config() { NEW="$1" OLD="$(dirname $NEW)/$(basename $NEW .new)" # If there's no config file by that name, mv it over: if [ ! -r $OLD ]; then mv $NEW $OLD elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy rm $NEW fi # Otherwise, we leave the .new copy for the admin to consider... } # Group for all taler exchange users. if ! getent group taler >/dev/null; then groupadd taler \ --system \ || true fi # Group for all Taler users with direct database access. if ! getent group taler-exchange-db >/dev/null; then groupadd taler-exchange-db \ --system \ || true fi # Group for processes with access to online signing keys. if ! getent group taler-exchange-secmod >/dev/null; then groupadd taler-exchange-secmod \ --system \ || true fi # Group for the access to the offline private key. if ! getent group taler-exchange-offline >/dev/null; then groupadd taler-exchange-offline \ --system \ || true fi if ! getent passwd taler-exchange-offline >/dev/null; then useradd taler-exchange-offline \ --comment 'Runs the HTTP daemon with the core business logic' \ --groups taler-exchange-db \ --system \ --home-dir /var/lib/taler \ || true fi if ! getent passwd taler-exchange-secmod-rsa >/dev/null; then useradd taler-exchange-secmod-rsa \ --comment 'Manages the RSA private online signing keys' \ --gid taler \ --groups taler-exchange-secmod \ --system \ --home-dir /var/lib/taler \ || true fi if ! getent passwd taler-secmod-cs >/dev/null; then useradd taler-exchange-secmod-cs \ --comment 'Manages the CS private online signing keys' \ --gid taler \ --groups taler-exchange-secmod \ --system \ --home-dir /var/lib/taler \ || true fi if ! getent passwd taler-exchange-secmod-eddsa >/dev/null; then useradd taler-exchange-secmod-eddsa \ --comment 'Manages the EdDSA private online signing keys' \ --gid taler \ --groups taler-exchange-secmod \ --system \ --home-dir /var/lib/taler \ || true fi if ! getent passwd taler-exchange-closer >/dev/null; then useradd taler-exchange-closer \ --comment 'Closes idle reserves by triggering wire transfers that refund the originator' \ --gid taler \ --groups taler-exchange-db \ --system \ --home-dir /var/lib/taler \ || true fi if ! getent passwd taler-exchange-aggregator >/dev/null; then useradd taler-exchange-aggregator \ --comment 'Aggregates deposits into larger wire transfer requests' \ --gid taler \ --groups taler-exchange-db \ --system \ --home-dir /var/lib/taler \ || true fi if ! getent passwd taler-exchange-transfer >/dev/null; then useradd taler-exchange-transfer \ --comment 'Performs wire transfers with the bank (via LibEuFin/Nexus)' \ --gid taler \ --groups taler-exchange-db \ --system \ --home-dir /var/lib/taler \ || true fi if ! getent passwd taler-exchange-wirewatch >/dev/null; then useradd taler-exchange-wirewatch \ --comment 'Checks for incoming wire transfers with the bank (via LibEuFin/Nexus)' \ --gid taler \ --groups taler-exchange-db \ --system \ --home-dir /var/lib/taler \ || true fi if ! getent passwd taler-exchange-offline >/dev/null; then useradd taler-exchange-offline \ --comment 'User for the access to the offline private key.' \ --gid taler \ --groups taler-exchange-offline \ --system \ --home-dir /var/lib/taler \ || true fi config etc/httpd/sites-available/taler-exchange.conf.new config etc/rc.d/rc.taler-exchange.new config etc/taler/conf.d/exchange-business.conf.new config etc/taler/conf.d/exchange-coins.conf.new config etc/taler/conf.d/exchange-system.conf.new config etc/taler/secrets/exchange-accountcredentials-1.secret.conf.new config etc/taler/secrets/exchange-db.secret.conf.new chown root:taler etc/taler/secrets chown root:taler var/cache/taler chown root:taler var/lib/taler chown root:taler var/log/taler chown :taler etc/taler/secrets/exchange-accountcredentials-1.secret.conf.new chown :taler-exchange-db etc/taler/secrets/exchange-db.secret.conf.new