aboutsummaryrefslogtreecommitdiff
path: root/debian/taler-exchange.postinst
blob: 67672bde0d2df9bd07877a7e9da19184c46d737c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#!/bin/bash

set -e

. /usr/share/debconf/confmodule

TALER_HOME="/var/lib/taler-exchange"
CONFIG_FILE="/etc/default/taler-exchange"
_GROUPNAME=taler-exchange-secmod
_DBGROUPNAME=taler-exchange-db
_EUSERNAME=taler-exchange-httpd
_CLOSERUSERNAME=taler-exchange-closer
_RSECUSERNAME=taler-exchange-secmod-rsa
_ESECUSERNAME=taler-exchange-secmod-eddsa
_AGGRUSERNAME=taler-exchange-aggregator
_WIREUSERNAME=taler-exchange-wire

# usage: fixperm user:group perms file
function fixperm() {
  chown "$1" "$3"
  chmod "$2" "$3"
}

# usage: lncfg user home target
function lncfg() {
  local cf=$TALER_HOME/$2/.config
  if [ ! -e $cf ]; then
    mkdir $cf
    chown $(stat -L -c %u $TALER_HOME/$2):$(stat -L -c %g $TALER_HOME/$2) $cf
  fi
  ln -sf $3 $cf/taler.conf
}

case "${1}" in
configure)

  # Create taler groups as needed
  if ! getent group ${_GROUPNAME} >/dev/null; then
    addgroup --quiet --system ${_GROUPNAME}
  fi
  if ! getent group ${_DBGROUPNAME} >/dev/null; then
    addgroup --quiet --system ${_DBGROUPNAME}
  fi

  # Create taler users if needed
  if ! getent passwd ${_EUSERNAME} >/dev/null; then
    adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/httpd ${_EUSERNAME}
    adduser --quiet ${_EUSERNAME} ${_DBGROUPNAME}
  fi
  if ! getent passwd ${_RSECUSERNAME} >/dev/null; then
    adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/secmod-rsa ${_RSECUSERNAME}
  fi
  if ! getent passwd ${_ESECUSERNAME} >/dev/null; then
    adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/secmod-eddsa ${_ESECUSERNAME}
  fi
  if ! getent passwd ${_WIREUSERNAME} >/dev/null; then
    adduser --quiet --system --home ${TALER_HOME}/wire ${_WIREUSERNAME}
    adduser --quiet ${_WIREUSERNAME} ${_DBGROUPNAME}
  fi
  if ! getent passwd ${_CLOSERUSERNAME} >/dev/null; then
    adduser --quiet --system --home ${TALER_HOME}/closer ${_CLOSERUSERNAME}
    adduser --quiet ${_CLOSERUSERNAME} ${_DBGROUPNAME}
  fi
  if ! getent passwd ${_AGGRUSERNAME} >/dev/null; then
    adduser --quiet --system --home ${TALER_HOME}/aggregator ${_AGGRUSERNAME}
    adduser --quiet ${_AGGRUSERNAME} ${_DBGROUPNAME}
  fi

  fixperm ${_WIREUSERNAME}:root 460 /etc/taler/exchange-wire-gateway.conf
  fixperm root:${_DBGROUPNAME} 640 /etc/taler/exchange-db.conf

  lncfg ${_EUSERNAME} httpd /etc/taler/exchange-service-default.conf
  lncfg ${_RSECUSERNAME} secmod-rsa /etc/taler/exchange-service-default.conf
  lncfg ${_ESECUSERNAME} secmod-eddsa /etc/taler/exchange-service-default.conf
  lncfg ${_AGGRUSERNAME} aggregator /etc/taler/exchange-service-default.conf
  lncfg ${_CLOSERUSERNAME} closer /etc/taler/exchange-service-default.conf
  lncfg ${_WIREUSERNAME} wire /etc/taler/exchange-service-wire.conf
  ;;

abort-upgrade | abort-remove | abort-deconfigure) ;;

*)
  echo "postinst called with unknown argument \`${1}'" >&2
  exit 1
  ;;
esac

#DEBHELPER#

exit 0