aboutsummaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
authorFlorian Dold <florian@dold.me>2021-07-29 19:50:22 +0200
committerFlorian Dold <florian@dold.me>2021-07-29 19:50:22 +0200
commit926683c5d9c784952a34e1d9ca97909bdf274c83 (patch)
tree6590735ee32f77a0c7eebd68284c5d1c47cc4b98 /debian
parentfb23045fe1d062cd4f26f3265ac94ded47660abd (diff)
debian: new config
Diffstat (limited to 'debian')
-rw-r--r--debian/.gitignore1
-rw-r--r--debian/etc/taler-merchant.conf8
-rw-r--r--debian/etc/taler/conf.d/merchant.conf2
-rw-r--r--debian/taler-merchant.config11
-rw-r--r--debian/taler-merchant.dirs2
-rw-r--r--debian/taler-merchant.install4
-rw-r--r--debian/taler-merchant.links1
-rw-r--r--debian/taler-merchant.postinst173
-rw-r--r--debian/taler-merchant.taler-merchant-httpd.service8
-rw-r--r--debian/taler-merchant.templates18
10 files changed, 73 insertions, 155 deletions
diff --git a/debian/.gitignore b/debian/.gitignore
index 923eb8d4..b566fe18 100644
--- a/debian/.gitignore
+++ b/debian/.gitignore
@@ -23,3 +23,4 @@ taler-merchant/
libtalermerchant.substvars
taler-merchant.substvars
taler-merchant.postrm.debhelper
+taler-merchant.links
diff --git a/debian/etc/taler-merchant.conf b/debian/etc/taler-merchant.conf
deleted file mode 100644
index 60e2b72d..00000000
--- a/debian/etc/taler-merchant.conf
+++ /dev/null
@@ -1,8 +0,0 @@
-[taler]
-# Note: change this to the currency you will use!
-CURRENCY = KUDOS
-
-[merchant]
-SERVE = UNIX
-UNIXPATH = /var/lib/taler-merchant/httpd/merchant.sock
-DATABASE = postgres
diff --git a/debian/etc/taler/conf.d/merchant.conf b/debian/etc/taler/conf.d/merchant.conf
new file mode 100644
index 00000000..6efc223a
--- /dev/null
+++ b/debian/etc/taler/conf.d/merchant.conf
@@ -0,0 +1,2 @@
+[merchant]
+DATABASE = postgres
diff --git a/debian/taler-merchant.config b/debian/taler-merchant.config
index 298b8ea7..5ce7ecd7 100644
--- a/debian/taler-merchant.config
+++ b/debian/taler-merchant.config
@@ -4,12 +4,6 @@ set -e
. /usr/share/debconf/confmodule
-db_input low taler-merchant/username || true
-db_go
-
-db_input low taler-merchant/groupname || true
-db_go
-
db_input low taler-merchant/reconfigure-webserver || true
db_go
@@ -30,12 +24,9 @@ dbc_mysql_createdb_encoding="UTF8"
dbc_authmethod_user=ident
dbc_authmethod_admin=ident
-
-db_get taler-merchant/username
-_USERNAME="${RET:-taler-merchant-httpd}"
+_USERNAME=taler-merchant-httpd
dbc_dbuser=${_USERNAME}
-
if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then
. /usr/share/dbconfig-common/dpkg/config.pgsql
dbc_go taler-merchant "$@"
diff --git a/debian/taler-merchant.dirs b/debian/taler-merchant.dirs
deleted file mode 100644
index e49de88e..00000000
--- a/debian/taler-merchant.dirs
+++ /dev/null
@@ -1,2 +0,0 @@
-var/lib/taler-merchant
-var/log/taler/
diff --git a/debian/taler-merchant.install b/debian/taler-merchant.install
index 4f32e737..3ae878a2 100644
--- a/debian/taler-merchant.install
+++ b/debian/taler-merchant.install
@@ -6,6 +6,8 @@ usr/share/man/man1/*
/usr/share/taler/merchant/*
/usr/share/taler/sql/merchant/*
/usr/share/taler/config.d/*
+
debian/etc/* /etc/
-debian/conf/* etc/taler-merchant/
+
+# Files needed by dbconf
debian/db/install/* usr/share/dbconfig-common/scripts/taler-merchant/install/
diff --git a/debian/taler-merchant.links b/debian/taler-merchant.links
deleted file mode 100644
index 8b137891..00000000
--- a/debian/taler-merchant.links
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/debian/taler-merchant.postinst b/debian/taler-merchant.postinst
index f5ed9c4d..fbc67380 100644
--- a/debian/taler-merchant.postinst
+++ b/debian/taler-merchant.postinst
@@ -2,137 +2,80 @@
set -e
+_USERNAME=taler-merchant-httpd
+_GROUPNAME=www-data
+
# Set permissions for sqlite3 file
# (for when we support sqlite3 in the future)
dbc_dbfile_owner="${_USERNAME}:${_GROUPNAME}"
dbc_dbfile_perms="0600"
-
# 1st argument will be the SECURITYTOKEN to use.
apache_install() {
- mkdir -p /etc/apache2/conf-available
- if [ ! -f /etc/apache2/conf-available/taler-merchant.conf ];
- then
- cat /etc/taler-merchant/apache.conf | sed -e "s/%SECURITYTOKEN%/$1/" > /etc/apache2/conf-available/taler-merchant.conf
- fi
+ mkdir -p /etc/apache2/conf-available
+ if [ ! -f /etc/apache2/conf-available/taler-merchant.conf ]; then
+ cat /etc/taler-merchant/apache.conf | sed -e "s/%SECURITYTOKEN%/$1/" >/etc/apache2/conf-available/taler-merchant.conf
+ fi
}
# 1st argument will be the SECURITYTOKEN to use.
nginx_install() {
- mkdir -p /etc/nginx/conf-available
- if [ ! -f /etc/nginx/conf-available/taler-merchant.conf ];
- then
- cat /etc/taler-merchant/nginx.conf | sed -e "s/%SECURITYTOKEN%/$1/" > /etc/nginx/conf-available/taler-merchant.conf
- fi
+ mkdir -p /etc/nginx/conf-available
+ if [ ! -f /etc/nginx/conf-available/taler-merchant.conf ]; then
+ cat /etc/taler-merchant/nginx.conf | sed -e "s/%SECURITYTOKEN%/$1/" >/etc/nginx/conf-available/taler-merchant.conf
+ fi
}
. /usr/share/debconf/confmodule
-
case "${1}" in
- configure)
- db_version 2.0
-
- db_get taler-merchant/username
- _USERNAME="${RET:-taler-merchant-httpd}"
-
- db_get taler-merchant/groupname
- _GROUPNAME="${RET:-www-data}"
-
- # Read default values
- CONFIG_FILE="/etc/default/taler-merchant"
- TALER_HOME="/var/lib/taler-merchant"
-
- # Creating taler group if needed
- if ! getent group ${_GROUPNAME} > /dev/null
- then
- echo -n "Creating new Taler group ${_GROUPNAME}:"
- addgroup --quiet --system ${_GROUPNAME}
- echo " done."
- fi
- # Creating taler users if needed
- if ! getent passwd ${_USERNAME} > /dev/null
- then
- echo -n "Creating new Taler user ${_USERNAME}:"
- adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/httpd ${_USERNAME}
- echo " done."
- fi
-
-
- # Setup postgres database (needs dbconfig-pgsql package)
- if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then
- . /usr/share/dbconfig-common/dpkg/postinst.pgsql
- dbc_pgsql_createdb_encoding="UTF8"
- dbc_go taler-merchant "$@"
- fi
-
- chown ${_USERNAME}:postgres /etc/taler-merchant.conf
- chmod 460 /etc/taler-merchant.conf
-
-
- # Create access secret
- SECRET=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1`
- echo SECRET > ${TALER_HOME}/master-api-key.txt
- chown ${_USERNAME}:${_GROUPNAME} ${TALER_HOME}/master-api-key.txt
- chmod 440 ${TALER_HOME}/master-api-key.txt
-
- # Writing new values to configuration file
- echo -n "Writing new configuration file:"
- CONFIG_NEW=$(tempfile)
-
-cat > "${CONFIG_NEW}" <<EOF
-# This file controls the behaviour of the Taler init script.
-# It will be parsed as a shell script.
-# please do not edit by hand, use 'dpkg-reconfigure taler-merchant'.
-
-TALER_USER=${_USERNAME}
-TALER_GROUP=${_GROUPNAME}
-EOF
-
-
-cat > "/etc/systemd/system/taler-merchant-httpd.service" <<EOF
-[Unit]
-Description=GNU Taler payment system merchant backend
-
-[Service]
-EnvironmentFile=/etc/default/taler-merchant
-User=${_USERNAME}
-Type=simple
-Restart=on-failure
-ExecStart=/usr/bin/taler-merchant-httpd -c /etc/taler-merchant.conf
-EOF
-
- systemctl daemon-reload >/dev/null 2>&1 || true
-
- cp -f "${CONFIG_NEW}" "${CONFIG_FILE}"
- echo " done."
-
- # Configure Webserver
- db_get taler-merchant/reconfigure-webserver
- webservers="$RET"
- for webserver in $webservers; do
- webserver=${webserver%,}
- if [ "$webserver" = "nginx" ] ; then
- nginx_install "$SECRET"
- else
- apache_install "$SECRET"
- fi
- done
- db_stop
-
- # Cleaning
- echo "All done."
-
- ;;
-
- abort-upgrade|abort-remove|abort-deconfigure)
-
- ;;
-
- *)
- echo "postinst called with unknown argument \`${1}'" >&2
- exit 1
- ;;
+configure)
+ db_start
+ db_version 2.0
+
+ # Read default values
+ CONFIG_FILE="/etc/default/taler-merchant"
+ TALER_HOME="/var/lib/taler"
+
+ # Creating taler users if needed
+ if ! getent passwd ${_USERNAME} >/dev/null; then
+ adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_USERNAME}
+ fi
+
+ # Setup postgres database (needs dbconfig-pgsql package)
+ if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then
+ . /usr/share/dbconfig-common/dpkg/postinst.pgsql
+ dbc_pgsql_createdb_encoding="UTF8"
+ dbc_go taler-merchant "$@"
+ fi
+
+ # Create access secret
+ SECRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1)
+ echo SECRET >${TALER_HOME}/master-api-key.txt
+ chown ${_USERNAME}:${_GROUPNAME} ${TALER_HOME}/master-api-key.txt
+ chmod 440 ${TALER_HOME}/master-api-key.txt
+
+ # Configure Webserver
+ db_get taler-merchant/reconfigure-webserver
+ webservers="$RET"
+ for webserver in $webservers; do
+ webserver=${webserver%,}
+ if [ "$webserver" = "nginx" ]; then
+ nginx_install "$SECRET"
+ else
+ apache_install "$SECRET"
+ fi
+ done
+ db_stop
+
+ ;;
+
+abort-upgrade | abort-remove | abort-deconfigure) ;;
+
+*)
+ echo "postinst called with unknown argument \`${1}'" >&2
+ exit 1
+ ;;
esac
#DEBHELPER#
diff --git a/debian/taler-merchant.taler-merchant-httpd.service b/debian/taler-merchant.taler-merchant-httpd.service
new file mode 100644
index 00000000..7d931742
--- /dev/null
+++ b/debian/taler-merchant.taler-merchant-httpd.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=GNU Taler payment system merchant backend
+
+[Service]
+User=taler-merchant-httpd
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-merchant-httpd -c /etc/taler/taler.conf
diff --git a/debian/taler-merchant.templates b/debian/taler-merchant.templates
index 5657b080..fb929cdb 100644
--- a/debian/taler-merchant.templates
+++ b/debian/taler-merchant.templates
@@ -5,21 +5,3 @@ Default: apache2, nginx
_Description: Web server to reconfigure automatically:
Please choose the web server that should be automatically configured
as a frontend for taler-merchant-httpd.
-
-
-Template: taler-merchant/username
-Type: string
-Default: taler-merchant-httpd
-_Description: Taler user:
- Please choose the user that the taler-merchant-httpd process will run as.
- .
- This should be a dedicated account. If the specified account does not
- already exist, it will automatically be created, with no login shell.
-
-Template: taler-merchant/groupname
-Type: string
-Default: www-data
-_Description: Taler group:
- Please choose the group that the taler-merchant-httpd will run as.
- .
- This should be the same group that the Web server is in.