[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-deployment] branch master updated (4df2efe -> b905103)
|
From: |
gnunet |
|
Subject: |
[taler-deployment] branch master updated (4df2efe -> b905103) |
|
Date: |
Tue, 01 Nov 2022 15:38:41 +0100 |
This is an automated email from the git hooks/post-receive script.
ms pushed a change to branch master
in repository deployment.
from 4df2efe frontends log rotation
new c36379f tolerate late exchange
new 0bacccf docker: not resetting data by default
new f7c72d6 tolerating rootful backup
new b905103 bank SPA container
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
docker/hybrid/README | 14 +++++-----
docker/hybrid/backup.sh | 2 ++
docker/hybrid/config/deployment.conf | 2 +-
docker/hybrid/docker-compose.yml | 7 +++++
docker/hybrid/images/bank-ui/Dockerfile | 4 +++
docker/hybrid/images/bank-ui/nginx.conf | 14 ++++++++++
docker/hybrid/images/base/Dockerfile | 18 ++++++++++--
docker/hybrid/images/exchange/startup.sh | 31 +++++++++++++--------
docker/hybrid/images/exchange/taler.conf | 48 ++++++++++++++++++++++++++++++++
docker/hybrid/images/libeufin/startup.sh | 47 ++++++++++++++++++++++---------
docker/hybrid/images/merchant/startup.sh | 7 +++--
docker/hybrid/import-backup.sh | 2 +-
12 files changed, 157 insertions(+), 39 deletions(-)
create mode 100644 docker/hybrid/images/bank-ui/Dockerfile
create mode 100644 docker/hybrid/images/bank-ui/nginx.conf
diff --git a/docker/hybrid/README b/docker/hybrid/README
index 7e3cbb2..aa975ab 100644
--- a/docker/hybrid/README
+++ b/docker/hybrid/README
@@ -55,24 +55,24 @@ run the following command to export database, key material,
and logs:
$ ./backup.sh
-The following command imports a TAR backup into
-the Docker volumes. From this directory:
+The following command imports the TAR backup from
+the previous step into the Docker volumes. From this directory:
$ ./import-backup.sh
+If data needs to be removed, from this folder:
+ $ docker-compose down -v
+
Run
---
-Only if stale data needs to be removed, from this folder run:
- $ docker-compose down -v
-
-From this folder, run:
+From this folder:
$ docker-compose up --remove-orphans --abort-on-container-exit
How to test on localhost
========================
-From this folder, run:
+From this folder:
$ ./test-docker-mvp.sh
diff --git a/docker/hybrid/backup.sh b/docker/hybrid/backup.sh
index 544e716..18b8152 100755
--- a/docker/hybrid/backup.sh
+++ b/docker/hybrid/backup.sh
@@ -19,6 +19,8 @@ if test -a $BACKUP_FILE; then
exit 3
fi
+# 'chown' should still help rootful runs to
+# have the TAR owned by the user invoking the command.
docker run \
-v /tmp:/tmp \
-v hybrid_talerdata:/taler-data \
diff --git a/docker/hybrid/config/deployment.conf
b/docker/hybrid/config/deployment.conf
index 6b4d052..78d7240 100644
--- a/docker/hybrid/config/deployment.conf
+++ b/docker/hybrid/config/deployment.conf
@@ -10,7 +10,7 @@ landing-url = http://localhost:5562/
blog-url = http://localhost:5559/
donations-url = http://localhost:5560/
survey-url = http://localhost:5561/
-bank-url = http://localhost:15000/
+bank-url = http://localhost:15002/
# Bank accounts
exchange-sandbox-username = exchange-at-sandbox
diff --git a/docker/hybrid/docker-compose.yml b/docker/hybrid/docker-compose.yml
index 34c3791..818e057 100644
--- a/docker/hybrid/docker-compose.yml
+++ b/docker/hybrid/docker-compose.yml
@@ -61,3 +61,10 @@ services:
- talerlogs:/logs
- talerdata:/data
- ${TALER_DEPLOYMENT_CONFIG:?Please export
TALER_DEPLOYMENT_CONFIG}:/config/deployment.conf
+
+ bank-ui:
+ build: ./images/bank-ui
+ ports:
+ - 15002:80 # Nginx serving the SPA
+ volumes:
+ - talerlogs:/logs
diff --git a/docker/hybrid/images/bank-ui/Dockerfile
b/docker/hybrid/images/bank-ui/Dockerfile
new file mode 100644
index 0000000..ff79752
--- /dev/null
+++ b/docker/hybrid/images/bank-ui/Dockerfile
@@ -0,0 +1,4 @@
+FROM taler_local/taler_base
+
+COPY nginx.conf /
+ENTRYPOINT nginx -c /nginx.conf 2>&1 | rotatelogs -e /logs/bank-ui-%Y-%m-%d
86400
diff --git a/docker/hybrid/images/bank-ui/nginx.conf
b/docker/hybrid/images/bank-ui/nginx.conf
new file mode 100644
index 0000000..d5436f5
--- /dev/null
+++ b/docker/hybrid/images/bank-ui/nginx.conf
@@ -0,0 +1,14 @@
+error_log /dev/stdout;
+daemon off;
+events {}
+http {
+ access_log /dev/stdout;
+ server {
+ include /etc/nginx/mime.types;
+ listen 80;
+ listen [::]:80;
+ location / {
+ root /usr/local/share/taler/demobank-ui;
+ }
+ }
+}
diff --git a/docker/hybrid/images/base/Dockerfile
b/docker/hybrid/images/base/Dockerfile
index 227ad44..3d12cf9 100644
--- a/docker/hybrid/images/base/Dockerfile
+++ b/docker/hybrid/images/base/Dockerfile
@@ -5,9 +5,9 @@ RUN apt-get install -y autoconf autopoint libtool texinfo \
libgcrypt-dev libidn11-dev zlib1g-dev libunistring-dev \
libjansson-dev python3-pip git recutils libsqlite3-dev \
libpq-dev postgresql libcurl4-openssl-dev libsodium-dev git \
- libqrencode-dev zip jq nodejs npm openjdk-17-jre nginx procps \
- curl python3-jinja2 wget curl python3-sphinx \
- socat python3-sphinx-rtd-theme apache2-utils
+ libqrencode-dev zip jq npm openjdk-17-jre nginx procps \
+ curl python3-jinja2 wget curl python3-sphinx socat apache2-utils \
+ python3-sphinx-rtd-theme
RUN pip3 install requests click poetry uwsgi
@@ -17,6 +17,7 @@ RUN git clone git://git.taler.net/exchange /exchange
RUN git clone git://git.taler.net/merchant /merchant
RUN git clone git://git.taler.net/libeufin /libeufin
RUN git clone git://git.taler.net/taler-merchant-demos /taler-merchant-demos
+RUN git clone git://git.taler.net/wallet-core /wallet-core
WORKDIR /libmicrohttpd
RUN ./bootstrap
@@ -50,4 +51,15 @@ RUN ./bootstrap
RUN ./configure
RUN make install
+
+# From:
https://github.com/nodesource/distributions/blob/master/README.md#debinstall
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+apt-get install -y nodejs
+RUN npm install -g pnpm
+WORKDIR /wallet-core
+RUN ./bootstrap
+WORKDIR ./packages/demobank-ui
+RUN ./configure
+RUN make install
+
WORKDIR /
diff --git a/docker/hybrid/images/exchange/startup.sh
b/docker/hybrid/images/exchange/startup.sh
index a0bc725..48f2360 100644
--- a/docker/hybrid/images/exchange/startup.sh
+++ b/docker/hybrid/images/exchange/startup.sh
@@ -27,29 +27,35 @@ while ! pg_isready -h talerdb -d taler; do
done
echo Now DB is ready.
-taler-exchange-dbinit -L DEBUG -c /config/taler.conf --reset
+echo -n "Init database... "
+taler-exchange-dbinit -L DEBUG -c /config/taler.conf
+echo DONE
+echo -n "Starting EDDSA helper..."
taler-exchange-secmod-eddsa -L DEBUG \
-c /config/taler.conf 2>&1 | \
rotatelogs -e /logs/taler-exchange-secmod-eddsa-%Y-%m-%d 86400 &
-
+echo DONE
+echo -n "Starting RSA helper..."
taler-exchange-secmod-rsa -L DEBUG \
-c /config/taler.conf 2>&1 | \
rotatelogs -e /logs/taler-exchange-secmod-rsa-%Y-%m-%d 86400 &
-
+echo DONE
+echo -n "Starting CS helper..."
taler-exchange-secmod-cs -L DEBUG \
-c /config/taler.conf 2>&1 | \
rotatelogs -e /logs/taler-exchange-secmod-cs-%Y-%m-%d 86400 &
-
-echo "Crypto helpers started.."
+echo DONE
EXCHANGE_MASTER_PUB=$(taler-exchange-offline -c /config/taler.conf setup)
+
sed -i "s/__EXCHANGE_MASTER_PUB__/$EXCHANGE_MASTER_PUB/" /config/taler.conf
+echo -n "Launching exchange HTTPD..."
taler-exchange-httpd -L DEBUG -c /config/taler.conf 2>&1 | \
rotatelogs -e /logs/taler-exchange-httpd-%Y-%m-%d 86400 &
-for n in `seq 1 20`
+for n in `seq 1 50`
do
echo "."
- sleep 0.4
+ sleep 0.3
OK=1
wget http://exchange/ -o /dev/null -O /dev/null >/dev/null && break
OK=0
@@ -59,24 +65,27 @@ for n in `seq 1 20`
echo "ERROR: failed to launch Exchange"
exit 1
fi
-echo Echange launched.
-echo Launching wirewatch...
+echo DONE
+echo -n "Launching wirewatch..."
taler-exchange-wirewatch -L DEBUG -c /config/taler.conf 2>&1 | \
rotatelogs -e /logs/taler-exchange-wirewatch-%Y-%m-%d 86400 &
echo DONE
-echo Launching transfer service...
+echo -n "Launching transfer service..."
taler-exchange-transfer -L DEBUG -c /config/taler.conf 2>&1 | \
rotatelogs -e /logs/taler-exchange-transfer-%Y-%m-%d 86400 &
echo DONE
-echo Launching aggregator service...
+echo -n "Launching aggregator service..."
taler-exchange-aggregator -L DEBUG -c /config/taler.conf 2>&1 | \
rotatelogs -e /logs/taler-exchange-aggregator-%Y-%m-%d 86400 &
echo DONE
+echo
+echo -n "Setup keys and fees with taler-exchange-offline..."
taler-exchange-offline -L DEBUG -c /config/taler.conf \
download sign \
enable-account
"payto://iban/SANDBOXX/${EXCHANGE_IBAN}?receiver-name=Exchange+Company" \
wire-fee now iban ${CURRENCY}:0.01 ${CURRENCY}:0.01 ${CURRENCY}:0.01 \
global-fee now ${CURRENCY}:0.01 ${CURRENCY}:0.01 ${CURRENCY}:0.01
${CURRENCY}:0.01 1h 1h 1year 5 \
upload 2>&1
+echo DONE
wait
diff --git a/docker/hybrid/images/exchange/taler.conf
b/docker/hybrid/images/exchange/taler.conf
index 1bd5124..a23cf7a 100644
--- a/docker/hybrid/images/exchange/taler.conf
+++ b/docker/hybrid/images/exchange/taler.conf
@@ -40,6 +40,42 @@ port = 80
[exchangedb-postgres]
config = postgres://root:__DB_PASSWORD__@talerdb/taler
+[coin___CURRENCY___10]
+rsa_keysize = 2048
+fee_deposit = __CURRENCY__:0.01
+fee_refund = __CURRENCY__:0.01
+fee_refresh = __CURRENCY__:0.01
+fee_withdraw = __CURRENCY__:0.01
+duration_legal = 10 years
+duration_spend = 5 years
+duration_withdraw = 3 years
+value = __CURRENCY__:10
+cipher = RSA
+
+[coin___CURRENCY___5]
+rsa_keysize = 2048
+fee_deposit = __CURRENCY__:0.01
+fee_refund = __CURRENCY__:0.01
+fee_refresh = __CURRENCY__:0.01
+fee_withdraw = __CURRENCY__:0.01
+duration_legal = 10 years
+duration_spend = 5 years
+duration_withdraw = 3 years
+value = __CURRENCY__:5
+cipher = RSA
+
+[coin___CURRENCY___2]
+rsa_keysize = 2048
+fee_deposit = __CURRENCY__:0.01
+fee_refund = __CURRENCY__:0.01
+fee_refresh = __CURRENCY__:0.01
+fee_withdraw = __CURRENCY__:0.01
+duration_legal = 10 years
+duration_spend = 5 years
+duration_withdraw = 3 years
+value = __CURRENCY__:2
+cipher = RSA
+
[coin___CURRENCY___1]
rsa_keysize = 2048
fee_deposit = __CURRENCY__:0.01
@@ -51,3 +87,15 @@ duration_spend = 5 years
duration_withdraw = 3 years
value = __CURRENCY__:1
cipher = RSA
+
+[coin___CURRENCY___ct_10]
+rsa_keysize = 2048
+fee_deposit = __CURRENCY__:0.01
+fee_refund = __CURRENCY__:0.01
+fee_refresh = __CURRENCY__:0.01
+fee_withdraw = __CURRENCY__:0.01
+duration_legal = 10 years
+duration_spend = 5 years
+duration_withdraw = 3 years
+value = __CURRENCY__:0.10
+cipher = RSA
diff --git a/docker/hybrid/images/libeufin/startup.sh
b/docker/hybrid/images/libeufin/startup.sh
index 129e404..07bb4ee 100644
--- a/docker/hybrid/images/libeufin/startup.sh
+++ b/docker/hybrid/images/libeufin/startup.sh
@@ -2,13 +2,18 @@
set -eu
+MAYBE_VOLUME_MOUNTPOINT="/data/libeufin"
+export
LIBEUFIN_SANDBOX_DB_CONNECTION="jdbc:sqlite:${MAYBE_VOLUME_MOUNTPOINT}/sandbox.sqlite3"
+export
LIBEUFIN_NEXUS_DB_CONNECTION="jdbc:sqlite:${MAYBE_VOLUME_MOUNTPOINT}/nexus.sqlite3"
+# This file indicates that data preparation ran already
+# once. It helps against some non idempotent commands.
+INIT_MARKER=${MAYBE_VOLUME_MOUNTPOINT}/init-done
export LD_LIBRARY_PATH=/usr/local/lib # helps taler-config
CURRENCY=`taler-config -c /config/deployment.conf -s taler-deployment -o
currency`
SANDBOX_PORT=15000
NEXUS_PORT=15001
SANDBOX_BASE_URL="http://localhost:${SANDBOX_PORT}";
EXCHANGE_URL=`taler-config -c /config/deployment.conf -s taler-deployment -o
default-exchange`
-MAYBE_VOLUME_MOUNTPOINT="/data/libeufin"
# As wanted by the Libeufin CLI:
export LIBEUFIN_SANDBOX_URL="${SANDBOX_BASE_URL}/demobanks/default"
export LIBEUFIN_NEXUS_URL="http://localhost:${NEXUS_PORT}";
@@ -17,7 +22,9 @@ export LIBEUFIN_NEXUS_URL="http://localhost:${NEXUS_PORT}";
register_sandbox_account() {
export LIBEUFIN_SANDBOX_USERNAME=$1
export LIBEUFIN_SANDBOX_PASSWORD=$2
- libeufin-cli sandbox demobank register --name "$4" --iban $3
+ # A unavailable username upon registration should
+ # fail, hence non idempotence is acceptable here.
+ test -a $INIT_MARKER || libeufin-cli sandbox demobank register --name "$4"
--iban $3
unset LIBEUFIN_SANDBOX_USERNAME
unset LIBEUFIN_SANDBOX_PASSWORD
}
@@ -43,13 +50,12 @@ is_serving() {
EXCHANGE_IBAN=DE159593
mkdir -p ${MAYBE_VOLUME_MOUNTPOINT}
-export
LIBEUFIN_SANDBOX_DB_CONNECTION="jdbc:sqlite:${MAYBE_VOLUME_MOUNTPOINT}/sandbox.sqlite3"
export LIBEUFIN_SANDBOX_ADMIN_PASSWORD=secret
echo -n "Creating ${CURRENCY} default demobank..."
-libeufin-sandbox config --currency ${CURRENCY} default
+test -a $INIT_MARKER || libeufin-sandbox config --currency ${CURRENCY} default
echo DONE
echo -n "Specify default exchange..."
-libeufin-sandbox default-exchange \
+test -a $INIT_MARKER || libeufin-sandbox default-exchange \
${EXCHANGE_URL} \
"payto://iban/SANDBOXX/${EXCHANGE_IBAN}?receiver-name=Exchange+Company"
echo DONE
@@ -73,10 +79,10 @@ echo -n "Create exchange EBICS subscriber at Sandbox.."
export LIBEUFIN_SANDBOX_USERNAME=admin
export LIBEUFIN_SANDBOX_PASSWORD=secret
echo -n "Create EBICS host at Sandbox.."
-libeufin-cli sandbox --sandbox-url $SANDBOX_BASE_URL ebicshost create
--host-id talerebics
+test -a $INIT_MARKER || libeufin-cli sandbox --sandbox-url $SANDBOX_BASE_URL
ebicshost create --host-id talerebics
echo DONE
echo -n "Create exchange's EBICS subscriber at Sandbox.."
-libeufin-cli sandbox \
+test -a $INIT_MARKER || libeufin-cli sandbox \
demobank new-ebicssubscriber --host-id talerebics \
--user-id exchangeebics --partner-id talerpartner \
--bank-account $EXCHANGE_SANDBOX_USERNAME
@@ -84,8 +90,10 @@ echo DONE
## NEXUS SETUP
EXCHANGE_NEXUS_USERNAME=`taler-config -c /config/deployment.conf -s
taler-deployment -o exchange-nexus-username`
EXCHANGE_NEXUS_PASSWORD=`taler-config -c /config/deployment.conf -s
taler-deployment -o exchange-nexus-password`
-export
LIBEUFIN_NEXUS_DB_CONNECTION="jdbc:sqlite:${MAYBE_VOLUME_MOUNTPOINT}/nexus.sqlite3"
+
echo -n "Creating Nexus superuser..."
+# Idempotent in the sense that if the user is found,
+# they'll get the password changed.
libeufin-nexus superuser $EXCHANGE_NEXUS_USERNAME \
--password $EXCHANGE_NEXUS_PASSWORD
echo DONE
@@ -97,8 +105,12 @@ is_serving $LIBEUFIN_NEXUS_URL Nexus
export LIBEUFIN_NEXUS_USERNAME=$EXCHANGE_NEXUS_USERNAME
export LIBEUFIN_NEXUS_PASSWORD=$EXCHANGE_NEXUS_PASSWORD
+
echo -n Creating a EBICS connection at Nexus..
-libeufin-cli connections new-ebics-connection \
+# Not idempotent: the implementation does check if
+# a connection with the requested name exists, and
+# returns "409 Conflict". FIXME
+test -a $INIT_MARKER || libeufin-cli connections new-ebics-connection \
--ebics-url "${SANDBOX_BASE_URL}/ebicsweb" \
--host-id talerebics \
--partner-id talerpartner \
@@ -106,12 +118,15 @@ libeufin-cli connections new-ebics-connection \
talerconn
echo DONE
echo -n Setup EBICS keying..
-libeufin-cli connections connect talerconn > /dev/null
+# idempotent (noop if 'talerconn' is found)
+libeufin-cli connections connect talerconn > /dev/null
echo DONE
echo -n Download bank account name from Sandbox..
+# idempotent (only stores new bank account names)
libeufin-cli connections download-bank-accounts talerconn
echo DONE
echo -n Importing bank account info into Nexus..
+# idempotent
NEXUS_IMPORTED_BANKACCOUNT=nexus-bankaccount
libeufin-cli connections import-bank-account \
--offered-account-id $EXCHANGE_SANDBOX_USERNAME \
@@ -120,7 +135,8 @@ libeufin-cli connections import-bank-account \
echo DONE
echo -n Setup payments submission task..
# Tries every second.
-libeufin-cli accounts task-schedule \
+# Not idempotent, FIXME
+test -a $INIT_MARKER || libeufin-cli accounts task-schedule \
--task-type submit \
--task-name exchange-payments \
--task-cronspec "* * *" \
@@ -128,7 +144,8 @@ libeufin-cli accounts task-schedule \
echo DONE
# Tries every second. Ask C52
echo -n Setup history fetch task..
-libeufin-cli accounts task-schedule \
+# Not idempotent, FIXME
+test -a $INIT_MARKER || libeufin-cli accounts task-schedule \
--task-type fetch \
--task-name exchange-history \
--task-cronspec "* * *" \
@@ -137,11 +154,15 @@ libeufin-cli accounts task-schedule \
$NEXUS_IMPORTED_BANKACCOUNT
echo DONE
echo -n Create the Taler facade at Nexus..
+# Not idempotent, in the sense that a duplicate
+# facade will be created. FIXME
FACADE_NAME=taler-facade
-libeufin-cli facades \
+test -a $INIT_MARKER || libeufin-cli facades \
new-taler-wire-gateway-facade \
--currency ${CURRENCY} --facade-name $FACADE_NAME \
talerconn $NEXUS_IMPORTED_BANKACCOUNT
echo DONE
+touch $INIT_MARKER
+
wait
diff --git a/docker/hybrid/images/merchant/startup.sh
b/docker/hybrid/images/merchant/startup.sh
index ac63328..118998a 100644
--- a/docker/hybrid/images/merchant/startup.sh
+++ b/docker/hybrid/images/merchant/startup.sh
@@ -44,7 +44,7 @@ socat TCP-LISTEN:5556,fork,reuseaddr TCP:localhost:80 &
is_serving () {
echo Checking $1
-for n in `seq 1 20`
+for n in `seq 1 50`
do
echo "."
sleep 0.5
@@ -69,8 +69,9 @@ sed -i "s/__CURRENCY__/${CURRENCY}/" /config/taler.conf
sed -i "s/__BACKEND_APIKEY__/${BACKEND_APIKEY}/" /config/taler.conf
sed -i "s;__BACKEND_URL__;${BACKEND_URL};" /config/taler.conf
sed -i "s;__DB_PASSWORD__;${DB_PASSWORD};" /config/taler.conf
-echo -n "Reset database..."
-taler-merchant-dbinit -L DEBUG -c /config/taler.conf --reset
+
+echo "Init database... "
+taler-merchant-dbinit -L DEBUG -c /config/taler.conf
echo DONE
echo -n "Launch merchant backend..."
taler-merchant-httpd -c /config/taler.conf 2>&1 | \
diff --git a/docker/hybrid/import-backup.sh b/docker/hybrid/import-backup.sh
index c49ad15..4fdb9c4 100755
--- a/docker/hybrid/import-backup.sh
+++ b/docker/hybrid/import-backup.sh
@@ -13,7 +13,7 @@ if ! docker images | grep debian | grep stable > /dev/null;
then
fi
if test -z $1; then
- echo Please, give the backup file\'s path as the one argument.
+ echo "Please, give the backup (TAR) file\'s path as the one argument."
exit 1
fi
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-deployment] branch master updated (4df2efe -> b905103),
gnunet <=