blob: baa291f6aeeda9064bb57d26492ad7d9c8031255 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
|
#!/bin/bash
set -e
# Set permissions for sqlite3 file
# (for when we support sqlite3 in the future)
dbc_dbfile_owner="${_USERNAME}:${_GROUPNAME}"
dbc_dbfile_perms="0600"
# 1st argument will be the SECURITYTOKEN to use.
apache_install() {
mkdir -p /etc/apache2/conf-available
if [ ! -f /etc/apache2/conf-available/taler-merchant.conf ];
then
cat /etc/taler-merchant/apache.conf | sed -e "s/%SECURITYTOKEN%/$1/" > /etc/apache2/conf-available/taler-merchant.conf
fi
# TODO: might want to remember if *we* enabled those, and disable in postrm
a2enmod proxy
a2enmod proxy_http
a2enmod headers
a2enmod rewrite
}
# 1st argument will be the SECURITYTOKEN to use.
nginx_install() {
mkdir -p /etc/nginx/conf-available
if [ ! -f /etc/apache2/conf-available/taler-merchant.conf ];
then
cat /etc/taler-merchant/nginx.conf | sed -e "s/%SECURITYTOKEN%/$1/" > /etc/nginx/conf-available/taler-merchant.conf
fi
}
. /usr/share/debconf/confmodule
case "${1}" in
configure)
db_version 2.0
db_get taler-merchant/username
_USERNAME="${RET:-taler-merchant-httpd}"
db_get taler-merchant/groupname
_GROUPNAME="${RET:-www-data}"
# Read default values
TALER_HOME="/var/lib/taler-merchant"
# Creating taler group if needed
if ! getent group ${_GROUPNAME} > /dev/null
then
echo -n "Creating new Taler group ${_GROUPNAME}:"
addgroup --quiet --system ${_GROUPNAME}
echo " done."
fi
# Creating taler users if needed
if ! getent passwd ${_USERNAME} > /dev/null
then
echo -n "Creating new Taler user ${_USERNAME}:"
adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/httpd ${_USERNAME}
echo " done."
fi
# Create access secret
SECRET=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1`
echo SECRET > ${TALER_HOME}/master-api-key.txt
chown ${_USERNAME}:${_GROUPNAME} ${TALER_HOME}/master-api-key.txt
chmod 440 ${TALER_HOME}/master-api-key.txt
# Writing new values to configuration file
echo -n "Writing new configuration file:"
CONFIG_NEW=$(tempfile)
cat > "${CONFIG_NEW}" <<EOF
# This file controls the behaviour of the Taler init script.
# It will be parsed as a shell script.
# please do not edit by hand, use 'dpkg-reconfigure taler-merchant'.
TALER_USER=${_USERNAME}
TALER_GROUP=${_GROUPNAME}
EOF
cat > "/etc/systemd/system/taler-merchant-httpd.service" <<EOF
[Unit]
Description=GNU Taler payment system merchant backend
[Service]
EnvironmentFile=/etc/default/taler-merchant
User=${_USERNAME}
Type=simple
Restart=on-failure
ExecStart=/usr/bin/taler-merchant-httpd -c /etc/taler-merchant.conf
EOF
systemctl daemon-reload
cp -f "${CONFIG_NEW}" "${CONFIG_FILE}"
echo " done."
# Setup postgres database (needs dbconfig-pgsql package)
if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then
. /usr/share/dbconfig-common/dpkg/postinst.pgsql
dbc_pgsql_createdb_encoding="UTF8"
dbc_go taler-merchant "$@"
fi
# get database settings from dbconfig-common
if [ -f /etc/dbconfig-common/taler-merchant.conf ]; then
. /etc/dbconfig-common/taler-merchant.conf
case "$dbc_dbtype" in
pgsql)
taler-config -c /etc/taler-merchant.conf \
-s "merchantdb-postgres" \
-o "CONFIG" \
-V "postgres://$dbc_dbuser:$dbc_dbpass@$dbc_dbserver/$dbc_dbname"
taler-config -c /etc/taler-merchant.conf \
-s "merchant" \
-o "DB" \
-V "postgres"
;;
sqlite3)
# Later: use something like:
# sqlite:///$DATA_DIR/merchant.db
# But for now, sqlite is unsupported:
echo "Unsupported database type $dbc_type."
exit 1
;;
"")
;;
*)
echo "Unsupported database type $dbc_type."
exit 1
;;
esac
fi
# Configure Webserver
db_get taler-merchant/reconfigure-webserver
webservers="$RET"
for webserver in $webservers; do
webserver=${webserver%,}
if [ "$webserver" = "nginx" ] ; then
nginx_install "$SECRET"
else
apache_install "$SECRET"
fi
if [ -f /etc/init.d/$webserver ] ; then
if which invoke-rc.d > /dev/null ; then
if invoke-rc.d $webserver status > /dev/null 2>&1 ; then
invoke-rc.d $webserver reload 3>/dev/null || true
fi
else
if /etc/init.d/$webserver status > /dev/null 2>&1 ; then
/etc/init.d/$webserver reload 3>/dev/null || true
fi
fi
fi
done
db_stop
# Cleaning
echo "All done."
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`${1}'" >&2
exit 1
;;
esac
#DEBHELPER#
exit 0
|
