[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: update auditor documentation
|
From: |
gnunet |
|
Subject: |
[taler-docs] branch master updated: update auditor documentation |
|
Date: |
Sat, 26 Jun 2021 13:24:11 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new 7f79142 update auditor documentation
7f79142 is described below
commit 7f79142cbd08755cc022b83376e640c6a7c6ae04
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sat Jun 26 13:24:09 2021 +0200
update auditor documentation
---
taler-auditor-manual.rst | 55 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst
index 96c39d2..05ec782 100644
--- a/taler-auditor-manual.rst
+++ b/taler-auditor-manual.rst
@@ -618,6 +618,61 @@ replicate schema changes), ``taler-exchange-dbinit`` can
be used to migrate
the schema(s) in both the ingres and production copies of the exchange's
database as well.
+On the exchange side, a database user must be created that has the right
+to perform database replication. This is done using:
+
+.. code-block:: console
+
+ # As the 'postgres' user of the exchange:
+ $ createuser --replication egress
+ $ echo "ALTER ROLE egress WITH PASSWORD '$PASSWORD'; | psql
+ $ echo "CREATE PUBLICATION $NAME FOR ALL TABLES;" | psql taler-exchange
+
+The exchange must share the password of the publication with the auditor. A
+good ``$NAME`` relates to the auditor's buisness unit name. A secure tunnel
+must be setup between the exchange and the auditor, for example using SSH or
+Wireguard.
+
+It is also necessary to edit ``main.cf`` of the exchange and on the auditor
+side to enable logical replication. If an exchange has multiple auditors, it
+should setup multiple ``egress`` accounts. The exchange must ensure that
+the following lines are in the ``main.cf`` Postgres configuaration (the port
+may differ) to enable replication over the network:
+
+.. code-block::
+
+ listen_addresses='*'
+ port = 5432
+ wal_level= logical
+
+Equally, the auditor must configure logical replication in the ``main.cf``
+Postgres configuaration:
+
+.. code-block::
+
+ wal_level= logical
+
+Next, the ``postgres`` user of the auditor's system must first initialize the
+local tables:
+
+.. code-block:: console
+
+ # As the 'ingress' user of the exchange:
+ $ taler-config -s exchange -o DB -V "postgres"
+ $ taler-config -s exchangedb-postgres -o CONFIG -V
"postgres:///taler-ingress"
+ $ taler-exchange-dbinit
+
+To complete the replication, the ``postgres`` user of the auditor's
+system must subscribe:
+
+.. code-block:: console
+
+ # As the 'postgres' user of the exchange:
+ $ createuser --replication egress
+ $ echo "ALTER ROLE egress WITH PASSWORD '$PASSWORD'; | psql
+ $ echo "CREATE PUBLICATION $NAME FOR ALL TABLES;" | psql taler-exchange
+
+
For details, we refer to the Postgres manual.
.. note::
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: update auditor documentation,
gnunet <=