[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: -minor improvements
From: |
gnunet |
Subject: |
[taler-docs] branch master updated: -minor improvements |
Date: |
Tue, 03 Aug 2021 11:16:54 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new b7e2029 -minor improvements
b7e2029 is described below
commit b7e2029efb92fb5e49f56dfcbbfcd79a271386c3
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Aug 3 11:16:52 2021 +0200
-minor improvements
---
taler-exchange-setup-guide.rst | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/taler-exchange-setup-guide.rst b/taler-exchange-setup-guide.rst
index 1d6e0b2..f867fed 100644
--- a/taler-exchange-setup-guide.rst
+++ b/taler-exchange-setup-guide.rst
@@ -163,6 +163,8 @@ The package will deploy systemd service files in
(FIXME: Explain the Debian package users, groups and locations. -- anything
missing?)
+FIXME: I do not see how secmod keys are kept isolated from
+the other users!
Basic Setup: Currency and Denominations
@@ -225,8 +227,9 @@ pattern ``exchange-account-$id``, where ``$id`` is an
internal identifier for
the bank account accessed with the Wire Gateway. The configuration file
``/etc/taler/conf.d/exchange-system.conf`` by default loads the section
``exchange-account-1`` from the secret file
-``/etc/taler/secrets/exchange-accounts.secret.conf``.
-
+``/etc/taler/secrets/exchange-accounts.secret.conf``. The latter file
+should already be only readable for the taler-exchange-wire user. Other
+exchange processes should not have access to this information.
.. code-block:: ini
:caption: /etc/taler/secrets/exchange-accounts.secret.conf
@@ -340,7 +343,7 @@ The responsibilities of this offline signing machine are:
.. code-block:: shell-session
- [root@exchange-online]# sudo -u taler-exchange-offline
taler-exchange-offline setup
+ [root@exchange-offline]# sudo -u taler-exchange-offline
taler-exchange-offline setup
< ... prints the exchange master public key >
The public key printed as the output of this command should must be put into
the configuration
@@ -379,9 +382,10 @@ enabled in nginx:
.. code-block:: shell-session
- [root@exchange-online]# cp /etc/nginx/sites-available/taler-exchange
/etc/nginx/sites-enabled/
- [root@exchange-online]# vim /etc/nginx/sites-enabled/taler-exchange
+ [root@exchange-online]# vim /etc/nginx/sites-available/taler-exchange
< ... customize configuration ... >
+ [root@exchange-online]# ln -s /etc/nginx/sites-available/taler-exchange \
+ /etc/nginx/sites-enabled/taler-exchange
[root@exchange-online]# systemctl reload nginx
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: -minor improvements,
gnunet <=