[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: FIXMEs to exchange setup guide.
|
From: |
gnunet |
|
Subject: |
[taler-docs] branch master updated: FIXMEs to exchange setup guide. |
|
Date: |
Thu, 05 Aug 2021 15:34:36 +0200 |
This is an automated email from the git hooks/post-receive script.
ms pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new 906a900 FIXMEs to exchange setup guide.
906a900 is described below
commit 906a900c0ac8ab32ce2b238315da017c34fe27dd
Author: MS <ms@taler.net>
AuthorDate: Thu Aug 5 02:31:43 2021 -1100
FIXMEs to exchange setup guide.
---
taler-exchange-setup-guide.rst | 41 ++++++++++++++++++++++++++++++++++-------
1 file changed, 34 insertions(+), 7 deletions(-)
diff --git a/taler-exchange-setup-guide.rst b/taler-exchange-setup-guide.rst
index da970d6..b50a2f8 100644
--- a/taler-exchange-setup-guide.rst
+++ b/taler-exchange-setup-guide.rst
@@ -69,6 +69,10 @@ and that the ``gnupg`` package has been installed.
[root@exchange-online]# apt-get upgrade
[root@exchange-online]# apt-get install -y gnupg
+..
+ FIXME: gnupg is a Ubuntu 20.04 default package. The third command above
+ might be removed then.
+
Next, add the ``focal-fossa`` apt repository provided by Taler Systems S.A. to
your package sources:
@@ -86,6 +90,10 @@ signing key to your list of trusted keys and update the
package index:
[root@exchange-online]# wget -O - https://taler.net/taler-systems.gpg.key |
apt-key add -
[root@exchange-online]# apt-get update
+..
+ FIXME: this happens after the update.
+ N: Skipping acquire of configured file 'main/binary-i386/Packages' as
repository 'https://deb.taler.net/apt/ubuntu focal-fossa InRelease' doesn't
support architecture 'i386'
+
Finally, the required packages can be installed:
@@ -127,6 +135,10 @@ directive and should end with ``.secret.conf``.
To view the entire configuration annotated with the source of each
configuration option, you
can use the ``taler-config`` helper:
+..
+ FIXME: mostly all the configuration files are owned root:root. Is that
wanted?
+ Wasn't taler-exchange-httpd supposed to own those?
+
.. code-block:: shell-session
[root@exchange-online]# taler-config --diagnostics
@@ -166,6 +178,10 @@ The exchange setup uses the following system groups:
* taler-exchange-secmod: group for processes with access to online signing
keys, so taler-exchange-secmod-rsa, taler-exchange-secmod-eddsa and
taler-exchange-httpd
* taler-exchange-offline: group for the access to the offline private key
(only used on the offline host and not used on the online system)
+..
+ FIXME: "taler-exchange-secmod: group for processes with access to online
signing keys, so taler-exchange-secmod-rsa, taler-exchange-secmod-eddsa and
taler-exchange-httpd .... what?" Seems that this sentence lacks conclusion.
+
+
The package will deploy systemd service files in
``/usr/lib/systemd/system/`` for the various components:
@@ -252,10 +268,13 @@ Wire Gateway Setup
The Taler Wire Gateway is an API that connects the Taler exchange to
the underlying core banking system.
-LibEuFin is an implementation of the Wire Gateway API for the EBICS.
+LibEuFin is an implementation of the Wire Gateway API for the EBICS protocol.
Please follow the setup instructions in ??? to set up a Taler Wire Gateway with
LibEuFin for an EBICS bank account.
+..
+ FIXME: replace ??? above with actual link.
+
The exchange must be configured with the right settings to
access the Taler Wire Gateway. An exchange can be configured
to use multiple bank accounts by using multiple Wire Gateways.
@@ -328,7 +347,7 @@ The following users must have access to the exchange
database:
* taler-exchange-closer
These users are all in the taler-exchange-db group, and the
-``exchange-db.secret.conf`` is should already be only readable by users in
+``exchange-db.secret.conf`` should already be only readable by users in
this group.
To create a database for the Taler exchange on the local system, run:
@@ -364,6 +383,11 @@ Next, we need to grant the other accounts limited access:
[root@exchange-onlie]# echo 'GRANT USAGE ON ALL SEQUENCES IN SCHEMA public
TO "taler-exchange-wire";' \
| sudo -u taler-exchange-httpd psql taler-exchange
+..
+ FIXME: the above commands do work, except that they produce a eye-unfriendly
"cannot change to /root directory"
+ message after the execution. This might be avoided by first getting a shell
as the taler-exchange-httpd user
+ and then run the SQL statements.
+
Assuming the above database setup, the database credentials to configure
in the configuration file would simply be:
@@ -402,7 +426,7 @@ The responsibilities of this offline signing machine are:
[root@exchange-offline]# sudo -u taler-exchange-offline
taler-exchange-offline setup
< ... prints the exchange master public key >
-The public key printed as the output of this command should must be put into
the configuration
+The public key printed as the output of this command must be put into the
configuration
of the online machine:
.. code-block:: ini
@@ -456,10 +480,10 @@ The exchange HTTP service can now be started:
.. note::
- At this point, the exchange service not yet fully operational.
+ At this point, the exchange service is not yet fully operational.
-To check whether the exchange is running correctly under the advertise
+To check whether the exchange is running correctly under the advertised
base URL, run:
.. code-block:: shell-session
@@ -481,7 +505,7 @@ steps involving the offline signing machine must be
completed:
Additionally, the offline signing system signs policy messages
to configure the exchange's bank accounts and associated fees.
3. The messages generated by the offline signing system are uploaded
- to via the management API of the exchange HTTP service.
+ via the management API of the exchange HTTP service.
.. code-block:: shell-session
@@ -495,7 +519,7 @@ steps involving the offline signing machine must be
completed:
enable-account payto://sepa/$IBAN > acct-response.json
[root@exchange-offline]# taler-exchange-offline \
enable-account wire-fee 2021 sepa EUR:0 EUR:0 > fee-response.json
-
+ # FIXME: 'enable-account' above seems wrong.
[root@exchange-online]# taler-exchange-offline upload < sig-response.json
[root@exchange-online]# taler-exchange-offline upload < acct-response.json
[root@exchange-online]# taler-exchange-offline upload < fee-response.json
@@ -528,6 +552,9 @@ a merchant backend is not required, as the wallet acts as a
merchant.
# Check whether the exchange received an incoming bank transfer
[root@exchange-online]# taler-exchangewire-gateway-client --section
exchange-account-1 --credit-history
+ # FIXME: this one above fails, complaining that the section's name doesn't
begin with `exchange-accountcredentials-`
+ # Blocks also the further steps from being taken. Should the include in
line 33 point inside the "secrets" directory?
+ #
https://git.taler.net/exchange.git/tree/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf?id=289b816e1cd1a56a0b82582b69bff22c55e6b8a0
# Once the transfer has been made, try completing the withdrawal
$ taler-wallet-cli run-pending
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: FIXMEs to exchange setup guide.,
gnunet <=