[taler-grid5k] 69/189: add secondary initialization

[gnunet]

This is an automated email from the git hooks/post-receive script.

marco-boss pushed a commit to branch master
in repository grid5k.

commit 87f106dd33d87185e5ddf27b6759c707f2ae2476
Author: Boss Marco <bossm8@bfh.ch>
AuthorDate: Sat Mar 12 12:30:20 2022 +0100

    add secondary initialization
---
 configs/etc/taler/conf.d/exchange-secmod.conf |  6 +++---
 experiment/scripts/exchange.sh                | 31 ++++++++++++++++-----------
 experiment/scripts/helpers.sh                 |  6 ++++--
 experiment/scripts/run.sh                     | 11 ++++++++--
 4 files changed, 35 insertions(+), 19 deletions(-)

diff --git a/configs/etc/taler/conf.d/exchange-secmod.conf 
b/configs/etc/taler/conf.d/exchange-secmod.conf
index 9fa8e3a..ebea894 100644
--- a/configs/etc/taler/conf.d/exchange-secmod.conf
+++ b/configs/etc/taler/conf.d/exchange-secmod.conf
@@ -1,17 +1,17 @@
 [taler-exchange-secmod-rsa]
 
 LOOKAHEAD_SIGN = 2 days
-SM_RPIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-rsa/secmod-private-key
+SM_PRIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-rsa/secmod-private-key
 KEY_DIR = <SM_KEY_DIR_HERE>/exchange-secmod-rsa/keys
 
 [taler-exchange-secmod-eddsa]
 
 LOOKAHEAD_SIGN = 2 days
-SM_RPIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-eddsa/secmod-private-key
+SM_PRIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-eddsa/secmod-private-key
 KEY_DIR = <SM_KEY_DIR_HERE>/exchange-secmod-eddsa/keys
 
 [taler-exchange-secmod-cs]
 
 LOOKAHEAD_SIGN = 2 days
-SM_RPIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-cs/secmod-private-key
+SM_PRIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-cs/secmod-private-key
 KEY_DIR = <SM_KEY_DIR_HERE>/exchange-secmod-cs/keys
diff --git a/experiment/scripts/exchange.sh b/experiment/scripts/exchange.sh
index 7151920..9c5b773 100755
--- a/experiment/scripts/exchange.sh
+++ b/experiment/scripts/exchange.sh
@@ -22,7 +22,7 @@ set -eux
 source ~/scripts/helpers.sh
 
 # Setup the configuration in /etc/taler
-function setup_config() {
+function setup_primary_config() {
 
   # Setup the base configuration (helpers.sh)
   setup_exchange_config_without_master_key
@@ -52,12 +52,12 @@ function start_other_exchange_binaries() {
 }
 
 # Setup the exchange with the taler-exchange-offline signing procedure
-function setup_exchange() {
+function setup_primary_exchange() {
 
   # Setup the shared key directory when we use a secondary node
   if [[ ${SECEXCH_HOSTS} != "none" ]]; then
-    rm -rf "/home/${G5K_USER}/taler" || true
-    mkdir -p "/home/${G5K_USER}/taler/exchange-secmod-{cs,rsa,eddsa}"
+    rm -rf /home/${G5K_USER}/taler || true
+    mkdir -p /home/${G5K_USER}/taler/exchange-secmod-{cs,rsa,eddsa}
   fi
 
   systemctl restart taler-exchange-httpd@80.service
@@ -79,15 +79,19 @@ function setup_exchange() {
 
 # Initialize all stuff needed 
 # logs, configs, exchanges
-function init_exchanges() {
-
+# For the primary node which is responsible for key creation
+function init_primary_exchange() {
   restart_rsyslog
-
-  setup_config
-  
+  setup_primary_config
   wait_for_db
+  setup_primary_exchange
+}
 
-  setup_exchange
+# Initialize all stuff needed for secondary exchange nodes
+# They use the key material from the primary exchange
+function init_secondary_exchange() {
+  restart_rsyslog
+  setup_exchange_config_master_key_from_api
 }
 
 # Start N new exchange-http daemons
@@ -117,10 +121,13 @@ function stop_exchanges() {
 }
 
 case $1 in
-  init)
-    init_exchanges
+  init-primary)
+    init_primary_exchange
     start_exchanges "$((${NUM_EXCHANGE_PROCESSES}-1))"
     ;;
+  init-secondary)
+    init_secondary_exchange
+    start_exchanges "${NUM_EXCHANGE_PROCESSES}"
   start)
     start_exchanges $2
     ;;
diff --git a/experiment/scripts/helpers.sh b/experiment/scripts/helpers.sh
index 2da6525..a461bce 100755
--- a/experiment/scripts/helpers.sh
+++ b/experiment/scripts/helpers.sh
@@ -143,10 +143,12 @@ function setup_exchange_config_without_master_key() {
 
   if [[ ${SECEXCH_HOSTS} != "none" ]]; then
     # Use a shared NFS key directory when we have multiple exchange-httpd 
servers
-    sed -i "s|<SM_KEY_DIR_HERE>|/home/${G5K_USER}/taler|g"
+    sed -i "s|<SM_KEY_DIR_HERE>|/home/${G5K_USER}/taler|g" \
+        /etc/taler/conf.d/exchange-secmod.conf
   else
     # Use the default path if we have only one exchange-httpd server
-    sed -i 's/<SM_KEY_DIR_HERE>/${TALER_DATA_HOME}/g'
+    sed -i 's/<SM_KEY_DIR_HERE>/${TALER_DATA_HOME}/g' \
+        /etc/taler/conf.d/exchange-secmod.conf
   fi
 
 }
diff --git a/experiment/scripts/run.sh b/experiment/scripts/run.sh
index 742cf58..2f96557 100644
--- a/experiment/scripts/run.sh
+++ b/experiment/scripts/run.sh
@@ -31,12 +31,19 @@ elif [[ "${HOSTNAME}" =~ ${SHARD_HOSTS} ]]; then
     enable_logrotate
     exec ~/scripts/shard.sh init
 elif [[ "${HOSTNAME}" =~ ${EXCHANGE_HOSTS} ]]; then 
-    set_host exchange
+    set_host primary-exchange
     set_ddn ${EXCHANGE_DOMAIN}
     setup_log
     enable_logrotate
     enable_netdelay ${DATABASE_DOMAIN}
-    exec ~/scripts/exchange.sh init
+    exec ~/scripts/exchange.sh init-primary
+elif [[ "${HOSTNAME}" =~ ${SECEXCH_HOSTS} ]]; then 
+    set_host secondary-exchange
+    #set_ddn ${EXCHANGE_DOMAIN}
+    setup_log
+    enable_logrotate
+    enable_netdelay ${DATABASE_DOMAIN}
+    exec ~/scripts/exchange.sh init-secondary
 elif [[ "${HOSTNAME}" =~ ${AGGREGATOR_HOSTS} ]]; then 
     set_host exchange-aggregator
     set_ddn ${EXCH_AGGREGATOR_DOMAIN}

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.