[taler-docs] branch master updated: -add missing database setup instructions

[gnunet]

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository docs.

The following commit(s) were added to refs/heads/master by this push:
     new 4c8bc8a  -add missing database setup instructions
4c8bc8a is described below

commit 4c8bc8a0d9e6ba9cdad8d589b29d47a912736563
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Aug 3 10:53:24 2021 +0200

    -add missing database setup instructions
---
 taler-exchange-setup-guide.rst | 77 +++++++++++++++++++++++++++++++++++++-----
 1 file changed, 69 insertions(+), 8 deletions(-)

diff --git a/taler-exchange-setup-guide.rst b/taler-exchange-setup-guide.rst
index ab8da95..1d6e0b2 100644
--- a/taler-exchange-setup-guide.rst
+++ b/taler-exchange-setup-guide.rst
@@ -194,7 +194,15 @@ reasonable denomination structure.
 
   taler-wallet-cli deployment gen-coin-config --currency EUR > 
/etc/taler/conf.d/exchange-coins.conf
 
-You can manually review and edit the generated configuration file.
+.. note::
+
+   FIXME: change tool to not take currency from configuration, but instead
+   to accept unit currency as the argument; (i.e. EUR:0.0025). Also take
+   another argument for how many denominations to generate (2^XX). Finally,
+   do use the unit currency as the default deposit fee.
+
+You can manually review and edit the generated configuration file. The main
+change that is possibly required is updating the various fees.
 
 
 Wire Gateway Setup
@@ -245,8 +253,12 @@ The Wire Gateway configuration can be tested with the 
following command:
 
 .. code-block:: shell-session
 
-   [root@exchange-online]# taler-exchange-wire-gateway-client --section 
exchange-account-1 --debit-history
-   [root@exchange-online]# taler-exchangewire-gateway-client --section 
exchange-account-1 --credit-history
+   [root@exchange-online]# taler-exchange-wire-gateway-client \
+     --section exchange-account-1 --debit-history
+   [root@exchange-online]# taler-exchange-wire-gateway-client \
+     --section exchange-account-1 --credit-history
+
+
 
 Exchange Database Setup
 =======================
@@ -262,6 +274,51 @@ The following users must have access to the exchange 
database:
 * taler-exchange-aggregator
 * taler-exchange-closer
 
+These users are all in the taler-exchange-db group, and the
+``exchange-db.secret.conf`` is should already be only readable by users in
+this group.
+
+To create a database for the Taler exchange on the local system, run:
+
+.. code-block:: shell-session
+
+  [root@exchange-onlie]# su - postgres
+  [postgres@exchange-online]# createuser taler-exchange-httpd
+  [postgres@exchange-online]# createuser taler-exchange-wire
+  [postgres@exchange-online]# createuser taler-exchange-aggregator
+  [postgres@exchange-online]# createuser taler-exchange-closer
+  [postgres@exchange-online]# createdb -O taler-exchange-httpd taler-exchange
+  [postgres@exchange-online]# exit
+
+This will create a ``taler-exchange`` database owned by the
+``taler-exchange-httpd`` user.  We will use that user later to perform
+database maintenance operations.
+
+Next, we need to grant the other accounts limited access:
+
+.. code-block:: shell-session
+
+  [root@exchange-onlie]# echo 'GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN 
SCHEMA public TO "taler-exchange-aggregator";' \
+    | sudo -u taler-exchange-httpd psql taler-exchange
+  [root@exchange-onlie]# echo 'GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN 
SCHEMA public TO "taler-exchange-closer";' \
+    | sudo -u taler-exchange-httpd psql taler-exchange
+  [root@exchange-onlie]# echo 'GRANT SELECT,INSERT,UPDATE ON ALL TABLES IN 
SCHEMA public TO "taler-exchange-wire";' \
+    | sudo -u taler-exchange-httpd psql taler-exchange
+
+
+Assuming the above database setup, the database credentials to configure
+in the configuration file would simply be:
+
+.. code-block:: ini
+  :caption: /etc/taler/secrets/exchange-db.secret.conf
+
+  [exchangedb-postgres]
+  CONFIG=postgres:///taler-exchange
+
+
+If the database is run on a different host, please follow the instructions
+from the Postgres manual for configuring remote access.
+
 After configuring the database credentials, the exchange database needs
 to be initialized with the following command:
 
@@ -302,7 +359,7 @@ Exchange Web service / API Setup
 ================================
 
 By default, the ``taler-exchange-httpd`` service listens for HTTP connections
-on a unix domain socket.  To make the service publicly available, a reverse
+on a UNIX domain socket.  To make the service publicly available, a reverse
 proxy such as nginx should be used.  We strongly recommend to configure nginx
 to use TLS.
 
@@ -369,11 +426,15 @@ steps involving the offline signing machine must be 
completed:
 
 .. code-block:: shell-session
 
-  [root@exchange-online]# taler-exchange-offline download > sig-request.json
+  [root@exchange-online]# taler-exchange-offline \
+    download > sig-request.json
 
-  [root@exchange-offline]# taler-exchange-offline sign > sig-response.json
-  [root@exchange-offline]# taler-exchange-offline enable-account 
payto://sepa/$IBAN > acct-response.json
-  [root@exchange-offline]# taler-exchange-offline enable-account wire-fee 2021 
sepa EUR:0 EUR:0 > fee-response.json
+  [root@exchange-offline]# taler-exchange-offline \
+    sign < sig-request.json > sig-response.json
+  [root@exchange-offline]# taler-exchange-offline \
+    enable-account payto://sepa/$IBAN > acct-response.json
+  [root@exchange-offline]# taler-exchange-offline \
+    enable-account wire-fee 2021 sepa EUR:0 EUR:0 > fee-response.json
 
   [root@exchange-online]# taler-exchange-offline upload < sig-response.json
   [root@exchange-online]# taler-exchange-offline upload < acct-response.json

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.