diff options
author | Christian Grothoff <christian@grothoff.org> | 2020-12-28 13:14:11 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2020-12-28 13:14:11 +0100 |
commit | e413b9523b7014a108f1b6e28526b88412eeef69 (patch) | |
tree | 99d83754ece0c4eed9567e5aa6cccbb4e87429cb /debian | |
parent | 51eef33b4eccb4c77e3a47595946b3457250aeda (diff) | |
download | exchange-e413b9523b7014a108f1b6e28526b88412eeef69.tar.xz |
update Debian package instructions
Diffstat (limited to 'debian')
-rw-r--r-- | debian/libtalerexchange.install | 1 | ||||
-rw-r--r-- | debian/taler-exchange-dev.install | 1 | ||||
-rw-r--r-- | debian/taler-exchange.config | 16 | ||||
-rw-r--r-- | debian/taler-exchange.install | 1 | ||||
-rw-r--r-- | debian/taler-exchange.postinst | 151 | ||||
-rw-r--r-- | debian/taler-exchange.postrm | 35 | ||||
-rw-r--r-- | debian/taler-exchange.service | 12 | ||||
-rw-r--r-- | debian/taler-exchange.templates | 56 |
8 files changed, 207 insertions, 66 deletions
diff --git a/debian/libtalerexchange.install b/debian/libtalerexchange.install index 3de3b10a4..bfd61d628 100644 --- a/debian/libtalerexchange.install +++ b/debian/libtalerexchange.install @@ -1 +1,2 @@ usr/lib/*/*.so.* +usr/share/ diff --git a/debian/taler-exchange-dev.install b/debian/taler-exchange-dev.install index 90d8c987f..0b2ea583f 100644 --- a/debian/taler-exchange-dev.install +++ b/debian/taler-exchange-dev.install @@ -1,3 +1,2 @@ usr/include -usr/lib/*/*.so usr/lib/*/pkgconfig diff --git a/debian/taler-exchange.config b/debian/taler-exchange.config index 6daa6818e..9cb12cd78 100644 --- a/debian/taler-exchange.config +++ b/debian/taler-exchange.config @@ -4,19 +4,25 @@ set -e . /usr/share/debconf/confmodule -db_input low gnunet-systempeer/username || true +db_input low taler-exchange/eusername || true db_go -db_input low gnunet-systempeer/groupname || true +db_input low taler-exchange/rsecusername || true db_go -db_input medium gnunet-systempeer/autostart || true +db_input low taler-exchange/esecusername || true db_go -db_input medium gnunet-dns/libnsswitch || true +db_input low taler-exchange/wireusername || true db_go -db_input medium gnunet-user/proxy || true +db_input low taler-exchange/aggrusername || true +db_go + +db_input low taler-exchange/groupname || true +db_go + +db_input medium taler-exchange/autostart || true db_go db_stop diff --git a/debian/taler-exchange.install b/debian/taler-exchange.install index 984cba92b..04fc74fa9 100644 --- a/debian/taler-exchange.install +++ b/debian/taler-exchange.install @@ -1,4 +1,3 @@ etc/taler.conf usr/bin/ usr/lib/*/taler/ -usr/share/ diff --git a/debian/taler-exchange.postinst b/debian/taler-exchange.postinst index d943647b2..fb34ebe04 100644 --- a/debian/taler-exchange.postinst +++ b/debian/taler-exchange.postinst @@ -8,13 +8,25 @@ case "${1}" in configure) db_version 2.0 - db_get taler-systempeer/username - _USERNAME="${RET:-taler}" + db_get taler-exchange/eusername + _EUSERNAME="${RET:-taler-exchange-httpd}" - db_get taler-systempeer/groupname - _GROUPNAME="${RET:-taler}" + db_get taler-exchange/rsecusername + _RSECUSERNAME="${RET:-taler-helper-rsa}" - db_get taler-systempeer/autostart + db_get taler-exchange/esecusername + _ESECUSERNAME="${RET:-taler-helper-eddsa}" + + db_get taler-exchange/wireusername + _WIREUSERNAME="${RET:-taler-exchange-wire}" + + db_get taler-exchange/aggrusername + _AGGRUSERNAME="${RET:-taler-exchange-aggregator}" + + db_get taler-exchange/groupname + _GROUPNAME="${RET:-taler-private}" + + db_get taler-exchange/autostart _AUTOSTART="${RET}" # boolean db_stop @@ -33,56 +45,135 @@ case "${1}" in echo " done." fi - # Creating taler user if needed - if ! getent passwd ${_USERNAME} > /dev/null + # Creating taler users if needed + if ! getent passwd ${_EUSERNAME} > /dev/null then - echo -n "Creating new Taler user ${_USERNAME}:" - adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_USERNAME} + echo -n "Creating new Taler user ${_EUSERNAME}:" + adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/httpd ${_EUSERNAME} echo " done." fi - - # Add a special secured group - TALERDNS_GROUP="talerdns" - - # Creating talerdns group if needed - if ! getent group ${TALERDNS_GROUP} > /dev/null + if ! getent passwd ${_RSECUSERNAME} > /dev/null then - echo -n "Creating new secured Taler group ${TALERDNS_GROUP}:" - addgroup --quiet --system ${TALERDNS_GROUP} + echo -n "Creating new Taler user ${_RSECUSERNAME}:" + adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/helper-rsa ${_USERNAME} + echo " done." + fi + if ! getent passwd ${_ESECUSERNAME} > /dev/null + then + echo -n "Creating new Taler user ${_ESECUSERNAME}:" + adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/helper-eddsa ${_ESECUSERNAME} + echo " done." + fi + if ! getent passwd ${_WIREUSERNAME} > /dev/null + then + echo -n "Creating new Taler user ${_WIREUSERNAME}:" + adduser --quiet --system --home ${TALER_HOME}/wire ${_WIREUSERNAME} + echo " done." + fi + if ! getent passwd ${_AGGRUSERNAME} > /dev/null + then + echo -n "Creating new Taler user ${_AGGRUSERNAME}:" + adduser --quiet --system --home ${TALER_HOME}/aggregator ${_AGGRUSERNAME} echo " done." fi -fi - -# Writing new values to configuration file -echo -n "Writing new configuration file:" -CONFIG_NEW=$(tempfile) + # Writing new values to configuration file + echo -n "Writing new configuration file:" + CONFIG_NEW=$(tempfile) cat > "${CONFIG_NEW}" <<EOF # This file controls the behaviour of the Taler init script. # It will be parsed as a shell script. -# please do not edit by hand, use 'dpkg-reconfigure taler-systempeer'. +# please do not edit by hand, use 'dpkg-reconfigure taler-exchange'. -TALER_USER=${_USERNAME} +TALER_EUSER=${_EUSERNAME} +TALER_RSECUSER=${_RESCUSERNAME} +TALER_ESECUSER=${_ESECUSERNAME} +TALER_WIREUSER=${_WIREUSERNAME} +TALER_AGGRUSER=${_AGGRUSERNAME} TALER_GROUP=${_GROUPNAME} TALER_AUTOSTART="${_AUTOSTART}" EOF -cat > "/etc/systemd/system/taler.service" <<EOF +cat > "/etc/systemd/system/taler-exchange-httpd.service" <<EOF [Unit] -Description=GNU Taler payment system +Description=GNU Taler payment system exchange REST API +Requires=taler-exchange-helper-rsa.service taler-exchange-helper-eddsa.service +Wants=taler-exchange-wirewatch taler-exchange-aggregator taler-exchange-transfer +After=postgres.service network.target [Service] EnvironmentFile=/etc/default/taler -User=${_USERNAME} -Type=forking -ExecStart=/usr/bin/taler-arm -s -c /etc/taler.conf -ExecStop=/usr/bin/taler-arm -e -c /etc/taler.conf +User=${_EUSERNAME} +Type=simple +Restart=on-failure +ExecStart=/usr/bin/taler-exchange-httpd -c /etc/taler.conf [Install] WantedBy=multi-user.target EOF +cat > "/etc/systemd/system/taler-exchange-helper-rsa.service" <<EOF +[Unit] +Description=GNU Taler payment system exchange RSA security module + +[Service] +EnvironmentFile=/etc/default/taler +User=${_RSECUSERNAME} +Type=simple +Restart=on-failure +ExecStart=/usr/bin/taler-exchange-helper-rsa -c /etc/taler.conf + +[Install] +WantedBy=multi-user.target +EOF +cat > "/etc/systemd/system/taler-exchange-helper-eddsa.service" <<EOF +[Unit] +Description=GNU Taler payment system exchange EdDSA security module + +[Service] +EnvironmentFile=/etc/default/taler +User=${_ESECUSERNAME} +Type=simple +Restart=on-failure +ExecStart=/usr/bin/taler-exchange-helper-eddsa -c /etc/taler.conf +EOF +cat > "/etc/systemd/system/taler-exchange-wirewatch.service" <<EOF +[Unit] +Description=GNU Taler payment system exchange wirewatch service +After=network.target + +[Service] +EnvironmentFile=/etc/default/taler +User=${_WIREUSERNAME} +Type=simple +Restart=on-failure +ExecStart=/usr/bin/taler-exchange-wirewatch -c /etc/taler-wire.conf +EOF +cat > "/etc/systemd/system/taler-exchange-transfer.service" <<EOF +[Unit] +Description=GNU Taler payment system exchange transfer service +After=network.target + +[Service] +EnvironmentFile=/etc/default/taler +User=${_WIREUSERNAME} +Type=simple +Restart=on-failure +ExecStart=/usr/bin/taler-exchange-wirewatch -c /etc/taler-wire.conf +EOF +cat > "/etc/systemd/system/taler-exchange-aggregator.service" <<EOF +[Unit] +Description=GNU Taler payment system exchange aggregator service + +[Service] +EnvironmentFile=/etc/default/taler +User=${_AGGRUSERNAME} +Type=simple +Restart=on-failure +ExecStart=/usr/bin/taler-exchange-aggregator -c /etc/taler.conf +EOF + cp -f "${CONFIG_NEW}" "${CONFIG_FILE}" echo " done." diff --git a/debian/taler-exchange.postrm b/debian/taler-exchange.postrm index 2807d737a..ac696763a 100644 --- a/debian/taler-exchange.postrm +++ b/debian/taler-exchange.postrm @@ -22,27 +22,46 @@ case "${1}" in . /usr/share/debconf/confmodule db_version 2.0 - db_get taler-systempeer/username - _USERNAME="${RET:-taler}" + db_get taler-exchange/eusername + _EUSERNAME="${RET:-taler-exchange-httpd}" - db_get taler-systempeer/groupname - _GROUPNAME="${RET:-taler}" + db_get taler-exchange/rsecusername + _RSECUSERNAME="${RET:-taler-helper-rsa}" + + db_get taler-exchange/esecusername + _ESECUSERNAME="${RET:-taler-helper-eddsa}" + + db_get taler-exchange/wireusername + _WIREUSERNAME="${RET:-taler-exchange-wire}" + + db_get taler-exchange/aggrusername + _AGGRUSERNAME="${RET:-taler-exchange-aggregator}" + + db_get taler-exchange/groupname + _GROUPNAME="${RET:-taler-private}" else - _USERNAME="taler" - _GROUPNAME="taler" + _EUSERNAME="taler-exchange-httpd" + _RSECUSERNAME="taler-helper-rsa" + _ESECUSERNAME="taler-helper-eddsa" + _WIREUSERNAME="taler-exchange-wire" + _AGGRUSERNAME="taler-exchange-aggregator" + _GROUPNAME="taler-private" fi TALERDNS_GROUP="talerdns" if pathfind deluser then - deluser --quiet --system ${_USERNAME} || true + deluser --quiet --system ${_EUSERNAME} || true + deluser --quiet --system ${_RSECUSERNAME} || true + deluser --quiet --system ${_ESECUSERNAME} || true + deluser --quiet --system ${_WIREUSERNAME} || true + deluser --quiet --system ${_AGGRUSERNAME} || true fi if pathfind delgroup then delgroup --quiet --system --only-if-empty ${_GROUPNAME} || true - delgroup --quiet --system --only-if-empty ${TALERDNS_GROUP} || true fi rm -rf /var/log/taler/ /var/lib/taler /etc/default/taler diff --git a/debian/taler-exchange.service b/debian/taler-exchange.service deleted file mode 100644 index 587bf5f4c..000000000 --- a/debian/taler-exchange.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=GNU's payment system - -[Service] -EnvironmentFile=/etc/default/taler -User=${TALER_USER} -Type=forking -ExecStart=/usr/bin/gnunet-arm -s -c /etc/taler.conf -ExecStop=/usr/bin/gnunet-arm -e -c /etc/taler.conf - -[Install] -WantedBy=multi-user.target diff --git a/debian/taler-exchange.templates b/debian/taler-exchange.templates index f791b066e..1482c1356 100644 --- a/debian/taler-exchange.templates +++ b/debian/taler-exchange.templates @@ -1,26 +1,64 @@ -Template: taler-systempeer/username +Template: taler-exchange/eusername Type: string Default: taler _Description: Taler user: - Please choose the user that the Taler server process will run as. + Please choose the user that the taler-exchange-httpd process will run as. . This should be a dedicated account. If the specified account does not already exist, it will automatically be created, with no login shell. -Template: taler-systempeer/groupname +Template: taler-exchange/rsecusername +Type: string +Default: taler +_Description: Taler user: + Please choose the user that the taler-exchange-helper-rsa process will run as. + . + This should be a dedicated account. If the specified account does not + already exist, it will automatically be created, with no login shell. + +Template: taler-exchange/esecusername +Type: string +Default: taler +_Description: Taler user: + Please choose the user that the taler-exchange-helper-eddsa process will run as. + . + This should be a dedicated account. If the specified account does not + already exist, it will automatically be created, with no login shell. + +Template: taler-exchange/wireusername +Type: string +Default: taler +_Description: Taler user: + Please choose the user that the taler-exchange-transfer and + taler-exchange-wirewatch processes will run as. + . + This should be a dedicated account. If the specified account does not + already exist, it will automatically be created, with no login shell. + +Template: taler-exchange/aggrusername +Type: string +Default: taler +_Description: Taler user: + Please choose the user that the taler-exchange-aggregator process will run as. + . + This should be a dedicated account. If the specified account does not + already exist, it will automatically be created, with no login shell. + +Template: taler-exchange/groupname Type: string Default: taler _Description: Taler group: - Please choose the group that the Taler peer process will run as. + Please choose the group that the Taler exchange and security + modules will run as. . This should be a dedicated group, not one that already owns data. - Only the members of this group will have access to Taler data, and - be allowed to start and stop the Taler server. + Only the members of this group will have access to Taler private + online signing keys. -Template: taler-systempeer/autostart +Template: taler-exchange/autostart Type: boolean Default: true -_Description: Should the Taler server be launched on boot? - If you choose this option, a Taler peer will be launched each time +_Description: Should the Taler exchange be launched on boot? + If you choose this option, a Taler exchange will be launched each time the system is started. Otherwise, you will need to launch Taler each time you want to use it. |