[lp23-speaker-slides.git] / Sebastian_Marchano / walkthrough.sh

#!/usr/bin/env bash
# This file is in the public domain.

#########
# This is an example of the steps needed to install and run GNU Taler
########

# This script assume root privileges.
# Use this if you know what you are doing.

export LANGUAGE=C
export LC_ALL=C
export LANG=C
export LC_CTYPE=C

set -e

export CURRENCY=LIBRE
export EXCHANGE_IBAN=DE940993
export MERCHANT_IBAN=DE463312
export    ALICE_IBAN=DE474361
export      BOB_IBAN=DE731371

read -p "Setup GNU Taler for $CURRENCY!. Press any key to start..."
echo ==========================================================================
echo ==========================================================================
echo ==========================================================================
echo "1/8 Update and install tools"

apt update
apt install -y gnupg less vim procps curl inetutils-ping jq net-tools man

echo ----------------------------------------
read -p "1/8 tools installed. Press any key to continue..."
echo ==========================================================================
echo ==========================================================================
echo ==========================================================================
echo "2/8 Setup dns config and database "

#using this hosts as alias for localhost
#it will be useful for nginx configuration
echo 127.0.0.1 bank.taler auditor.taler exchange.taler merchant.taler | tee -a /etc/hosts

#install database and create a default user for the whole setup
apt install -y postgresql 
service postgresql start
su - postgres -c "createuser -d -l -r -s root"
psql postgres -c "ALTER USER root PASSWORD 'root'"

#create the database that we are going to use
createdb auditor
createdb exchange
createdb merchant
createdb sandbox
createdb nexus

echo ----------------------------------------
read -p "2/8 databases created. Press any key to continue..."
echo ==========================================================================
echo ==========================================================================
echo ==========================================================================
echo "3/8 Install GNU Taler components "

yes no | apt install -y \
  libeufin-sandbox \
  libeufin-nexus \
  taler-exchange \
  taler-auditor \
  taler-merchant \
  taler-harness \
  taler-wallet-cli

echo ----------------------------------------
read -p "3/8 all components installed. Press any key to continue..."
echo ==========================================================================
echo ==========================================================================
echo ==========================================================================
echo "4/8 Setup NGINX reverse proxy"

apt install -y nginx

#enable sandbox and config server to http://bank.taler/
ln -s /etc/nginx/sites-available/libeufin-sandbox /etc/nginx/sites-enabled/
sed 's/server_name localhost/server_name bank.taler/' -i /etc/nginx/sites-available/libeufin-sandbox

#enable auditor and config server to http://auditor.taler/
ln -s /etc/nginx/sites-available/taler-auditor /etc/nginx/sites-enabled/
sed 's/server_name localhost/server_name auditor.taler/' -i /etc/nginx/sites-available/taler-auditor
sed 's_location /taler-auditor/_location /_'             -i /etc/nginx/sites-available/taler-auditor

#enable exchange and config server to http://exchange.taler/
ln -s /etc/nginx/sites-available/taler-exchange /etc/nginx/sites-enabled/
sed 's/server_name localhost/server_name exchange.taler/' -i /etc/nginx/sites-available/taler-exchange
sed 's_location /taler-exchange/_location /_'             -i /etc/nginx/sites-available/taler-exchange

#enable merchant and config server to http://merchant.taler/
ln -s /etc/nginx/sites-available/taler-merchant /etc/nginx/sites-enabled/
sed 's/server_name localhost/server_name merchant.taler/' -i /etc/nginx/sites-available/taler-merchant
sed 's_location /taler-merchant/_location /_'                        -i /etc/nginx/sites-available/taler-merchant

#set nginx user to root se we dont have problems reading sockets with root ownership
sed 's/^user www-data/user root/' -i /etc/nginx/nginx.conf

#notify all services that are exposed with other host
sed 's/X-Forwarded-Host "localhost"/X-Forwarded-Host $host/' -i /etc/nginx/sites-available/*

nginx

echo ----------------------------------------
read -p "4/8 web interface exposed. Press any key to continue..."
echo ==========================================================================
echo ==========================================================================
echo ==========================================================================
echo "5/8 Setup BANK instance and some accounts"

export LIBEUFIN_SANDBOX_DB_CONNECTION="jdbc:postgresql://localhost:5432/sandbox?user=root&password=root"
export LIBEUFIN_SANDBOX_URL="http://localhost:5016/"
export LIBEUFIN_SANDBOX_USERNAME="admin"
export LIBEUFIN_SANDBOX_ADMIN_PASSWORD="bank"
export LIBEUFIN_SANDBOX_PASSWORD=$LIBEUFIN_SANDBOX_ADMIN_PASSWORD

export LIBEUFIN_NEXUS_DB_CONNECTION="jdbc:postgresql://localhost:5432/nexus?user=root&password=root"
export LIBEUFIN_NEXUS_URL="http://localhost:5017/"
export LIBEUFIN_NEXUS_USERNAME="nexus_admin"
export LIBEUFIN_NEXUS_PASSWORD="secret_nexus"

# bank configuration
libeufin-sandbox config \
  --bank-debt-limit 1000000 \
  --users-debt-limit 10000 \
  --with-signup-bonus \
  --currency $CURRENCY \
  --captcha-url http://bank.taler/ \
  default

mkdir /etc/libeufin/
cat >/etc/libeufin/demobank-ui-settings.js <<EOF
globalThis.talerDemobankSettings = {
  backendBaseURL: "http://bank.taler/demobanks/default/",
  allowRegistrations: true,
  bankName: "FSF Bank"
}
EOF

libeufin-sandbox default-exchange --demobank default http://exchange.taler/ payto://iban/$EXCHANGE_IBAN

# nexus configuration
libeufin-nexus superuser $LIBEUFIN_NEXUS_USERNAME --password $LIBEUFIN_NEXUS_PASSWORD

# start services
libeufin-sandbox serve --port 5016 --ipv4-only --no-localhost-only > log.sandbox 2> err.sandbox &
libeufin-nexus serve --port 5017 --ipv4-only --no-localhost-only > log.nexus 2> err.nexus &

echo "5/8 Waiting for nexus and sanbox to be ready"
grep -q "Application started:" <(tail -f err.sandbox -n +0)
grep -q "Application started:" <(tail -f err.nexus -n +0)

echo "5/8 Creating accounts"
LIBEUFIN_SANDBOX_USERNAME="exchange" LIBEUFIN_SANDBOX_PASSWORD="123" libeufin-cli sandbox demobank register \
  --iban $EXCHANGE_IBAN --name "Exchange company"  --public
LIBEUFIN_SANDBOX_USERNAME="merchant" LIBEUFIN_SANDBOX_PASSWORD="123" libeufin-cli sandbox demobank register \
  --iban $MERCHANT_IBAN --name "Merchant company"  --public
LIBEUFIN_SANDBOX_USERNAME="alice"    LIBEUFIN_SANDBOX_PASSWORD="123" libeufin-cli sandbox demobank register \
  --iban $ALICE_IBAN    --name "Alice"             --no-public
LIBEUFIN_SANDBOX_USERNAME="bob"      LIBEUFIN_SANDBOX_PASSWORD="123" libeufin-cli sandbox demobank register \
  --iban $BOB_IBAN      --name "Bob"               --no-public

echo "5/8 Creating the EBICs connection between sandbox and nexus"
### open sandbox to nexus
libeufin-cli sandbox ebicshost create --host-id ebicHost
libeufin-cli sandbox demobank new-ebicssubscriber \
  --host-id ebicHost \
  --partner-id ebicPartner \
  --user-id ebicExchange \
  --bank-account exchange

### connection nexus to sandbox
libeufin-cli connections new-ebics-connection \
  --ebics-url http://localhost:5016/ebicsweb \
  --host-id ebicHost \
  --partner-id ebicPartner \
  --ebics-user-id ebicExchange \
  nexus-conn

libeufin-cli connections connect nexus-conn
libeufin-cli connections download-bank-accounts nexus-conn
libeufin-cli connections import-bank-account \
  --offered-account-id exchange \
  --nexus-bank-account-id nexus-exchange \
  nexus-conn

libeufin-cli accounts task-schedule nexus-exchange \
    --task-type=submit \
    --task-name=submit-payments-5secs \
    --task-cronspec='*/1 * * * *'

libeufin-cli accounts task-schedule nexus-exchange \
    --task-type=fetch \
    --task-name=fetch-5secs \
    --task-cronspec='*/1 * * * *' \
    --task-param-level=report \
    --task-param-range-type=latest

### configuration of nexus
echo "5/8 Creating nexus facade for the exchange"
libeufin-cli facades new-taler-wire-gateway-facade \
  --currency $CURRENCY \
  --facade-name taler-exchange \
  nexus-conn nexus-exchange

libeufin-cli users create exchange-nexus --password exchange-nexus-password
libeufin-cli permissions grant user exchange-nexus \
  facade taler-exchange \
  facade.talerwiregateway.transfer
libeufin-cli permissions grant user exchange-nexus \
  facade taler-exchange \
  facade.talerwiregateway.history


echo ----------------------------------------
read -p "5/8 banking system ready. Press any key to continue..."
echo ==========================================================================
echo ==========================================================================
echo ==========================================================================
echo "6/8 Setup Exchange"

taler-config -s exchange -o master_public_key -V $(taler-exchange-offline setup)
taler-config -s exchange -o base_url -V http://exchange.taler/

#database location
taler-config -s exchangedb-postgres -o config -V postgres:///exchange
taler-config -s exchange-account-1 -o payto_uri -V "payto://iban/$EXCHANGE_IBAN?receiver-name=Exchanger" 
taler-config -s exchange-account-1 -o enable_debit -V yes
taler-config -s exchange-account-1 -o enable_credit -V yes

#nexus connection
taler-config -s exchange-accountcredentials-1 -o wire_gateway_url -V http://localhost:5017/facades/taler-exchange/taler-wire-gateway/
taler-config -s exchange-accountcredentials-1 -o username -V exchange-nexus
taler-config -s exchange-accountcredentials-1 -o password -V exchange-nexus-password

#monetary policy
taler-config -s taler -o currency -V $CURRENCY
taler-config -s taler -o aml_threshold -V $CURRENCY:10000
taler-config -s taler -o currency_round_unit -V $CURRENCY:0.1

taler-harness deployment gen-coin-config \
  --min-amount $CURRENCY:0.1 \
  --max-amount $CURRENCY:20 >> /etc/taler/taler.conf


for coinSection in $(taler-config --list-sections | grep COIN); do 
  taler-config -s $coinSection -o duration_withdraw -V "1 year"
done

taler-exchange-dbinit 

taler-exchange-secmod-eddsa -l log.secmod.eddsa -L debug &
taler-exchange-secmod-rsa -l log.secmod.rsa -L debug &
taler-exchange-secmod-cs -l log.secmod.cs -L debug &
taler-exchange-httpd -l log.exchange -L debug &

echo "6/8 Waiting for exchange HTTP service"
sleep 1
grep -q "Updating keys of denomination" <(tail -F log.secmod.rsa -n +0)

echo "6/8 Enable exchange wire transfer"

#enable account and wire fee configuration
taler-exchange-offline \
  enable-account $(taler-config -s exchange-account-1 -o payto_uri) \
  global-fee 2023 $CURRENCY:0 $CURRENCY:0 $CURRENCY:0 1year 1year 10 \
  wire-fee 2023 iban $CURRENCY:0.1 $CURRENCY:0.1 \
  upload;

taler-exchange-offline download sign upload

echo "6/8 Waiting for key signed"
curl --unix-socket /run/taler/exchange-httpd/exchange-http.sock \
     --max-time 2 \
     --retry-connrefused \
     --retry-delay 1 \
     --retry 10 \
     http://exchange.taler/keys &> /dev/null

taler-exchange-wirewatch -l log.wirewatch -L debug &
taler-exchange-transfer -l log.transfer -L debug &
taler-exchange-aggregator -l log.aggregator -L debug &
taler-exchange-closer -l log.closer -L debug &


echo ----------------------------------------
read -p "6/8 exchange ready. Press any key to continue..."
echo ==========================================================================
echo ==========================================================================
echo ==========================================================================
echo "7/8 Setup auditor"

taler-config -s auditor -o base_url -V http://auditor.taler/
taler-config -s auditordb-postgres -o config -V postgres:///auditor

#add exchange into the auditor
taler-auditor-exchange -m $(taler-config -s exchange -o master_public_key) -u $(taler-config -s exchange -o base_url)

taler-auditor-dbinit

echo "7/8 Notify the exchange about the auditor"

taler-exchange-offline enable-auditor $(taler-auditor-offline setup) $(taler-config -s auditor -o base_url) the_auditor upload

taler-auditor-httpd -l log.auditor -L debug &

echo ----------------------------------------
read -p "7/8 auditor ready. Press any key to continue..."
echo ==========================================================================
echo ==========================================================================
echo ==========================================================================
echo "8/8 Setup merchant"

taler-config -s merchantdb-postgres -o config -V postgres:///merchant

taler-config -s merchant-exchange-fsf -o exchange_base_url -V $(taler-config -s exchange -o base_url)
taler-config -s merchant-exchange-fsf -o master_key -V $(taler-config -s exchange -o master_public_key)
taler-config -s merchant-exchange-fsf -o currency -V $CURRENCY

taler-config -s merchant-auditor-fsf -o auditor_base_url -V $(taler-config -s auditor -o base_url)
taler-config -s merchant-auditor-fsf -o auditor_key -V $(taler-auditor-offline setup)
taler-config -s merchant-auditor-fsf -o currency -V $CURRENCY

taler-merchant-dbinit

taler-merchant-httpd -a secret-token:secret -l log.merchant -L debug &

echo "8/8 creating the first instance"
sleep 1
curl 'http://merchant.taler/management/instances' \
  --unix-socket /var/run/taler/merchant-httpd/merchant-http.sock \
  -X POST -H 'Authorization: Bearer secret-token:secret' \
  --data-raw '{"id":"default","payto_uris":["payto://iban/'$MERCHANT_IBAN'?receiver-name=merchant"],"default_pay_delay":{"d_us":7200000000},"default_wire_fee_amortization":1,"default_wire_transfer_delay":{"d_us":172800000000},"name":"FSF","email":"","default_max_deposit_fee":"'$CURRENCY':3","default_max_wire_fee":"'$CURRENCY':3","auth":{"method":"token","token":"secret-token:secret"},"address":{},"jurisdiction":{}}'

curl 'http://merchant.taler/instances/default/private/products' \
  --unix-socket /var/run/taler/merchant-httpd/merchant-http.sock \
  -X POST -H 'Authorization: Bearer secret-token:secret' \
  -d @shirt.json

echo ----------------------------------------
read -p "8/8 merchant ready. Press any key to close."
echo ==========================================================================
echo ==========================================================================
echo ==========================================================================
Commit	Line	Data
5a22025c AE	1	#!/usr/bin/env bash
	2	# This file is in the public domain.
	3
	4	#########
	5	# This is an example of the steps needed to install and run GNU Taler
	6	########
	7
	8	# This script assume root privileges.
	9	# Use this if you know what you are doing.
	10
	11	export LANGUAGE=C
	12	export LC_ALL=C
	13	export LANG=C
	14	export LC_CTYPE=C
	15
	16	set -e
	17
	18	export CURRENCY=LIBRE
	19	export EXCHANGE_IBAN=DE940993
	20	export MERCHANT_IBAN=DE463312
	21	export ALICE_IBAN=DE474361
	22	export BOB_IBAN=DE731371
	23
	24	read -p "Setup GNU Taler for $CURRENCY!. Press any key to start..."
	25	echo ==========================================================================
	26	echo ==========================================================================
	27	echo ==========================================================================
	28	echo "1/8 Update and install tools"
	29
	30	apt update
	31	apt install -y gnupg less vim procps curl inetutils-ping jq net-tools man
	32
	33	echo ----------------------------------------
	34	read -p "1/8 tools installed. Press any key to continue..."
	35	echo ==========================================================================
	36	echo ==========================================================================
	37	echo ==========================================================================
	38	echo "2/8 Setup dns config and database "
	39
	40	#using this hosts as alias for localhost
	41	#it will be useful for nginx configuration
	42	echo 127.0.0.1 bank.taler auditor.taler exchange.taler merchant.taler \| tee -a /etc/hosts
	43
	44	#install database and create a default user for the whole setup
	45	apt install -y postgresql
	46	service postgresql start
	47	su - postgres -c "createuser -d -l -r -s root"
	48	psql postgres -c "ALTER USER root PASSWORD 'root'"
	49
	50	#create the database that we are going to use
	51	createdb auditor
	52	createdb exchange
	53	createdb merchant
	54	createdb sandbox
	55	createdb nexus
	56
	57	echo ----------------------------------------
	58	read -p "2/8 databases created. Press any key to continue..."
	59	echo ==========================================================================
	60	echo ==========================================================================
	61	echo ==========================================================================
	62	echo "3/8 Install GNU Taler components "
	63
	64	yes no \| apt install -y \
65	libeufin-sandbox \
66	libeufin-nexus \
67	taler-exchange \
68	taler-auditor \
69	taler-merchant \
70	taler-harness \
71	taler-wallet-cli
72
73	echo ----------------------------------------
74	read -p "3/8 all components installed. Press any key to continue..."
75	echo ==========================================================================
76	echo ==========================================================================
77	echo ==========================================================================
78	echo "4/8 Setup NGINX reverse proxy"
79
80	apt install -y nginx
81
82	#enable sandbox and config server to http://bank.taler/
83	ln -s /etc/nginx/sites-available/libeufin-sandbox /etc/nginx/sites-enabled/
84	sed 's/server_name localhost/server_name bank.taler/' -i /etc/nginx/sites-available/libeufin-sandbox
85
86	#enable auditor and config server to http://auditor.taler/
87	ln -s /etc/nginx/sites-available/taler-auditor /etc/nginx/sites-enabled/
88	sed 's/server_name localhost/server_name auditor.taler/' -i /etc/nginx/sites-available/taler-auditor
89	sed 's_location /taler-auditor/_location /_' -i /etc/nginx/sites-available/taler-auditor
90
91	#enable exchange and config server to http://exchange.taler/
92	ln -s /etc/nginx/sites-available/taler-exchange /etc/nginx/sites-enabled/
93	sed 's/server_name localhost/server_name exchange.taler/' -i /etc/nginx/sites-available/taler-exchange
94	sed 's_location /taler-exchange/_location /_' -i /etc/nginx/sites-available/taler-exchange
95
96	#enable merchant and config server to http://merchant.taler/
97	ln -s /etc/nginx/sites-available/taler-merchant /etc/nginx/sites-enabled/
98	sed 's/server_name localhost/server_name merchant.taler/' -i /etc/nginx/sites-available/taler-merchant
99	sed 's_location /taler-merchant/_location /_' -i /etc/nginx/sites-available/taler-merchant
100
101	#set nginx user to root se we dont have problems reading sockets with root ownership
102	sed 's/^user www-data/user root/' -i /etc/nginx/nginx.conf
103
104	#notify all services that are exposed with other host
105	sed 's/X-Forwarded-Host "localhost"/X-Forwarded-Host $host/' -i /etc/nginx/sites-available/*
106
107	nginx
108
109	echo ----------------------------------------
110	read -p "4/8 web interface exposed. Press any key to continue..."
111	echo ==========================================================================
112	echo ==========================================================================
113	echo ==========================================================================
114	echo "5/8 Setup BANK instance and some accounts"
115
116	export LIBEUFIN_SANDBOX_DB_CONNECTION="jdbc:postgresql://localhost:5432/sandbox?user=root&password=root"
117	export LIBEUFIN_SANDBOX_URL="http://localhost:5016/"
118	export LIBEUFIN_SANDBOX_USERNAME="admin"
119	export LIBEUFIN_SANDBOX_ADMIN_PASSWORD="bank"
120	export LIBEUFIN_SANDBOX_PASSWORD=$LIBEUFIN_SANDBOX_ADMIN_PASSWORD
121
122	export LIBEUFIN_NEXUS_DB_CONNECTION="jdbc:postgresql://localhost:5432/nexus?user=root&password=root"
123	export LIBEUFIN_NEXUS_URL="http://localhost:5017/"
124	export LIBEUFIN_NEXUS_USERNAME="nexus_admin"
125	export LIBEUFIN_NEXUS_PASSWORD="secret_nexus"
126
127	# bank configuration
128	libeufin-sandbox config \
129	--bank-debt-limit 1000000 \
130	--users-debt-limit 10000 \
131	--with-signup-bonus \
132	--currency $CURRENCY \
133	--captcha-url http://bank.taler/ \
134	default
135
136	mkdir /etc/libeufin/
137	cat >/etc/libeufin/demobank-ui-settings.js <<EOF
138	globalThis.talerDemobankSettings = {
139	backendBaseURL: "http://bank.taler/demobanks/default/",
140	allowRegistrations: true,
141	bankName: "FSF Bank"
142	}
143	EOF
144
145	libeufin-sandbox default-exchange --demobank default http://exchange.taler/ payto://iban/$EXCHANGE_IBAN
146
147	# nexus configuration
148	libeufin-nexus superuser $LIBEUFIN_NEXUS_USERNAME --password $LIBEUFIN_NEXUS_PASSWORD
149
150	# start services
151	libeufin-sandbox serve --port 5016 --ipv4-only --no-localhost-only > log.sandbox 2> err.sandbox &
152	libeufin-nexus serve --port 5017 --ipv4-only --no-localhost-only > log.nexus 2> err.nexus &
153
154	echo "5/8 Waiting for nexus and sanbox to be ready"
155	grep -q "Application started:" <(tail -f err.sandbox -n +0)
156	grep -q "Application started:" <(tail -f err.nexus -n +0)
157
158	echo "5/8 Creating accounts"
159	LIBEUFIN_SANDBOX_USERNAME="exchange" LIBEUFIN_SANDBOX_PASSWORD="123" libeufin-cli sandbox demobank register \
160	--iban $EXCHANGE_IBAN --name "Exchange company" --public
161	LIBEUFIN_SANDBOX_USERNAME="merchant" LIBEUFIN_SANDBOX_PASSWORD="123" libeufin-cli sandbox demobank register \
162	--iban $MERCHANT_IBAN --name "Merchant company" --public
163	LIBEUFIN_SANDBOX_USERNAME="alice" LIBEUFIN_SANDBOX_PASSWORD="123" libeufin-cli sandbox demobank register \
164	--iban $ALICE_IBAN --name "Alice" --no-public
165	LIBEUFIN_SANDBOX_USERNAME="bob" LIBEUFIN_SANDBOX_PASSWORD="123" libeufin-cli sandbox demobank register \
166	--iban $BOB_IBAN --name "Bob" --no-public
167
168	echo "5/8 Creating the EBICs connection between sandbox and nexus"
169	### open sandbox to nexus
170	libeufin-cli sandbox ebicshost create --host-id ebicHost
171	libeufin-cli sandbox demobank new-ebicssubscriber \
172	--host-id ebicHost \
173	--partner-id ebicPartner \
174	--user-id ebicExchange \
175	--bank-account exchange
176
177	### connection nexus to sandbox
178	libeufin-cli connections new-ebics-connection \
179	--ebics-url http://localhost:5016/ebicsweb \
180	--host-id ebicHost \
181	--partner-id ebicPartner \
182	--ebics-user-id ebicExchange \
183	nexus-conn
184
185	libeufin-cli connections connect nexus-conn
186	libeufin-cli connections download-bank-accounts nexus-conn
187	libeufin-cli connections import-bank-account \
188	--offered-account-id exchange \
189	--nexus-bank-account-id nexus-exchange \
190	nexus-conn
191
192	libeufin-cli accounts task-schedule nexus-exchange \
193	--task-type=submit \
194	--task-name=submit-payments-5secs \
195	--task-cronspec='/1 * * *'
196
197	libeufin-cli accounts task-schedule nexus-exchange \
198	--task-type=fetch \
199	--task-name=fetch-5secs \
200	--task-cronspec='/1 * * *' \
201	--task-param-level=report \
202	--task-param-range-type=latest
203
204	### configuration of nexus
205	echo "5/8 Creating nexus facade for the exchange"
206	libeufin-cli facades new-taler-wire-gateway-facade \
207	--currency $CURRENCY \
208	--facade-name taler-exchange \
209	nexus-conn nexus-exchange
210
211	libeufin-cli users create exchange-nexus --password exchange-nexus-password
212	libeufin-cli permissions grant user exchange-nexus \
213	facade taler-exchange \
214	facade.talerwiregateway.transfer
215	libeufin-cli permissions grant user exchange-nexus \
216	facade taler-exchange \
217	facade.talerwiregateway.history
218
219
220	echo ----------------------------------------
221	read -p "5/8 banking system ready. Press any key to continue..."
222	echo ==========================================================================
223	echo ==========================================================================
224	echo ==========================================================================
225	echo "6/8 Setup Exchange"
226
227	taler-config -s exchange -o master_public_key -V $(taler-exchange-offline setup)
228	taler-config -s exchange -o base_url -V http://exchange.taler/
229
230	#database location
231	taler-config -s exchangedb-postgres -o config -V postgres:///exchange
232	taler-config -s exchange-account-1 -o payto_uri -V "payto://iban/$EXCHANGE_IBAN?receiver-name=Exchanger"
233	taler-config -s exchange-account-1 -o enable_debit -V yes
234	taler-config -s exchange-account-1 -o enable_credit -V yes
235
236	#nexus connection
237	taler-config -s exchange-accountcredentials-1 -o wire_gateway_url -V http://localhost:5017/facades/taler-exchange/taler-wire-gateway/
238	taler-config -s exchange-accountcredentials-1 -o username -V exchange-nexus
239	taler-config -s exchange-accountcredentials-1 -o password -V exchange-nexus-password
240
241	#monetary policy
242	taler-config -s taler -o currency -V $CURRENCY
243	taler-config -s taler -o aml_threshold -V $CURRENCY:10000
244	taler-config -s taler -o currency_round_unit -V $CURRENCY:0.1
245
246	taler-harness deployment gen-coin-config \
247	--min-amount $CURRENCY:0.1 \
248	--max-amount $CURRENCY:20 >> /etc/taler/taler.conf
249
250
251	for coinSection in $(taler-config --list-sections \| grep COIN); do
252	taler-config -s $coinSection -o duration_withdraw -V "1 year"
253	done
254
255	taler-exchange-dbinit
256
257	taler-exchange-secmod-eddsa -l log.secmod.eddsa -L debug &
258	taler-exchange-secmod-rsa -l log.secmod.rsa -L debug &
259	taler-exchange-secmod-cs -l log.secmod.cs -L debug &
260	taler-exchange-httpd -l log.exchange -L debug &
261
262	echo "6/8 Waiting for exchange HTTP service"
263	sleep 1
264	grep -q "Updating keys of denomination" <(tail -F log.secmod.rsa -n +0)
265
266	echo "6/8 Enable exchange wire transfer"
267
268	#enable account and wire fee configuration
269	taler-exchange-offline \
270	enable-account $(taler-config -s exchange-account-1 -o payto_uri) \
271	global-fee 2023 $CURRENCY:0 $CURRENCY:0 $CURRENCY:0 1year 1year 10 \
272	wire-fee 2023 iban $CURRENCY:0.1 $CURRENCY:0.1 \
273	upload;
274
275	taler-exchange-offline download sign upload
276
277	echo "6/8 Waiting for key signed"
278	curl --unix-socket /run/taler/exchange-httpd/exchange-http.sock \
279	--max-time 2 \
280	--retry-connrefused \
281	--retry-delay 1 \
282	--retry 10 \
283	http://exchange.taler/keys &> /dev/null
284
285	taler-exchange-wirewatch -l log.wirewatch -L debug &
286	taler-exchange-transfer -l log.transfer -L debug &
287	taler-exchange-aggregator -l log.aggregator -L debug &
288	taler-exchange-closer -l log.closer -L debug &
289
290
291	echo ----------------------------------------
292	read -p "6/8 exchange ready. Press any key to continue..."
293	echo ==========================================================================
294	echo ==========================================================================
295	echo ==========================================================================
296	echo "7/8 Setup auditor"
297
298	taler-config -s auditor -o base_url -V http://auditor.taler/
299	taler-config -s auditordb-postgres -o config -V postgres:///auditor
300
301	#add exchange into the auditor
302	taler-auditor-exchange -m $(taler-config -s exchange -o master_public_key) -u $(taler-config -s exchange -o base_url)
303
304	taler-auditor-dbinit
305
306	echo "7/8 Notify the exchange about the auditor"
307
308	taler-exchange-offline enable-auditor $(taler-auditor-offline setup) $(taler-config -s auditor -o base_url) the_auditor upload
309
310	taler-auditor-httpd -l log.auditor -L debug &
311
312	echo ----------------------------------------
313	read -p "7/8 auditor ready. Press any key to continue..."
314	echo ==========================================================================
315	echo ==========================================================================
316	echo ==========================================================================
317	echo "8/8 Setup merchant"
318
319	taler-config -s merchantdb-postgres -o config -V postgres:///merchant
320
321	taler-config -s merchant-exchange-fsf -o exchange_base_url -V $(taler-config -s exchange -o base_url)
322	taler-config -s merchant-exchange-fsf -o master_key -V $(taler-config -s exchange -o master_public_key)
323	taler-config -s merchant-exchange-fsf -o currency -V $CURRENCY
324
325	taler-config -s merchant-auditor-fsf -o auditor_base_url -V $(taler-config -s auditor -o base_url)
326	taler-config -s merchant-auditor-fsf -o auditor_key -V $(taler-auditor-offline setup)
327	taler-config -s merchant-auditor-fsf -o currency -V $CURRENCY
328
329	taler-merchant-dbinit
330
331	taler-merchant-httpd -a secret-token:secret -l log.merchant -L debug &
332
333	echo "8/8 creating the first instance"
334	sleep 1
335	curl 'http://merchant.taler/management/instances' \
336	--unix-socket /var/run/taler/merchant-httpd/merchant-http.sock \
337	-X POST -H 'Authorization: Bearer secret-token:secret' \
338	--data-raw '{"id":"default","payto_uris":["payto://iban/'$MERCHANT_IBAN'?receiver-name=merchant"],"default_pay_delay":{"d_us":7200000000},"default_wire_fee_amortization":1,"default_wire_transfer_delay":{"d_us":172800000000},"name":"FSF","email":"","default_max_deposit_fee":"'$CURRENCY':3","default_max_wire_fee":"'$CURRENCY':3","auth":{"method":"token","token":"secret-token:secret"},"address":{},"jurisdiction":{}}'
339
340	curl 'http://merchant.taler/instances/default/private/products' \
341	--unix-socket /var/run/taler/merchant-httpd/merchant-http.sock \
342	-X POST -H 'Authorization: Bearer secret-token:secret' \
343	-d @shirt.json
344
345	echo ----------------------------------------
346	read -p "8/8 merchant ready. Press any key to close."
347	echo ==========================================================================
348	echo ==========================================================================
349	echo ==========================================================================
350