated and never re-used. See the HTTP
+# specification on Etags.
+# TERMS_ETAG =
+# PRIVACY_ETAG =
+
+SERVE = unix
+UNIXPATH_MODE = 666
+
+# Bank accounts used by the exchange should be specified here:
+[exchange-account-1]
+
+ENABLE_CREDIT = NO
+ENABLE_DEBIT = NO
+
+# Account identifier in the form of an RFC-8905 payto:// URI.
+# For SEPA, looks like payto://sepa/$IBAN?receiver-name=$NAME
+# Make sure to URL-encode spaces in $NAME!
+PAYTO_URI =
+
+# Credentials to access the account are in a separate
+# config file with restricted permissions.
+@inline-secret@ exchange-accountcredentials-1 ../secrets/exchange-accountcredentials-1.secret.conf
+
diff --git a/taler-exchange/root/etc/taler/conf.d/exchange-coins.conf.new b/taler-exchange/root/etc/taler/conf.d/exchange-coins.conf.new
new file mode 100644
index 0000000..562ba05
--- /dev/null
+++ b/taler-exchange/root/etc/taler/conf.d/exchange-coins.conf.new
@@ -0,0 +1,34 @@
+#
+# This configuration file specifies the various denominations offered by your
+# exchange.
+#
+# Each denomination must be specified in a sections starting with
+# "coin_".
+#
+# What follows is an example.
+#
+
+# [coin_FOO]
+## Actual value of the coin
+#VALUE = KUDOS:1
+
+## How long will one key be used for withdrawals?
+#DURATION_WITHDRAW = 7 days
+
+## How long do users have to spend their coins?
+#DURATION_SPEND = 2 years
+
+## How long does the exchange keep the proofs around for legal disputes?
+#DURATION_LEGAL = 6 years
+
+## Fees charged. Note that for the lowest denomination, the
+## fee must precisely be the lowest denomination, or zero.
+#FEE_WITHDRAW = KUDOS:0
+#FEE_DEPOSIT = KUDOS:0
+#FEE_REFRESH = KUDOS:0
+#FEE_REFUND = KUDOS:0
+
+## How long should the RSA keys be. Do not change unless you really know
+## what you are doing (consult your local cryptographer first!).
+#RSA_KEYSIZE = 2048
+
diff --git a/taler-exchange/root/etc/taler/conf.d/exchange-system.conf.new b/taler-exchange/root/etc/taler/conf.d/exchange-system.conf.new
new file mode 100644
index 0000000..75c670f
--- /dev/null
+++ b/taler-exchange/root/etc/taler/conf.d/exchange-system.conf.new
@@ -0,0 +1,10 @@
+# Configuration settings for system parameters of the exchange.
+
+# Read secret sections into configuration, but only
+# if we have permission to do so.
+@inline-secret@ exchangedb-postgres ../secrets/exchange-db.secret.conf
+
+[exchange]
+
+# Only supported database is Postgres right now.
+DATABASE = postgres
diff --git a/taler-exchange/root/etc/taler/secrets/exchange-accountcredentials-1.secret.conf.new b/taler-exchange/root/etc/taler/secrets/exchange-accountcredentials-1.secret.conf.new
new file mode 100644
index 0000000..603dc60
--- /dev/null
+++ b/taler-exchange/root/etc/taler/secrets/exchange-accountcredentials-1.secret.conf.new
@@ -0,0 +1,16 @@
+# This file contains the secret credentials
+# to access the Taler Wire Gateway API (usually
+# provided by LibEuFin) for the exchange accounts.
+#
+# Each exchange-account-* section should have a matching
+# exchange-accountcredentials-* section here.
+#
+# Each of those sections must be imported via @inline-secret@,
+# usually in conf.d/exchange-business.conf.
+
+[exchange-accountcredentials-1]
+
+wire_gateway_auth_method = basic
+password =
+username =
+wire_gateway_url =
diff --git a/taler-exchange/root/etc/taler/secrets/exchange-db.secret.conf.new b/taler-exchange/root/etc/taler/secrets/exchange-db.secret.conf.new
new file mode 100644
index 0000000..08c2007
--- /dev/null
+++ b/taler-exchange/root/etc/taler/secrets/exchange-db.secret.conf.new
@@ -0,0 +1,10 @@
+# Database configuration for the Taler exchange.
+
+[exchangedb-postgres]
+
+# Typically, there should only be a single line here, of the form:
+
+CONFIG=postgres:///taler-exchange
+
+# The details of the URI depend on where the database lives and how
+# access control was configured.
diff --git a/taler-exchange/slack-desc b/taler-exchange/slack-desc
index e4aaa1d..712c373 100644
--- a/taler-exchange/slack-desc
+++ b/taler-exchange/slack-desc
@@ -4,9 +4,3 @@ taler-exchange:
taler-exchange: The exchange for the Taler payment system.
taler-exchange:
taler-exchange:
-taler-exchange:
-taler-exchange:
-taler-exchange:
-taler-exchange:
-taler-exchange:
-taler-exchange:
diff --git a/taler-exchange/taler-exchange.SlackBuild b/taler-exchange/taler-exchange.SlackBuild
index 5e59b9f..7234194 100755
--- a/taler-exchange/taler-exchange.SlackBuild
+++ b/taler-exchange/taler-exchange.SlackBuild
@@ -1,10 +1,13 @@
#!/bin/sh
PRGNAM=taler-exchange
-VERSION=${VERSION:-0.8.4}
+VERSION=${VERSION:-0.9.4a}
BUILD=${BUILD:-1}
TAG=${TAG:-_slackcoder}
+TALER_GID=${TALER_GID:-704}
+TALER_EXCHANGE_DB_GID=${TALER_EXCHANGE_DB_GID:-705}
+
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) ARCH=i586 ;;
@@ -37,9 +40,9 @@ set -e
rm -rf $PKG
mkdir -p $TMP $PKG $OUTPUT
cd $TMP
-rm -rf $PRGNAM-$VERSION
-tar xvf $CWD/$PRGNAM-$VERSION*.tar.gz
-cd $PRGNAM-$VERSION
+rm -rf $PRGNAM-0.9.4a
+tar xvf $CWD/$PRGNAM-0.9.4a.tar.gz
+cd $PRGNAM-0.9.4a
chown -R root:root .
find -L . \
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
@@ -53,7 +56,7 @@ find -L . \
--sysconfdir=/etc \
--localstatedir=/var \
--mandir=/usr/man \
- --docdir=/usr/doc/$PRGNAM-$VERSION \
+ --docdir=/usr/doc/$PRGNAM-0.9.4a \
--disable-static \
--build=$ARCH-slackware-linux
make
@@ -62,12 +65,40 @@ make DESTDIR="$PKG" install
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
-mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
-cp -a README $PKG/usr/doc/$PRGNAM-$VERSION
-cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+mkdir -p $PKG/usr/doc/$PRGNAM-0.9.4a
+cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-0.9.4a/$PRGNAM.SlackBuild
+cat $CWD/README > $PKG/usr/doc/$PRGNAM-0.9.4a/README_slackware.txt
+cp -a \
+ AUTHORS \
+ COPYING \
+ ChangeLog \
+ INSTALL \
+ NEWS \
+ README \
+ README.1st \
+ $PKG/usr/doc/$PRGNAM-0.9.4a
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
+cat $CWD/doinst.sh > $PKG/install/doinst.sh
+
+mkdir -p $PKG/etc/taler/secrets
+chown root:$TALER_GID $PKG/etc/taler/secrets
+mkdir -p $PKG/var/cache/taler
+chown root:$TALER_GID $PKG/var/cache/taler
+chmod g+w $PKG/var/cache/taler
+mkdir -p $PKG/var/lib/taler
+chown root:$TALER_GID $PKG/var/lib/taler
+chmod g+w $PKG/var/lib/taler
+mkdir -p $PKG/var/log/taler
+chown root:$TALER_GID $PKG/var/log/taler
+chmod g+w $PKG/var/log/taler
+
+(cd $CWD/root && find . -type f -not -path . -exec install -D -m 755 {} "$PKG/{}" \; )
+chown :$TALER_GID $PKG/etc/taler/secrets/exchange-accountcredentials-1.secret.conf.new
+chown :$TALER_EXCHANGE_DB_GID $PKG/etc/taler/secrets/exchange-db.secret.conf.new
+chown :$TALER_EXCHANGE_DB_GID $PKG/etc/taler/secrets/exchange-db.secret.conf.new
+chmod -R u=rwX,g=rX,o= $PKG/etc/taler/secrets/*
cd $PKG
-/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-txz}
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-0.9.4a-$ARCH-$BUILD$TAG.${PKGTYPE:-txz}
diff --git a/taler-exchange/taler-exchange.info b/taler-exchange/taler-exchange.info
index a6bbf39..0a1558a 100644
--- a/taler-exchange/taler-exchange.info
+++ b/taler-exchange/taler-exchange.info
@@ -1,8 +1,8 @@
PRGNAM="taler-exchange"
-VERSION="0.8.4"
+VERSION="0.9.4a"
HOMEPAGE="https://taler.net"
-DOWNLOAD="https://ftpmirror.gnu.org/taler/taler-exchange-0.8.4.tar.gz"
-MD5SUM="fb9d15d363a7b8069f3cb220fefa996c"
-REQUIRES="gnunet Jinja2"
+DOWNLOAD="https://ftpmirror.gnu.org/gnu/taler/taler-exchange-0.9.4a.tar.gz"
+MD5SUM="04705ee8fc210ec161b5ba5e4b007d3b"
+REQUIRES="gnunet jq postgresql"
MAINTAINER="Slack Coder"
EMAIL="slackcoder@server.ky"