[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] 01/02: debian: revise maintainer scripts and service fi
|
From: |
gnunet |
|
Subject: |
[taler-exchange] 01/02: debian: revise maintainer scripts and service files |
|
Date: |
Mon, 26 Jul 2021 14:20:37 +0200 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository exchange.
commit 5430dc34180e1c72c9a09f9eb17c2999e426bf77
Author: Florian Dold <florian@dold.me>
AuthorDate: Mon Jul 26 14:18:02 2021 +0200
debian: revise maintainer scripts and service files
---
debian/changelog | 8 +
debian/control | 21 +-
debian/etc/taler/exchange-offline.conf | 8 +
debian/libtalerexchange.install | 1 +
debian/taler-auditor.postinst | 111 +++--------
debian/taler-auditor.postrm | 57 ++----
debian/taler-auditor.taler-auditor-httpd.service | 13 ++
debian/taler-auditor.templates | 16 --
...xchange-httpd.taler-exchange-aggregator.service | 14 ++
...ler-exchange-httpd.taler-exchange-httpd.service | 21 ++
...hange-httpd.taler-exchange-secmod-eddsa.service | 14 ++
...xchange-httpd.taler-exchange-secmod-rsa.service | 14 ++
...-exchange-httpd.taler-exchange-transfer.service | 15 ++
...exchange-httpd.taler-exchange-wirewatch.service | 15 ++
debian/taler-exchange-offline.install | 5 +
debian/taler-exchange-offline.postinst | 42 ++++
debian/taler-exchange.config | 25 ---
debian/taler-exchange.install | 33 +++-
debian/taler-exchange.postinst | 214 ++-------------------
debian/taler-exchange.postrm | 72 ++-----
debian/taler-exchange.templates | 67 -------
21 files changed, 283 insertions(+), 503 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index be14355a..ecd2b0ae 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+taler-exchange (0.9.0-15) unstable; urgency=low
+
+ * New Taler amount operations (set zero, ...) added.
+ * New configuration file structure
+ * New taler-exchange-offline package
+
+ -- Florian Dold <dold@taler.net> Mon, 26 Jul 2021 11:21:39 +0200
+
taler-exchange (0.9.0-14) unstable; urgency=low
* Expose additional symbols needed in merchant logic.
diff --git a/debian/control b/debian/control
index 8ea436df..4e95256c 100644
--- a/debian/control
+++ b/debian/control
@@ -44,7 +44,7 @@ Depends:
netbase,
${misc:Depends},
${shlibs:Depends}
-Description: libraries to talk to a GNU Taler exchange.
+Description: libraries to talk to a GNU Taler exchange
Package: taler-exchange-database
Architecture: any
@@ -55,7 +55,7 @@ Depends:
netbase,
${misc:Depends},
${shlibs:Depends}
-Description: programs and libraries to manage a GNU Taler exchange database.
+Description: programs and libraries to manage a GNU Taler exchange database
Package: taler-exchange
Architecture: any
@@ -71,7 +71,20 @@ Depends:
dbconfig-pgsql | dbconfig-no-thanks,
${misc:Depends},
${shlibs:Depends}
-Description: GNU's payment system operator.
+Description: GNU's payment system operator
+
+Package: taler-exchange-offline
+Architecture: any
+Pre-Depends:
+ ${misc:Pre-Depends}
+Depends:
+ libtalerexchange (= ${binary:Version}),
+ adduser,
+ lsb-base,
+ netbase,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: tools for managing the GNU Taler exchange offline keys
Package: taler-auditor
Architecture: any
@@ -87,7 +100,7 @@ Depends:
python3-jinja2,
${misc:Depends},
${shlibs:Depends}
-Description: GNU's payment system auditor.
+Description: GNU's payment system auditor
Package: libtalerexchange-dev
Section: libdevel
diff --git a/debian/etc/taler/exchange-offline.conf
b/debian/etc/taler/exchange-offline.conf
new file mode 100644
index 00000000..c1c039f9
--- /dev/null
+++ b/debian/etc/taler/exchange-offline.conf
@@ -0,0 +1,8 @@
+# This configuration file is the entry point for the offline key management.
+#
+# It includes other configuration files, which are applied on top of the
+# read-only base configuration (typically in /usr/share/taler/config.d/).
+
+# This file should be identical to the business configuration of the running
+# online exchange
+@INLINE@ exchange-business.conf
diff --git a/debian/libtalerexchange.install b/debian/libtalerexchange.install
index 9e1983c9..8aa7f7c0 100644
--- a/debian/libtalerexchange.install
+++ b/debian/libtalerexchange.install
@@ -3,3 +3,4 @@ usr/lib/*/libtaler*
usr/share/taler/config.d/paths.conf
usr/share/taler/config.d/taler.conf
usr/share/man/man5/taler.conf.5
+usr/share/man/man1/taler-config*
diff --git a/debian/taler-auditor.postinst b/debian/taler-auditor.postinst
index 7d386508..8e032cbd 100644
--- a/debian/taler-auditor.postinst
+++ b/debian/taler-auditor.postinst
@@ -4,90 +4,35 @@ set -e
. /usr/share/debconf/confmodule
-case "${1}" in
- configure)
- db_version 2.0
-
- db_get taler-auditor/username
- _USERNAME="${RET:-taler-auditor-httpd}"
-
- db_get taler-auditor/groupname
- _GROUPNAME="${RET:-taler-auditor-httpd}"
-
- db_stop
-
- CONFIG_FILE="/etc/default/taler-auditor"
- TALER_HOME="/var/lib/taler-auditor"
-
- # Creating taler groups as needed
- if ! getent group ${_GROUPNAME} > /dev/null
- then
- echo -n "Creating new Taler group ${_GROUPNAME}:"
- addgroup --quiet --system ${_GROUPNAME}
- echo " done."
- fi
- # Creating taler users if needed
- if ! getent passwd ${_USERNAME} > /dev/null
- then
- echo -n "Creating new Taler user ${_USERNAME}:"
- adduser --quiet --system --ingroup ${_GROUPNAME} --home
${TALER_HOME}/httpd ${_USERNAME}
- echo " done."
- fi
- # Writing new values to configuration file
- echo -n "Writing new configuration file:"
- CONFIG_NEW=$(tempfile)
-
-cat > "${CONFIG_NEW}" <<EOF
-# This file controls the behaviour of the Taler init script.
-# It will be parsed as a shell script.
-# please do not edit by hand, use 'dpkg-reconfigure taler-auditor'.
-
-TALER_USER=${_USERNAME}
-TALER_GROUP=${_GROUPNAME}
-EOF
-
-cat > "/etc/systemd/system/taler-auditor-httpd.service" <<EOF
-[Unit]
-Description=GNU Taler payment system auditor REST API
-After=postgres.service network.target
-
-[Service]
-EnvironmentFile=/etc/default/taler-auditor
-User=${_USERNAME}
-Type=simple
-Restart=on-failure
-ExecStart=/usr/bin/taler-auditor-httpd -c /etc/taler-auditor.conf
+CONFIG_FILE="/etc/default/taler-auditor"
+TALER_HOME="/var/lib/taler-auditor"
+_USERNAME=taler-auditor-httpd
+_GROUPNAME=taler-auditor-httpd
-[Install]
-WantedBy=multi-user.target
-EOF
-
- cp -f "${CONFIG_NEW}" "${CONFIG_FILE}"
- rm -f "${CONFIG_NEW}"
- echo " done."
-
- echo -n "Setting up system services "
-
- mkdir -p /var/lib/taler-auditor/tmp
- chown root:${_GROUPNAME} /var/lib/taler-auditor/tmp
- chmod 770 /var/lib/taler-auditor/tmp
- chmod +s /var/lib/taler-auditor/tmp
-
- systemctl daemon-reload
-
- echo "done."
-
- # Cleaning
- echo "All done."
- ;;
-
- abort-upgrade|abort-remove|abort-deconfigure)
- ;;
-
- *)
- echo "postinst called with unknown argument \`${1}'" >&2
- exit 1
- ;;
+case "${1}" in
+configure)
+ # Creating taler groups as needed
+ if ! getent group ${_GROUPNAME} >/dev/null; then
+ echo -n "Creating new Taler group ${_GROUPNAME} ..."
+ addgroup --quiet --system ${_GROUPNAME}
+ echo " done."
+ fi
+ # Creating taler users if needed
+ if ! getent passwd ${_USERNAME} >/dev/null; then
+ echo -n "Creating new Taler user ${_USERNAME} ..."
+ adduser --quiet --system --ingroup ${_GROUPNAME} --home
${TALER_HOME}/httpd ${_USERNAME}
+ echo " done."
+ fi
+
+ # Cleaning
+ echo "All done."
+ ;;
+
+abort-upgrade | abort-remove | abort-deconfigure) ;;
+*)
+ echo "postinst called with unknown argument \`${1}'" >&2
+ exit 1
+ ;;
esac
#DEBHELPER#
diff --git a/debian/taler-auditor.postrm b/debian/taler-auditor.postrm
index 7697a414..82e82675 100644
--- a/debian/taler-auditor.postrm
+++ b/debian/taler-auditor.postrm
@@ -2,55 +2,20 @@
set -e
-pathfind() {
- OLDIFS="$IFS"
- IFS=:
- for p in $PATH; do
- if [ -x "$p/$*" ]; then
- IFS="$OLDIFS"
- return 0
- fi
- done
- IFS="$OLDIFS"
- return 1
-}
-
-if [ -f /usr/share/debconf/confmodule ];
-then
- . /usr/share/debconf/confmodule
+if [ -f /usr/share/debconf/confmodule ]; then
+ . /usr/share/debconf/confmodule
fi
case "${1}" in
- purge)
- db_version 2.0
-
- db_get taler-auditor/username
- _USERNAME="${RET:-taler-auditor-httpd}"
-
- db_get taler-auditor/groupname
- _GROUPNAME="${RET:-taler-auditor-httpd}"
-
- if pathfind deluser
- then
- deluser --quiet --system ${_USERNAME} || true
- fi
-
- if pathfind delgroup
- then
- delgroup --quiet --system --only-if-empty ${_GROUPNAME}
|| true
- fi
-
- rm -rf /var/log/taler-auditor/ /var/lib/taler-auditor
/etc/default/taler-auditor
- ;;
-
- remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
-
- ;;
-
- *)
- echo "postrm called with unknown argument \`${1}'" >&2
- exit 1
- ;;
+purge)
+ rm -rf /var/log/taler-auditor/ /var/lib/taler-auditor
/etc/default/taler-auditor
+ ;;
+
+remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear)
;;
+*)
+ echo "postrm called with unknown argument \`${1}'" >&2
+ exit 1
+ ;;
esac
#DEBHELPER#
diff --git a/debian/taler-auditor.taler-auditor-httpd.service
b/debian/taler-auditor.taler-auditor-httpd.service
new file mode 100644
index 00000000..08a07327
--- /dev/null
+++ b/debian/taler-auditor.taler-auditor-httpd.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=GNU Taler payment system auditor REST API
+After=postgres.service network.target
+
+[Service]
+EnvironmentFile=/etc/default/taler-auditor
+User=taler-auditor-httpd
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-auditor-httpd -c /etc/taler-auditor.conf
+
+[Install]
+WantedBy=multi-user.target
diff --git a/debian/taler-auditor.templates b/debian/taler-auditor.templates
deleted file mode 100644
index 06eac63b..00000000
--- a/debian/taler-auditor.templates
+++ /dev/null
@@ -1,16 +0,0 @@
-Template: taler-auditor/username
-Type: string
-Default: taler-auditor-httpd
-_Description: Taler user:
- Please choose the user that the taler-auditor-httpd process will run as.
- .
- This should be a dedicated account. If the specified account does not
- already exist, it will automatically be created, with no login shell.
-
-Template: taler-auditor/groupname
-Type: string
-Default: taler-auditor-httpd
-_Description: Taler group:
- Please choose the group that the taler-auditor-httpd will run as.
- .
- This should be a dedicated group, not one that already owns data.
diff --git a/debian/taler-exchange-httpd.taler-exchange-aggregator.service
b/debian/taler-exchange-httpd.taler-exchange-aggregator.service
new file mode 100644
index 00000000..91b0ade7
--- /dev/null
+++ b/debian/taler-exchange-httpd.taler-exchange-aggregator.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=GNU Taler payment system exchange aggregator service
+
+[Service]
+EnvironmentFile=/etc/default/taler-exchange
+User=taler-exchange-aggregator
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-aggregator -c
/etc/taler/exchange-service-default.conf
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectSystem=full
diff --git a/debian/taler-exchange-httpd.taler-exchange-httpd.service
b/debian/taler-exchange-httpd.taler-exchange-httpd.service
new file mode 100644
index 00000000..e88bd84f
--- /dev/null
+++ b/debian/taler-exchange-httpd.taler-exchange-httpd.service
@@ -0,0 +1,21 @@
+[Unit]
+Description=GNU Taler payment system exchange REST API
+AssertPathExists=/var/lib/taler-exchange/
+Requires=taler-exchange-httpd.socket taler-exchange-secmod-rsa.service
taler-exchange-secmod-eddsa.service
+Wants=taler-exchange-wirewatch.service taler-exchange-aggregator.service
taler-exchange-transfer.service
+After=postgres.service network.target
+
+[Service]
+EnvironmentFile=/etc/default/taler-exchange
+User=taler-exchange-httpd
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-httpd -c
/etc/taler/exchange-service-default.conf
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=no
+PrivateDevices=yes
+ProtectSystem=full
+
+[Install]
+WantedBy=multi-user.target
diff --git a/debian/taler-exchange-httpd.taler-exchange-secmod-eddsa.service
b/debian/taler-exchange-httpd.taler-exchange-secmod-eddsa.service
new file mode 100644
index 00000000..3bd9cc55
--- /dev/null
+++ b/debian/taler-exchange-httpd.taler-exchange-secmod-eddsa.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=GNU Taler payment system exchange EdDSA security module
+
+[Service]
+EnvironmentFile=/etc/default/taler-exchange
+User=taler-exchange-secmod-eddsa
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-secmod-eddsa -c
/etc/taler/exchange-service-default.conf
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=no
+PrivateDevices=yes
+ProtectSystem=full
diff --git a/debian/taler-exchange-httpd.taler-exchange-secmod-rsa.service
b/debian/taler-exchange-httpd.taler-exchange-secmod-rsa.service
new file mode 100644
index 00000000..27448547
--- /dev/null
+++ b/debian/taler-exchange-httpd.taler-exchange-secmod-rsa.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=GNU Taler payment system exchange RSA security module
+
+[Service]
+EnvironmentFile=/etc/default/taler-exchange
+User=taler-exchange-secmod-rsa
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-secmod-rsa -c
/etc/taler/exchange-service-default.conf
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=no
+PrivateDevices=yes
+ProtectSystem=full
diff --git a/debian/taler-exchange-httpd.taler-exchange-transfer.service
b/debian/taler-exchange-httpd.taler-exchange-transfer.service
new file mode 100644
index 00000000..00fe977f
--- /dev/null
+++ b/debian/taler-exchange-httpd.taler-exchange-transfer.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=GNU Taler payment system exchange transfer service
+After=network.target
+
+[Service]
+EnvironmentFile=/etc/default/taler-exchange
+User=taler-exchange-wire
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-wirewatch -c
/etc/taler/exchange-service-wire.conf
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectSystem=full
diff --git a/debian/taler-exchange-httpd.taler-exchange-wirewatch.service
b/debian/taler-exchange-httpd.taler-exchange-wirewatch.service
new file mode 100644
index 00000000..3f301062
--- /dev/null
+++ b/debian/taler-exchange-httpd.taler-exchange-wirewatch.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=GNU Taler payment system exchange wirewatch service
+After=network.target
+
+[Service]
+EnvironmentFile=/etc/default/taler-exchange
+User=taler-exchange-wire
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/taler-exchange-wirewatch -c
/etc/taler/exchange-service-wire.conf
+StandardOutput=journal
+StandardError=journal
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectSystem=full
diff --git a/debian/taler-exchange-offline.install
b/debian/taler-exchange-offline.install
new file mode 100644
index 00000000..fbaef9b9
--- /dev/null
+++ b/debian/taler-exchange-offline.install
@@ -0,0 +1,5 @@
+usr/bin/taler-exchange-offline
+usr/share/man/man1/taler-exchange-offline
+
+# configuration files in /etc/taler
+debian/etc/taler/exchange-offline.conf etc/taler/
diff --git a/debian/taler-exchange-offline.postinst
b/debian/taler-exchange-offline.postinst
new file mode 100644
index 00000000..125afbc5
--- /dev/null
+++ b/debian/taler-exchange-offline.postinst
@@ -0,0 +1,42 @@
+#!/bin/bash
+
+set -e
+
+. /usr/share/debconf/confmodule
+
+TALEROFF_HOME="/var/lib/taler-exchange-offline"
+
+# usage: lncfg user home target
+function lncfg() {
+ local cf=$TALER_HOME/$2/.config
+ if [ ! -e $cf ]; then
+ mkdir $cf
+ chown $(stat -L -c %u $TALER_HOME/$2):$(stat -L -c %g $TALER_HOME/$2) $cf
+ fi
+ ln -sf $3 $cf/taler.conf
+}
+
+case "${1}" in
+configure)
+
+ addgroup --quiet --system taler-exchange-offline
+
+ adduser --quiet --system --ingroup taler-exchange-offline --home
${TALEROFF_HOME}/httpd taler-exchange-offline
+
+ lncfg taler-exchange-offline taler-exchange-offline
/etc/taler/exchange-offline.conf
+
+ # Cleaning
+ echo "All done."
+ ;;
+
+abort-upgrade | abort-remove | abort-deconfigure) ;;
+
+*)
+ echo "postinst called with unknown argument \`${1}'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/taler-exchange.config b/debian/taler-exchange.config
deleted file mode 100644
index c8ef2b4f..00000000
--- a/debian/taler-exchange.config
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/sh
-
-set -e
-
-. /usr/share/debconf/confmodule
-
-db_input low taler-exchange/eusername || true
-db_go
-
-db_input low taler-exchange/rsecusername || true
-db_go
-
-db_input low taler-exchange/esecusername || true
-db_go
-
-db_input low taler-exchange/wireusername || true
-db_go
-
-db_input low taler-exchange/aggrusername || true
-db_go
-
-db_input low taler-exchange/groupname || true
-db_go
-
-db_stop
diff --git a/debian/taler-exchange.install b/debian/taler-exchange.install
index 87e3d056..3f7ad39d 100644
--- a/debian/taler-exchange.install
+++ b/debian/taler-exchange.install
@@ -1,17 +1,42 @@
-usr/bin/taler-exchange-*
+usr/bin/taler-exchange-aggregator
+usr/bin/taler-exchange-benchmark
+usr/bin/taler-exchange-closer
+usr/bin/taler-exchange-dbinit
+usr/bin/taler-exchange-httpd
+usr/bin/taler-exchange-secmod-eddsa
+usr/bin/taler-exchange-secmod-rsa
+usr/bin/taler-exchange-transfer
+usr/bin/taler-exchange-wirewatch
usr/bin/taler-bank-benchmark
usr/bin/taler-bank-manage-testing
usr/bin/taler-fakebank-run
usr/bin/taler-nexus-prepare
usr/bin/taler-wire-gateway-client
-usr/share/man/man1/taler-exchange*
+usr/share/man/man1/taler-exchange-aggregator
+usr/share/man/man1/taler-exchange-benchmark
+usr/share/man/man1/taler-exchange-closer
+usr/share/man/man1/taler-exchange-dbinit
+usr/share/man/man1/taler-exchange-httpd
+usr/share/man/man1/taler-exchange-secmod-eddsa
+usr/share/man/man1/taler-exchange-secmod-rsa
+usr/share/man/man1/taler-exchange-transfer
+usr/share/man/man1/taler-exchange-wirewatch
usr/share/man/man1/taler-bank*
-usr/share/man/man1/taler-config*
usr/share/man/man1/taler-wire*
usr/share/info/taler-bank*
usr/share/info/taler-exchange*
usr/share/taler/config.d/*
-debian/etc/taler/exchange* etc/taler/
+
+# configuration files in /etc/taler
+debian/etc/taler/exchange-business.conf etc/taler/
+debian/etc/taler/exchange-db.conf etc/taler/
+debian/etc/taler/exchange-service-default.conf etc/taler/
+debian/etc/taler/exchange-service-wire.conf etc/taler/
+debian/etc/taler/exchange-system.conf etc/taler
+debian/etc/taler/exchange-wire-gateway.conf etc/taler/
+
+# sample config files
debian/exchange-conf/* usr/share/taler/sample-configs/
+
usr/share/taler-exchange/pp/*/*
usr/share/taler-exchange/tos/*/*
diff --git a/debian/taler-exchange.postinst b/debian/taler-exchange.postinst
index f3a9a6f2..61e1a477 100644
--- a/debian/taler-exchange.postinst
+++ b/debian/taler-exchange.postinst
@@ -5,6 +5,14 @@ set -e
. /usr/share/debconf/confmodule
TALER_HOME="/var/lib/taler-exchange"
+CONFIG_FILE="/etc/default/taler-exchange"
+_GROUPNAME=taler-exchange-secmod
+_DBGROUPNAME=taler-exchange-db
+_EUSERNAME=taler-exchange-httpd
+_RSECUSERNAME=taler-exchange-secmod-rsa
+_ESECUSERNAME=taler-exchange-secmod-rsa
+_AGGRUSERNAME=taler-exchange-aggregator
+_WIREUSERNAME=taler-exchange-wire
# usage: fixperm user:group perms file
function fixperm() {
@@ -24,240 +32,52 @@ function lncfg() {
case "${1}" in
configure)
- db_version 2.0
- db_get taler-exchange/eusername
- _EUSERNAME="${RET:-taler-exchange-httpd}"
-
- db_get taler-exchange/rsecusername
- _RSECUSERNAME="${RET:-taler-exchange-secmod-rsa}"
-
- db_get taler-exchange/esecusername
- _ESECUSERNAME="${RET:-taler-exchange-secmod-eddsa}"
-
- db_get taler-exchange/wireusername
- _WIREUSERNAME="${RET:-taler-exchange-wire}"
-
- db_get taler-exchange/aggrusername
- _AGGRUSERNAME="${RET:-taler-exchange-aggregator}"
-
- db_get taler-exchange/groupname
- _GROUPNAME="${RET:-taler-private}"
-
- db_get taler-exchange/dbgroupname
- _DBGROUPNAME="${RET:-taler-exchange-db}"
-
- db_stop
-
- CONFIG_FILE="/etc/default/taler-exchange"
-
- # Creating taler groups as needed
+ # Create taler groups as needed
if ! getent group ${_GROUPNAME} >/dev/null; then
- echo -n "Creating new Taler group ${_GROUPNAME}:"
+ echo -n "Creating new Taler group ${_GROUPNAME} ..."
addgroup --quiet --system ${_GROUPNAME}
echo " done."
fi
if ! getent group ${_DBGROUPNAME} >/dev/null; then
- echo -n "Creating new Taler group ${_DBGROUPNAME}:"
+ echo -n "Creating new Taler group ${_DBGROUPNAME} ..."
addgroup --quiet --system ${_DBGROUPNAME}
echo " done."
fi
- # Creating taler users if needed
+ # Create taler users if needed
if ! getent passwd ${_EUSERNAME} >/dev/null; then
- echo -n "Creating new Taler user ${_EUSERNAME}:"
+ echo -n "Creating new Taler user ${_EUSERNAME} ..."
adduser --quiet --system --ingroup ${_GROUPNAME} --home
${TALER_HOME}/httpd ${_EUSERNAME}
adduser ${_EUSERNAME} ${_DBGROUPNAME}
echo " done."
fi
if ! getent passwd ${_RSECUSERNAME} >/dev/null; then
- echo -n "Creating new Taler user ${_RSECUSERNAME}:"
+ echo -n "Creating new Taler user ${_RSECUSERNAME} ..."
adduser --quiet --system --ingroup ${_GROUPNAME} --home
${TALER_HOME}/secmod-rsa ${_RSECUSERNAME}
echo " done."
fi
if ! getent passwd ${_ESECUSERNAME} >/dev/null; then
- echo -n "Creating new Taler user ${_ESECUSERNAME}:"
+ echo -n "Creating new Taler user ${_ESECUSERNAME} ..."
adduser --quiet --system --ingroup ${_GROUPNAME} --home
${TALER_HOME}/secmod-eddsa ${_ESECUSERNAME}
echo " done."
fi
if ! getent passwd ${_WIREUSERNAME} >/dev/null; then
- echo -n "Creating new Taler user ${_WIREUSERNAME}:"
+ echo -n "Creating new Taler user ${_WIREUSERNAME} ..."
adduser --quiet --system --home ${TALER_HOME}/wire ${_WIREUSERNAME}
adduser --quiet ${_WIREUSERNAME} ${_DBGROUPNAME}
echo " done."
fi
if ! getent passwd ${_AGGRUSERNAME} >/dev/null; then
- echo -n "Creating new Taler user ${_AGGRUSERNAME}:"
+ echo -n "Creating new Taler user ${_AGGRUSERNAME} ..."
adduser --quiet --system --home ${TALER_HOME}/aggregator ${_AGGRUSERNAME}
adduser --quiet ${_AGGRUSERNAME} ${_DBGROUPNAME}
echo " done."
fi
- # Writing new values to configuration file
- echo -n "Writing new configuration file:"
- CONFIG_NEW=$(tempfile)
-
- cat >"${CONFIG_NEW}" <<EOF
-# This file controls the behaviour of the Taler init script.
-# It will be parsed as a shell script.
-# please do not edit by hand, use 'dpkg-reconfigure taler-exchange'.
-
-TALER_EUSER=${_EUSERNAME}
-TALER_RSECUSER=${_RSECUSERNAME}
-TALER_ESECUSER=${_ESECUSERNAME}
-TALER_WIREUSER=${_WIREUSERNAME}
-TALER_AGGRUSER=${_AGGRUSERNAME}
-TALER_GROUP=${_GROUPNAME}
-EOF
-
- cat >"/etc/systemd/system/taler-exchange-httpd.socket" <<EOF
-[Unit]
-Description=Taler Exchange Socket
-PartOf=taler-exchange-httpd.service
-
-[Socket]
-ListenStream=/var/lib/taler-exchange/exchange.sock
-Accept=no
-Service=taler-exchange-httpd.service
-SocketUser=${_EUSERNAME}
-SocketGroup=www-data
-SocketMode=0660
-
-[Install]
-WantedBy=sockets.target
-EOF
-
- cat >"/etc/systemd/system/taler-exchange-httpd.service" <<EOF
-[Unit]
-Description=GNU Taler payment system exchange REST API
-AssertPathExists=/var/lib/taler-exchange/
-Requires=taler-exchange-httpd.socket taler-exchange-secmod-rsa.service
taler-exchange-secmod-eddsa.service
-Wants=taler-exchange-wirewatch.service taler-exchange-aggregator.service
taler-exchange-transfer.service
-After=postgres.service network.target
-
-[Service]
-EnvironmentFile=/etc/default/taler-exchange
-User=${_EUSERNAME}
-Type=simple
-Restart=on-failure
-ExecStart=/usr/bin/taler-exchange-httpd -c
/etc/taler/exchange-service-default.conf
-StandardOutput=journal
-StandardError=journal
-PrivateTmp=no
-PrivateDevices=yes
-ProtectSystem=full
-
-[Install]
-WantedBy=multi-user.target
-EOF
-
- cat >"/etc/systemd/system/taler-exchange-secmod-rsa.service" <<EOF
-[Unit]
-Description=GNU Taler payment system exchange RSA security module
-
-[Service]
-EnvironmentFile=/etc/default/taler-exchange
-User=${_RSECUSERNAME}
-Type=simple
-Restart=on-failure
-ExecStart=/usr/bin/taler-exchange-secmod-rsa -c
/etc/taler/exchange-service-default.conf
-StandardOutput=journal
-StandardError=journal
-PrivateTmp=no
-PrivateDevices=yes
-ProtectSystem=full
-
-EOF
- cat >"/etc/systemd/system/taler-exchange-secmod-eddsa.service" <<EOF
-[Unit]
-Description=GNU Taler payment system exchange EdDSA security module
-
-[Service]
-EnvironmentFile=/etc/default/taler-exchange
-User=${_ESECUSERNAME}
-Type=simple
-Restart=on-failure
-ExecStart=/usr/bin/taler-exchange-secmod-eddsa -c
/etc/taler/exchange-service-default.conf
-StandardOutput=journal
-StandardError=journal
-PrivateTmp=no
-PrivateDevices=yes
-ProtectSystem=full
-
-EOF
- cat >"/etc/systemd/system/taler-exchange-wirewatch.service" <<EOF
-[Unit]
-Description=GNU Taler payment system exchange wirewatch service
-After=network.target
-
-[Service]
-EnvironmentFile=/etc/default/taler-exchange
-User=${_WIREUSERNAME}
-Type=simple
-Restart=on-failure
-ExecStart=/usr/bin/taler-exchange-wirewatch -c
/etc/taler/exchange-service-wire.conf
-StandardOutput=journal
-StandardError=journal
-PrivateTmp=yes
-PrivateDevices=yes
-ProtectSystem=full
-
-
-EOF
- cat >"/etc/systemd/system/taler-exchange-transfer.service" <<EOF
-[Unit]
-Description=GNU Taler payment system exchange transfer service
-After=network.target
-
-[Service]
-EnvironmentFile=/etc/default/taler-exchange
-User=${_WIREUSERNAME}
-Type=simple
-Restart=on-failure
-ExecStart=/usr/bin/taler-exchange-wirewatch -c
/etc/taler/exchange-service-wire.conf
-StandardOutput=journal
-StandardError=journal
-PrivateTmp=yes
-PrivateDevices=yes
-ProtectSystem=full
-
-EOF
- cat >"/etc/systemd/system/taler-exchange-aggregator.service" <<EOF
-[Unit]
-Description=GNU Taler payment system exchange aggregator service
-
-[Service]
-EnvironmentFile=/etc/default/taler-exchange
-User=${_AGGRUSERNAME}
-Type=simple
-Restart=on-failure
-ExecStart=/usr/bin/taler-exchange-aggregator -c
/etc/taler/exchange-service-default.conf
-StandardOutput=journal
-StandardError=journal
-PrivateTmp=yes
-PrivateDevices=yes
-ProtectSystem=full
-
-
-EOF
-
- cp -f "${CONFIG_NEW}" "${CONFIG_FILE}"
- rm -f "${CONFIG_NEW}"
- echo " done."
-
- echo -n "Setting up system services "
-
- mkdir -p /var/lib/taler-exchange/tmp
- fixperm root:${_GROUPNAME} 770 /var/lib/taler-exchange/tmp
- chmod +s /var/lib/taler-exchange/tmp
-
fixperm ${_WIREUSERNAME}:root 460 /etc/taler/exchange-wire-gateway.conf
fixperm root:${_DBGROUPNAME} 640 /etc/taler/exchange-db.conf
- systemctl daemon-reload >/dev/null 2>&1 || true
-
- echo "done."
-
echo -n "Linking config files"
lncfg ${_EUSERNAME} httpd /etc/taler/exchange-service-default.conf
lncfg ${_RSECUSERNAME} secmod-rsa /etc/taler/exchange-service-default.conf
diff --git a/debian/taler-exchange.postrm b/debian/taler-exchange.postrm
index 5cefa5bc..10d67b77 100644
--- a/debian/taler-exchange.postrm
+++ b/debian/taler-exchange.postrm
@@ -2,72 +2,22 @@
set -e
-pathfind() {
- OLDIFS="$IFS"
- IFS=:
- for p in $PATH; do
- if [ -x "$p/$*" ]; then
- IFS="$OLDIFS"
- return 0
- fi
- done
- IFS="$OLDIFS"
- return 1
-}
-
-if [ -f /usr/share/debconf/confmodule ];
-then
- . /usr/share/debconf/confmodule
+if [ -f /usr/share/debconf/confmodule ]; then
+ . /usr/share/debconf/confmodule
fi
case "${1}" in
- purge)
- db_version 2.0
-
- db_get taler-exchange/eusername
- _EUSERNAME="${RET:-taler-exchange-httpd}"
-
- db_get taler-exchange/rsecusername
- _RSECUSERNAME="${RET:-taler-exchange-secmod-rsa}"
-
- db_get taler-exchange/esecusername
- _ESECUSERNAME="${RET:-taler-exchange-secmod-eddsa}"
-
- db_get taler-exchange/wireusername
- _WIREUSERNAME="${RET:-taler-exchange-wire}"
-
- db_get taler-exchange/aggrusername
- _AGGRUSERNAME="${RET:-taler-exchange-aggregator}"
-
- db_get taler-exchange/groupname
- _GROUPNAME="${RET:-taler-private}"
-
- if pathfind deluser
- then
- deluser --quiet --system ${_EUSERNAME} || true
- deluser --quiet --system ${_RSECUSERNAME} || true
- deluser --quiet --system ${_ESECUSERNAME} || true
- deluser --quiet --system ${_WIREUSERNAME} || true
- deluser --quiet --system ${_AGGRUSERNAME} || true
- fi
-
- if pathfind delgroup
- then
- delgroup --quiet --system --only-if-empty ${_GROUPNAME}
|| true
- fi
-
- rm -rf /var/log/taler-exchange/ /var/lib/taler-exchange
/etc/default/taler-exchange
- rm -f /etc/taler-wire.conf /etc/taler-exchange-db.conf
/etc/taler-exchange.conf
- ;;
-
- remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+purge)
+ rm -rf /var/log/taler-exchange/ /var/lib/taler-exchange
/etc/default/taler-exchange
+ rm -f /etc/taler-wire.conf /etc/taler-exchange-db.conf
/etc/taler-exchange.conf
+ ;;
- ;;
+remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear)
;;
- *)
- echo "postrm called with unknown argument \`${1}'" >&2
- exit 1
- ;;
+*)
+ echo "postrm called with unknown argument \`${1}'" >&2
+ exit 1
+ ;;
esac
#DEBHELPER#
diff --git a/debian/taler-exchange.templates b/debian/taler-exchange.templates
deleted file mode 100644
index 9428bec2..00000000
--- a/debian/taler-exchange.templates
+++ /dev/null
@@ -1,67 +0,0 @@
-Template: taler-exchange/eusername
-Type: string
-Default: taler-exchange-httpd
-_Description: Taler user:
- Please choose the user that the taler-exchange-httpd process will run as.
- .
- This should be a dedicated account. If the specified account does not
- already exist, it will automatically be created, with no login shell.
-
-Template: taler-exchange/rsecusername
-Type: string
-Default: taler-exchange-secmod-rsa
-_Description: Taler user:
- Please choose the user that the taler-exchange-secmod-rsa process will run as.
- .
- This should be a dedicated account. If the specified account does not
- already exist, it will automatically be created, with no login shell.
-
-Template: taler-exchange/esecusername
-Type: string
-Default: taler-exchange-secmod-eddsa
-_Description: Taler user:
- Please choose the user that the taler-exchange-secmod-eddsa process will run
as.
- .
- This should be a dedicated account. If the specified account does not
- already exist, it will automatically be created, with no login shell.
-
-Template: taler-exchange/wireusername
-Type: string
-Default: taler-exchange-wire
-_Description: Taler user:
- Please choose the user that the taler-exchange-transfer and
- taler-exchange-wirewatch processes will run as.
- .
- This should be a dedicated account. If the specified account does not
- already exist, it will automatically be created, with no login shell.
-
-Template: taler-exchange/aggrusername
-Type: string
-Default: taler-exchange-aggregator
-_Description: Taler user:
- Please choose the user that the taler-exchange-aggregator process will run as.
- .
- This should be a dedicated account. If the specified account does not
- already exist, it will automatically be created, with no login shell.
-
-Template: taler-exchange/groupname
-Type: string
-Default: taler-private
-_Description: Taler group:
- Please choose the group that the Taler exchange and security
- modules will run as.
- .
- This should be a dedicated group, not one that already owns data.
- Only the members of this group will have access to Taler private
- online signing keys.
-
-
-Template: taler-exchange/dbgroupname
-Type: string
-Default: taler-exchange-db
-_Description: Taler group:
- Please choose the group that the Taler users with database access
- should be in.
- .
- This should be a dedicated group, not one that already owns data.
- Only the members of this group will have access to Taler database.
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.