[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-deployment] branch master updated: remove sandcastle-ng from tree
|
From: |
gnunet |
|
Subject: |
[taler-deployment] branch master updated: remove sandcastle-ng from tree |
|
Date: |
Thu, 11 Jan 2024 14:09:30 +0100 |
This is an automated email from the git hooks/post-receive script.
devan-carpenter pushed a commit to branch master
in repository deployment.
The following commit(s) were added to refs/heads/master by this push:
new 7550d66 remove sandcastle-ng from tree
7550d66 is described below
commit 7550d66f00128c5bb5e860eb3f87d95fd8c9646e
Author: Devan Carpenter <devan@taler.net>
AuthorDate: Thu Jan 11 08:09:11 2024 -0500
remove sandcastle-ng from tree
Moved to https://git.taler.net/sandcastle-ng.git/
---
sandcastle-ng/Dockerfile | 238 ----------
sandcastle-ng/README.md | 137 ------
sandcastle-ng/apt/caddy-stable-archive-keyring.gpg | 64 ---
.../apt/caddy-stable-archive-keyring.gpg.gpg | Bin 2808 -> 0 bytes
sandcastle-ng/apt/caddy-stable.list | 9 -
sandcastle-ng/buildconfig/README | 5 -
sandcastle-ng/buildconfig/exchange.tag | 1 -
sandcastle-ng/buildconfig/gnunet.tag | 1 -
sandcastle-ng/buildconfig/libeufin.tag | 1 -
sandcastle-ng/buildconfig/libmhd.tag | 1 -
sandcastle-ng/buildconfig/merchant-demos.tag | 1 -
sandcastle-ng/buildconfig/merchant.tag | 1 -
sandcastle-ng/buildconfig/sync.tag | 1 -
sandcastle-ng/buildconfig/wallet.tag | 1 -
sandcastle-ng/host/taler-sandcastle.service | 13 -
sandcastle-ng/overrides/test.taler.net | 2 -
sandcastle-ng/print-component-versions | 6 -
sandcastle-ng/sandcastle-build | 9 -
sandcastle-ng/sandcastle-enter | 3 -
sandcastle-ng/sandcastle-run | 71 ---
sandcastle-ng/scripts/demo/setup-sandcastle.sh | 482 ---------------------
sandcastle-ng/scripts/none/setup-sandcastle.sh | 3 -
sandcastle-ng/systemd/setup-sandcastle.service | 11 -
23 files changed, 1061 deletions(-)
diff --git a/sandcastle-ng/Dockerfile b/sandcastle-ng/Dockerfile
deleted file mode 100644
index ae198a1..0000000
--- a/sandcastle-ng/Dockerfile
+++ /dev/null
@@ -1,238 +0,0 @@
-FROM docker.io/library/debian:bookworm AS base-system
-
-# FIXMEs:
-# - debian packages should be built with a nightly tag
-# - the final image contains all build dependencies, this isn't really
necessary
-# - the final image contains -dev packages, not really necessary
-# - GNUnet build dependencies are excessive, maybe we can just build the
required libs?
-
-RUN apt-get update && apt-get -y upgrade && apt-get --no-install-recommends
install -y \
- autoconf \
- autopoint \
- build-essential \
- po-debconf \
- debhelper-compat \
- apt-utils \
- libtool \
- texinfo \
- libgcrypt-dev \
- libidn11-dev \
- zlib1g-dev \
- libunistring-dev \
- libjansson-dev \
- git \
- recutils \
- libsqlite3-dev \
- libpq-dev \
- libmicrohttpd-dev \
- libsodium-dev \
- libqrencode-dev \
- zip \
- unzip \
- jq \
- npm \
- openjdk-17-jre-headless \
- openjdk-17-jdk-headless \
- default-jre-headless \
- nano \
- procps \
- python3-jinja2 \
- python3-pip \
- python3-sphinx \
- python3-sphinx-rtd-theme \
- python3-venv \
- python3-dev \
- nodejs \
- iptables \
- miniupnpc \
- libextractor-dev \
- libbluetooth-dev \
- libcurl4-gnutls-dev \
- libogg-dev \
- libopus-dev \
- libpulse-dev \
- fakeroot \
- libzbar-dev \
- libltdl-dev \
- net-tools \
- python3-flask \
- python3-flask-babel \
- uwsgi \
- python3-bs4 \
- pybuild-plugin-pyproject
-
-# old: libzbar-dev
-
-# FIXME: Try to use debian packages where possible and otherwise really use
-# a venv or per-user installation of the package.
-RUN pip3 install --break-system-packages requests click poetry uwsgi htmlark
sphinx-book-theme sphinx-markdown-builder
-
-# GNUnet
-FROM base-system AS gnunet
-
-COPY buildconfig/gnunet.tag /buildconfig/
-WORKDIR /build
-RUN TAG=$(cat /buildconfig/gnunet.tag) && \
- git clone git://git.gnunet.org/gnunet \
- --branch $TAG
-WORKDIR /build/gnunet
-RUN ./bootstrap
-RUN dpkg-buildpackage -rfakeroot -b -uc -us
-WORKDIR /
-RUN mkdir -p /packages/gnunet
-RUN mv /build/*.deb /packages/gnunet
-RUN rm -rf /build
-RUN apt-get install --no-install-recommends -y /packages/gnunet/*.deb
-WORKDIR /
-
-# Exchange
-FROM gnunet as exchange
-
-COPY buildconfig/exchange.tag /buildconfig/
-WORKDIR /build
-RUN TAG=$(cat /buildconfig/exchange.tag) && \
- git clone git://git.taler.net/exchange \
- --branch $TAG
-WORKDIR /build/exchange
-RUN ./bootstrap
-RUN dpkg-buildpackage -rfakeroot -b -uc -us
-WORKDIR /
-RUN mkdir -p /packages/exchange
-RUN mv /build/*.deb /packages/exchange
-RUN rm -rf /build
-RUN apt-get install --no-install-recommends -y /packages/exchange/*.deb
-WORKDIR /
-
-# Merchant
-FROM exchange as merchant
-
-COPY buildconfig/merchant.tag /buildconfig/
-WORKDIR /build
-RUN TAG=$(cat /buildconfig/merchant.tag) && \
- git clone git://git.taler.net/merchant \
- --branch $TAG
-WORKDIR /build/merchant
-RUN ./bootstrap
-RUN dpkg-buildpackage -rfakeroot -b -uc -us
-WORKDIR /
-RUN mkdir -p /packages/merchant
-RUN mv /build/*.deb /packages/merchant
-RUN rm -rf /build
-RUN apt-get install --no-install-recommends -y /packages/merchant/*.deb
-WORKDIR /
-
-# Libeufin
-FROM base-system as libeufin
-
-WORKDIR /build
-COPY buildconfig/libeufin.tag /buildconfig/
-RUN TAG=$(cat /buildconfig/libeufin.tag) && \
- git clone git://git.taler.net/libeufin \
- --branch $TAG
-WORKDIR /build/libeufin
-RUN ./bootstrap
-RUN ./configure --prefix=/usr
-RUN dpkg-buildpackage -rfakeroot -b -uc -us
-WORKDIR /
-RUN mkdir -p /packages/libeufin
-RUN mv /build/*.deb /packages/libeufin
-RUN rm -rf /build
-RUN apt-get install --no-install-recommends -y /packages/libeufin/*.deb
-
-# Merchant demos
-FROM base-system as merchant-demos
-
-WORKDIR /build
-COPY buildconfig/merchant-demos.tag /buildconfig/
-RUN TAG=$(cat /buildconfig/merchant-demos.tag) && \
- git clone git://git.taler.net/taler-merchant-demos \
- --branch $TAG
-WORKDIR /build/taler-merchant-demos
-RUN ./bootstrap
-RUN dpkg-buildpackage -rfakeroot -b -uc -us
-WORKDIR /
-RUN mkdir -p /packages/merchant-demos
-RUN mv /build/*.deb /packages/merchant-demos
-RUN rm -rf /build
-RUN apt-get install --no-install-recommends -y /packages/merchant-demos/*.deb
-
-# wallet-core tools (taler-wallet-cli and taler-harness)
-FROM base-system as wallet
-WORKDIR /build
-COPY buildconfig/wallet.tag /buildconfig/
-RUN TAG=$(cat /buildconfig/wallet.tag) && \
- git clone git://git.taler.net/wallet-core \
- --branch $TAG
-RUN npm install -g pnpm@^8.7.0
-WORKDIR /build/wallet-core
-RUN ./bootstrap
-# taler-wallet-cli
-WORKDIR /build/wallet-core/packages/taler-wallet-cli
-RUN ./configure --prefix=/usr/local
-RUN make deps
-RUN dpkg-buildpackage -rfakeroot -b -uc -us
-# taler-harness
-WORKDIR /build/wallet-core/packages/taler-harness
-RUN ./configure --prefix=/usr/local
-RUN pnpm install --frozen-lockfile --filter @gnu-taler/taler-harness...
-RUN pnpm run --filter @gnu-taler/taler-harness... compile
-RUN dpkg-buildpackage -rfakeroot -b -uc -us
-# copy debs
-WORKDIR /
-RUN mkdir -p /packages/wallet
-RUN mv /build/wallet-core/packages/*.deb /packages/wallet
-RUN rm -rf /build
-RUN apt-get install --no-install-recommends -y /packages/wallet/*.deb
-
-# Sync
-FROM merchant as sync
-COPY buildconfig/sync.tag /buildconfig/
-WORKDIR /build
-RUN TAG=$(cat /buildconfig/sync.tag) && \
- git clone git://git.taler.net/sync \
- --branch $TAG
-WORKDIR /build/sync
-RUN ./bootstrap
-RUN dpkg-buildpackage -rfakeroot -b -uc -us
-WORKDIR /
-RUN mkdir -p /packages/sync
-RUN mv /build/*.deb /packages/sync
-RUN rm -rf /build
-RUN apt-get install --no-install-recommends -y /packages/sync/*.deb
-WORKDIR /
-
-
-# Final image
-FROM base-system as taler-final
-RUN apt-get update && apt-get -y upgrade && apt-get --no-install-recommends
install -y \
- gpg
-COPY apt/caddy-stable.list /etc/apt/sources.list.d/caddy-stable.list
-COPY apt/caddy-stable-archive-keyring.gpg /tmp/caddy-stable-archive-keyring.gpg
-RUN gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
/tmp/caddy-stable-archive-keyring.gpg
-RUN apt-get update && apt-get -y upgrade && apt-get --no-install-recommends
install -y \
- emacs \
- vim \
- curl \
- postgresql \
- bash-completion \
- sudo \
- less \
- caddy \
- systemd-coredump \
- libnss3-tools \
- latexmk \
- texlive-latex-extra \
- tex-gyre
-RUN mkdir -p /packages
-COPY --from=gnunet /packages/gnunet/* /packages/
-COPY --from=exchange /packages/exchange/* /packages/
-COPY --from=merchant /packages/merchant/* /packages/
-COPY --from=wallet /packages/wallet/* /packages/
-COPY --from=libeufin /packages/libeufin/* /packages/
-COPY --from=merchant-demos /packages/merchant-demos/* /packages/
-RUN apt-get install --no-install-recommends -y /packages/*.deb
-COPY systemd/setup-sandcastle.service /etc/systemd/system/
-RUN systemctl enable setup-sandcastle.service
-# Disable potentially problem-causing services
-RUN systemctl disable postgresql && \
- systemctl disable apache2 || true
diff --git a/sandcastle-ng/README.md b/sandcastle-ng/README.md
deleted file mode 100644
index 01339d0..0000000
--- a/sandcastle-ng/README.md
+++ /dev/null
@@ -1,137 +0,0 @@
-# Introduction
-
-The sandcastle is a containerized deployment of GNU Taler
-
-It uses podman to build an image and run a single container that
-has systemd running inside.
-
-
-# Prerequisites
-
-You need (on your host system):
-* podman
-* bash
-
-
-# Building the Container Image
-
-1. Set buildconfig/$component.tag to the right git tag you want to build
-2. Run ./sandcastle-build to build the Taler container. The resulting
container
- is tagged as taler-base-all
-
-
-# Configuring the Deployment
-
-It is recommended that for each deployment, you clone the deployment.git
-repository and create a branch with deployment-specific changes.
-
-Currently there is not much configuration.
-
-The main adjustments to be made are:
-
-* scripts/demo/setup-sandcastle.sh has the currency on top of the file
-* sandcastle-run has variables for the port that'll be exposed ("published") on
- the host. They can be overwritten with environment variables
- (``TALER_SANDCASTLE_PORT_$COMPONENT``).
-
-
-# Running the Deployment
-
-Run ``./sandcastle-run`` to run the single container. The container will be
-named taler-sandcastle.
-
-You can run the container in the background by passing ``-d``. Note that
``./sandcastle-run`` is just
-a wrapper around ``podman run``.
-
-The running container publishes ports to the host as defined in
``./sandcastle-run``.
-You can manually verify these port mappings via ``podman port
taler-sandcastle``.
-
-# Stopping the deployment
-
-```
-podman stop taler-sandcastle
-```
-
-
-# Poking Around
-
-You can poke around in a running sandcastle instance by running
-
-```
-podman exec -it taler-sandcastle /bin/bash
-```
-
-Or, as a shortcut:
-
-```
-./sandcastle-enter
-```
-
-This will drop you into a shell inside the running container,
-where you have access to systemd, journalctl, etc.
-
-
-# Data Storage
-
-All persistent data is stored in a podman volume called
-talerdata. You can see where it is in your filesystem
-by running ``podman volume inspect talerdata``.
-
-That volume also contains the postgres database files.
-
-
-# Provisioning Details
-
-The whole deployment is configured by the script
``/provision/setup-sandcastle.sh``.
-This script will be run as a oneshot systemd service and will disable itself
after
-the first success.
-
-To troubleshoot, run ``journalctl -u setup-sandcastle.service``.
-
-There are different setup scripts in the ``scripts/$SANDCASTLE_SETUP_NAME``
-folders. Specifically:
-
-* ``none`` does no setup at all
-* ``demo`` is the usual Taler demo
-* TBD: ``regio`` is a currency conversion setup
-
-By default, ``demo`` is used. To mount a different provision script, set
``$SANDCASTLE_SETUP_NAME``
-when running ``./sandcastle-run``.
-
-You can always manually run the provisioning script inside the container as
-``/scripts/$SANDCASTLE_SETUP_NAME/setup-sandcastle.sh``.
-
-
-# Neat Things That Already Work
-
-* Rebulding the base image is incremental, since we use layers. If the tag
- of the exchange is changed, only the exchange and components that depend
- on it are rebuilt.
-* Inside the container, the service names resolve to localhost,
- and on localhost a reverse proxy with locally signed certificates
- ensures that services can talk to each other *within* the container
- by using their *public* base URL.
-
-
-# Future Extensions
-
-* Fix rewards by deploying Javier's reward topup script inside the container
via a systemd timer!
-* Variant where credentials use proper secret management instead of
hard-coding all
- passwords to "sandbox".
-* Better way to access logs, better way to expose errors during provisioning
-* The Dockerfile should introduce nightly tags for debian packages it builds.
- Currently it just uses the latest defined version, which is confusing.
-* Deploy the Taler woocommerce plugin, wordpress plugin, Joomla plugin
-* Do self-tests of the deployment using the wallet CLI
-* Running the auditor
-* Running a currency conversion setup with multiple libeufin-bank instances
-* Allow a localhost-only, non-tls setup for being able to access a non-tls
- Taler deployment on the podman host.
-* Instead of exposing HTTP ports, we could expose everything via unix domain
sockets,
- avoiding port collision problems.
-* Instead of requiring the reverse proxy to handle TLS,
- the sandcastle container itself could do TLS termination with caddy.
-* To improve performance, allow connecting to an external database
-* Make it easy to import and export the persistent data
-* Extra tooling to checkpoint images/containers to revert to a previous
- state quickly.
diff --git a/sandcastle-ng/apt/caddy-stable-archive-keyring.gpg
b/sandcastle-ng/apt/caddy-stable-archive-keyring.gpg
deleted file mode 100644
index 444c642..0000000
--- a/sandcastle-ng/apt/caddy-stable-archive-keyring.gpg
+++ /dev/null
@@ -1,64 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v2
-
-mQINBFb+quEBEACl3/YkFekflvauEASL+neZjCctYWyt57Dv5AdRmUPO4zkxylLG
-d/9JawlUfHuYYU4emz7940S2wR8kbBimiLgxMqyGP5+RQnggNZhjYIXoqkkh0G8v
-purq+58d+VNYf0LWnWlwuJC0dtpi4bPqZTc5ST4QOItFK0s7F2xZJyOkuAPDI782
-pGMR8UzpburHt9JwIUv1oOHFfFA/4HFQ++A6RF9bjYQFNMreaXsvMKIA5VQKcnDd
-SbKEfKnr0bwGr59MsnsQBgr1Ats2W722jIs89YevBanS6n0FWeiSxUqUrNypTLkL
-QHVPlK7Agq1XGWUhu55clFC6loQXboph9BhnSxSn9Kou4toXDQj6AMDuLGcV+VQ+
-fVfSZFXsp/evzqkjbc0jsUTVOZgZhhRP8DD+vjkzJFfCq/tAWu4qgqnOwE9kEEQL
-MXsnsZNSYS3MvWnQFPBmg0B483iKxaA/Oe89WckTnjt+jlpAKhOoS5ZURdOtwv1i
-yrKlYiXYMQCMhOd3BCw5RELb7Qtpz+gBaOoxQMMyRRYwKiturpQdV53FVvu/re/x
-xXVuxRyRI2Yo94ba3a5bEGjR3CNjvx7LuGuWplYyzDWn+OXa/HiTqWM153ho+oUl
-s3ntiHQ16jtgyhcNSuMffCcMLYanfmB+2m4HZmkl97vs7XvclClEXNV6VwARAQAB
-tCpDYWRkeSBXZWIgU2VydmVyIDxjb250YWN0QGNhZGR5c2VydmVyLmNvbT6JAjQE
-EwEKAB4FAlb+quECGwMDCwkHAxUKCAIeAQIXgAMWAgECGQEACgkQFVttecpW6jRx
-cQ/9GHdVoYf15rcU0ip3Vw1MF06ndRxLmilgBvdweZ5NcRttbu8ESh+MP59Z0gOp
-0uX/CqBnqZb9E2vbYyly1plq5GwP4tcCHwwkyOT1doGcyP1XylPkJkieP9YUWsIA
-3oG/wCsqxxwVYzwvm0opBdrNf6pAYg2tGNCqxh8bmYPDaReu3t2LZ6qeJ4obhYTx
-IwAh36oF5dVG5OW2dnMNFVpjoEgCavvTNTcJCgonLct6Zl+Q7xptJyBv3LS8L674
-V2nxcoLvtTjXG86D3yPJvD1I5WYPEZMpHznj1PEztgOrvLo+Fyu+T5vCHqfTY6mG
-89BXz8L4o5aBr2uY+ZV5oQa6GuV8GIiiWIZNyDwXTnUiW/GsUFNwg0AP05rva8fF
-2a3ybwsq/Sv2nraKQMpYRltBQZkg+l5nZD7znHpYBfJiH6eW3/7ft3w8OptiIcu6
-87UzhI28yoFSNE+85V3sz7JphZ/XFaU2ApESO1ahjDzP96w4u0HeSds6tbkR3OlC
-ECcFOmX79MhWfjDaVNnknBqGzjy1JdQ0ZKNWMZRVyxZ9fKiZxFw+q40Sta7ynxfH
-p4v0bM8vDLM3cxxOj38U5jsP/ChctyZO3P0nCEzIAR9kvumc5PSqpjiqWlbaHsxa
-fXohi3LAIi/clgIOV7bIVRmTz6b61Ngf+C8VYzlUph0ygS25Ag0EX+uckAEQAKyq
-E0nbZa8/6Js5TGvlRGi/pb59c6cC+yqB3d7qzOuIJ/61W9yCXliQRZSB32dGXsqD
-a375PtGlE5p7id4PNwegx2C4fFN6PWdxO1bwhOnrcUov6YHggkcjaFJqaWoa/EvF
-DUgEKd0d1WGzNHlmkM0P6puJ8lbPW3SeWtv+V83BvS9Hkb//43HKNk2J3cV/+RNb
-MsfER5CRAFYYHs/lyT2mpYU5dislzk4VDZbR7iyzXIrUEAQdpXe8itFYjFf8xzAe
-qDsUefarr485USnTTxQtcBKX06ruHiQUSCOs7HR6cDJi332cTXT7kSbq3ouq9nB8
-oaxhl2I20kVBWqdRyzVAwtGvjkWIYuUteIpguzAqpfsBv6IJ/W5G5jw+HEUJSCRr
-6rlC1z9agGCKl53NTV4gHqRY2GpYPr2KNN3uTVojignCC9BEP0eRqj876X90Y7id
-QuDda/+QaHH6htUe/W51j5RLVWssCLTZwHPZmeHtxz6U6IOEtlSuso7IN4HQsdaj
-lmOP+kfNy1gKVOW9fvF2HpUvY2cNwjSAO96C3K4w4z/ykHco/6HhZcAb/MydMKPy
-cI8jUDKa++Dk88xvq/AsRH++ri5WIY3n/HIkDyxGX5KCyxAfU1xuGkosnu7iBxoz
-2YVIV5GUwjf7ysOmgkb7FAcb73hUnCdGxcbWiQofABEBAAGJBHIEGAEKACYWIQRl
-dgxR7eogF86iyhUVW215ylbqNAUCX+uckAIbAgUJCWYBgAJACRAVW215ylbqNMF0
-IAQZAQoAHRYhBC9cO+mIas0pEyme+6uh+biHWmZhBQJf65yQAAoJEKuh+biHWmZh
-ZIIP/2FxCz40ev/sR60ozPRg/eMqAx8M8tmwACjPk84tCZryTRQ9dQ2nKzIWIQvt
-rLljl0OU3CCLgHRHl5lEjTgeDSfvrCLgss48fKAenBlHLGTzaMqdI6bs1fg7Ieh5
-dZQd9Crf6xLC7tBSjEzaqaPseux9tEdLEbHn8oJlQAgymW4wBko+ymriZpjs43Hx
-ir8iHn/H+oSJe4tOwaGmLzbMY5LMffvUWVKnoacjIx92XiVlUVypkh22iSa0upsz
-vseu+hiytwBMyxU99dsRwOQy2BZd3P/tCwpnDI8hSZCzBTyuo6XNgwLHZzvUuNKc
-qXZK4kxPRTVGyur9S1rYbZqnmPf4Wy7wFtwRUvbVve6BVdc7v9zWsTkEtTEJ4Buh
-GHSwBTdGKy8CJJgRN8K2umGCPxnUNvoCOsqW6xIJTp2baM1nRWZf1UvNjgVhwyJt
-AlrMk1xdmDDqVUO80Y5p7Jn2G1XPlQOVHcjyjFtM4sIWPqnrRzTzB4xTAZ1push3
-EOys2+4IGLgS7P6z0q+4Cxwtnm32ZueQDWyQA5gOOZAodb8HCku6sIIiF+zGtrNO
-F45xsKAoJVPt5VvH4zOKK+TbYyHAN/Ujpf09zXrTtmrnHwjB8PD+Uq2Ober/Zf5Q
-4MGnzQAy/Qkw8suciIxgLC9kCNwJIFRULHMTUsAFaAq+L9+IBmwP/R2Yt/Gop4Nl
-IfJDSMIBXGVn/2I2rTW0NDU3UC1njVRSVwQ4fjyRcuxi7dM/f8YBPnNGXO2Ur709
-f7LF7GkY/VgjQ9RWaZ6CB3GPhUjj1Q5nmW+lQkyehPYgx1/MuD3wq3w/BfYyrYHb
-xRn5r4N5QmUasFrPH8Ey/zI2cEFwckek0Z1G2SwnkEsY0e9vy12RvCGGicHJ+Xxs
-7E/L6rEjRpcQg1xzzCh1Sdx4ZKIxss9N5vJ5xCTd9kFl68ZCQJEz9zJUztEiEYcG
-l6WQ+BK3W4UepkbzgZ1HVB2LWf84cHC4a983k0avI1KtKSNd6Nn4qUJUa1Hj+mw7
-tlCwt97V+vbEnhFsoVjObJqsVXQOs9CdOiV2vsRqVD5tQPEq3AfowGHtNgxXbfO/
-wPiLmPSzZOaAlFaRXX6Off9B6RYuh5pVd/njewpsPAJfefiYeBOS0nThrQMbweyf
-S7FG/ibAE8NspI2Dn3nT+D6cUeYzCVkhNKKgBzYotODMl0N3H6pfOQwWp0aO8teo
-0v07lrePvMGNQcu2GuTM1v9YOt5kMrfbNgdAfrN8BLPUV/ZseCdKlfJLNlh6/pxr
-STw95n1JvFHpSZCMR5NWbiEdtXZmlJTFlMNMww8vO3DwTkA9hdqnKl04yPHQQpMD
-A5zVwuXbvH6GHaZJVHUrII6w8rjimo5r
-=e4lF
------END PGP PUBLIC KEY BLOCK-----
diff --git a/sandcastle-ng/apt/caddy-stable-archive-keyring.gpg.gpg
b/sandcastle-ng/apt/caddy-stable-archive-keyring.gpg.gpg
deleted file mode 100644
index 286fb00..0000000
Binary files a/sandcastle-ng/apt/caddy-stable-archive-keyring.gpg.gpg and
/dev/null differ
diff --git a/sandcastle-ng/apt/caddy-stable.list
b/sandcastle-ng/apt/caddy-stable.list
deleted file mode 100644
index d9503cb..0000000
--- a/sandcastle-ng/apt/caddy-stable.list
+++ /dev/null
@@ -1,9 +0,0 @@
-# Source: Caddy
-# Site: https://github.com/caddyserver/caddy
-# Repository: Caddy / stable
-# Description: Fast, multi-platform web server with automatic HTTPS
-
-
-deb [signed-by=/usr/share/keyrings/caddy-stable-archive-keyring.gpg]
https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main
-
-deb-src [signed-by=/usr/share/keyrings/caddy-stable-archive-keyring.gpg]
https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main
diff --git a/sandcastle-ng/buildconfig/README b/sandcastle-ng/buildconfig/README
deleted file mode 100644
index 005630f..0000000
--- a/sandcastle-ng/buildconfig/README
+++ /dev/null
@@ -1,5 +0,0 @@
-These files determine the git tag from which the respective components are
-built in the base Docker image.
-
-They are in separate files to make modification checking with
-staged Docker builds work nicely.
diff --git a/sandcastle-ng/buildconfig/exchange.tag
b/sandcastle-ng/buildconfig/exchange.tag
deleted file mode 100644
index 49749c4..0000000
--- a/sandcastle-ng/buildconfig/exchange.tag
+++ /dev/null
@@ -1 +0,0 @@
-v0.9.4-dev.10
diff --git a/sandcastle-ng/buildconfig/gnunet.tag
b/sandcastle-ng/buildconfig/gnunet.tag
deleted file mode 100644
index 20f123f..0000000
--- a/sandcastle-ng/buildconfig/gnunet.tag
+++ /dev/null
@@ -1 +0,0 @@
-v0.21.0-talerdev.5
diff --git a/sandcastle-ng/buildconfig/libeufin.tag
b/sandcastle-ng/buildconfig/libeufin.tag
deleted file mode 100644
index 67c0387..0000000
--- a/sandcastle-ng/buildconfig/libeufin.tag
+++ /dev/null
@@ -1 +0,0 @@
-v0.9.3-dev.34
diff --git a/sandcastle-ng/buildconfig/libmhd.tag
b/sandcastle-ng/buildconfig/libmhd.tag
deleted file mode 100644
index 17ab5bf..0000000
--- a/sandcastle-ng/buildconfig/libmhd.tag
+++ /dev/null
@@ -1 +0,0 @@
-v0.9.75
diff --git a/sandcastle-ng/buildconfig/merchant-demos.tag
b/sandcastle-ng/buildconfig/merchant-demos.tag
deleted file mode 100644
index 8864e2c..0000000
--- a/sandcastle-ng/buildconfig/merchant-demos.tag
+++ /dev/null
@@ -1 +0,0 @@
-v0.9.3-dev.6
diff --git a/sandcastle-ng/buildconfig/merchant.tag
b/sandcastle-ng/buildconfig/merchant.tag
deleted file mode 100644
index 41f902e..0000000
--- a/sandcastle-ng/buildconfig/merchant.tag
+++ /dev/null
@@ -1 +0,0 @@
-v0.9.4-dev.5
diff --git a/sandcastle-ng/buildconfig/sync.tag
b/sandcastle-ng/buildconfig/sync.tag
deleted file mode 100644
index 188bef5..0000000
--- a/sandcastle-ng/buildconfig/sync.tag
+++ /dev/null
@@ -1 +0,0 @@
-v0.9.3
diff --git a/sandcastle-ng/buildconfig/wallet.tag
b/sandcastle-ng/buildconfig/wallet.tag
deleted file mode 100644
index 3698a46..0000000
--- a/sandcastle-ng/buildconfig/wallet.tag
+++ /dev/null
@@ -1 +0,0 @@
-v0.9.4-dev.4
diff --git a/sandcastle-ng/host/taler-sandcastle.service
b/sandcastle-ng/host/taler-sandcastle.service
deleted file mode 100644
index bea28bc..0000000
--- a/sandcastle-ng/host/taler-sandcastle.service
+++ /dev/null
@@ -1,13 +0,0 @@
-[Unit]
-Description=Taler Sandcastle
-Wants=network-online.target
-After=network-online.target
-
-[Service]
-ExecStart=%h/deployment/sandcastle-ng/sandcastle-run
-ExecStop=/usr/bin/podman stop -t 10 taler-sandcastle
-Restart=on-failure
-Type=exec
-
-[Install]
-WantedBy=default.target
diff --git a/sandcastle-ng/overrides/test.taler.net
b/sandcastle-ng/overrides/test.taler.net
deleted file mode 100644
index 0e9c269..0000000
--- a/sandcastle-ng/overrides/test.taler.net
+++ /dev/null
@@ -1,2 +0,0 @@
-CURRENCY=TESTKUDOS
-MYDOMAIN=test.taler.net
diff --git a/sandcastle-ng/print-component-versions
b/sandcastle-ng/print-component-versions
deleted file mode 100755
index d523471..0000000
--- a/sandcastle-ng/print-component-versions
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-set -e
-
-for i in buildconfig/*.tag ; do
- echo "$i is: $(cat $i)"
-done
diff --git a/sandcastle-ng/sandcastle-build b/sandcastle-ng/sandcastle-build
deleted file mode 100755
index 7a655dd..0000000
--- a/sandcastle-ng/sandcastle-build
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-
-set -eu
-
-SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
-
-cd "$SCRIPT_DIR"
-
-exec podman build -f Dockerfile --target taler-final -t taler-base-all .
diff --git a/sandcastle-ng/sandcastle-enter b/sandcastle-ng/sandcastle-enter
deleted file mode 100755
index 25bf48e..0000000
--- a/sandcastle-ng/sandcastle-enter
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/usr/bin/env bash
-
-exec podman exec -it taler-sandcastle /bin/bash
diff --git a/sandcastle-ng/sandcastle-run b/sandcastle-ng/sandcastle-run
deleted file mode 100755
index 7d31257..0000000
--- a/sandcastle-ng/sandcastle-run
+++ /dev/null
@@ -1,71 +0,0 @@
-#!/usr/bin/env bash
-
-# Run the Taler container with all the right mounts and preset parameters
-
-set -exou
-
-SANDCASTLE_PORT_MERCHANT=16000
-SANDCASTLE_PORT_EXCHANGE=16001
-SANDCASTLE_PORT_BLOG=16002
-SANDCASTLE_PORT_DONATIONS=16003
-SANDCASTLE_PORT_SURVEY=16004
-SANDCASTLE_PORT_LANDING=16005
-SANDCASTLE_PORT_LIBEUFIN_BANK=16007
-SANDCASTLE_PORT_BANK_SPA=16009
-
-# Container-internal ports, should by synced with scripts/setup-sandcastle.sh
-PORT_INTERNAL_EXCHANGE=8201
-PORT_INTERNAL_MERCHANT=8301
-PORT_INTERNAL_LIBEUFIN_BANK=8080
-PORT_INTERNAL_LANDING=8501
-PORT_INTERNAL_BLOG=8502
-PORT_INTERNAL_DONATIONS=8503
-PORT_INTERNAL_SURVEY=8504
-PORT_INTERNAL_BANK_SPA=8505
-
-SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
-cd $SCRIPT_DIR
-
-existing_id=$(podman ps -q -a -f=name=taler-sandcastle)
-
-if [[ ! -z "$existing_id" ]]; then
- echo "removing existing taler-sandcastle container $existing_id"
- podman rm "$existing_id"
-fi
-
-# We need to be careful with SELinux when using volume mounts, relabel!
-
-SETUP_NAME=${SANDCASTLE_SETUP_NAME:-demo}
-if [[ ! -z "${SANDCASTLE_OVERRIDE_NAME:-}" ]]; then
- OVERRIDES="-v $PWD/overrides/${SANDCASTLE_OVERRIDE_NAME}:/overrides:Z"
-else
- OVERRIDES=""
-fi
-
-# Beware: It is futile to pass environment variables to the container here,
-# as they will not be available in the systemd unit that provisions the
-# services in the container.
-# That's why we mount the right start-up script and override
-# to a well-known location.
-
-podman run \
- -d \
- -p=$SANDCASTLE_PORT_MERCHANT:$PORT_INTERNAL_MERCHANT \
- -p=$SANDCASTLE_PORT_EXCHANGE:$PORT_INTERNAL_EXCHANGE \
- -p=$SANDCASTLE_PORT_LIBEUFIN_BANK:$PORT_INTERNAL_LIBEUFIN_BANK \
- -p=$SANDCASTLE_PORT_LANDING:$PORT_INTERNAL_LANDING \
- -p=$SANDCASTLE_PORT_BLOG:$PORT_INTERNAL_BLOG \
- -p=$SANDCASTLE_PORT_DONATIONS:$PORT_INTERNAL_DONATIONS \
- -p=$SANDCASTLE_PORT_SURVEY:$PORT_INTERNAL_SURVEY \
- -p=$SANDCASTLE_PORT_BANK_SPA:$PORT_INTERNAL_BANK_SPA \
- --name taler-sandcastle \
- --systemd=always \
- -v talerdata:/talerdata:Z \
- $OVERRIDES \
- -v $PWD/scripts:/scripts:Z \
- -v $PWD/scripts/$SETUP_NAME:/provision:Z \
- --entrypoint /sbin/init \
- "$@" \
- taler-base-all
-
-exec podman exec -it taler-sandcastle journalctl -f
diff --git a/sandcastle-ng/scripts/demo/setup-sandcastle.sh
b/sandcastle-ng/scripts/demo/setup-sandcastle.sh
deleted file mode 100755
index 2f4d4b3..0000000
--- a/sandcastle-ng/scripts/demo/setup-sandcastle.sh
+++ /dev/null
@@ -1,482 +0,0 @@
-#!/usr/bin/env bash
-
-# This scripts provisions all configuration and
-# services for the Taler sandcastle container.
-#
-# Important: This script needs to be completely
-# idempotent, nothing must break if it is executed
-# multiple times.
-
-set -eu
-set -x
-
-if [[ ! -z "${SANDCASTLE_SKIP_SETUP:-}" ]]; then
- echo "skipping sandcastle setup, requested by environment var
SANDCASTLE_SKIP_SETUP"
- exit 1
-fi
-
-echo "Provisioning sandcastle"
-
-# General configuration.
-# Might eventually be moved to an external file.
-
-# Source any ovverrides from external file
-if [[ -e /overrides ]]; then
- source /overrides
-fi
-
-CURRENCY=${CURRENCY:="KUDOS"}
-EXCHANGE_IBAN=DE159593
-EXCHANGE_PLAIN_PAYTO=payto://iban/$EXCHANGE_IBAN
-EXCHANGE_FULL_PAYTO="payto://iban/$EXCHANGE_IBAN?receiver-name=Sandcastle+Echange+Inc"
-EXCHANGE_BANK_PASSWORD=sandbox
-
-# Randomly generated IBANs for the merchants
-MERCHANT_IBAN_DEFAULT=DE5135717
-MERCHANT_IBAN_POS=DE4218710
-MERCHANT_IBAN_BLOG=DE8292195
-MERCHANT_IBAN_GNUNET=DE9709960
-MERCHANT_IBAN_TALER=DE1740597
-MERCHANT_IBAN_TOR=DE2648777
-MERCHANT_IBAN_SURVEY=DE0793060
-
-MYDOMAIN=${MYDOMAIN:="demo.taler.net"}
-LANDING_DOMAIN=$MYDOMAIN
-BANK_DOMAIN=bank.$MYDOMAIN
-EXCHANGE_DOMAIN=exchange.$MYDOMAIN
-MERCHANT_DOMAIN=backend.$MYDOMAIN
-BLOG_DOMAIN=shop.$MYDOMAIN
-DONATIONS_DOMAIN=donations.$MYDOMAIN
-SURVEY_DOMAIN=survey.$MYDOMAIN
-
-# Ports of the services running inside the container.
-# Should be synchronized with the sandcastle-run script.
-PORT_INTERNAL_EXCHANGE=8201
-PORT_INTERNAL_MERCHANT=8301
-PORT_INTERNAL_LIBEUFIN_BANK=8080
-PORT_INTERNAL_LANDING=8501
-PORT_INTERNAL_BLOG=8502
-PORT_INTERNAL_DONATIONS=8503
-PORT_INTERNAL_SURVEY=8504
-PORT_INTERNAL_BANK_SPA=8505
-
-# Just make sure the services are stopped
-systemctl stop taler-exchange.target
-systemctl stop taler-merchant-httpd.service
-systemctl stop postgresql.service
-systemctl stop taler-demo-landing.service
-systemctl stop taler-demo-blog.service
-systemctl stop taler-demo-donations.service
-systemctl stop taler-demo-survey.service
-systemctl stop libeufin-bank.service
-
-# We now make sure that some important locations are symlinked to
-# the persistent storage volume.
-# Files that already exist in this location are moved to the storage volume
-# and then symlinked.
-# These locations are:
-# /etc/taler
-# /etc/libeufin
-# /var/lib/taler
-# postgres DB directory
-
-function lift_dir() {
- src=$1
- target=$2
- if [[ -L "$src" ]]; then
- # be idempotent
- echo "$src is already a symlink"
- elif [[ -d /talerdata/$target ]]; then
- echo "symlinking existing /talerdata/$target"
- rm -rf "$src"
- ln -s "/talerdata/$target" "$src"
- else
- echo "symlinking new /talerdata/$target"
- mv "$src" "/talerdata/$target"
- ln -s "/talerdata/$target" "$src"
- fi
-}
-
-lift_dir /var/lib/taler var-lib-taler
-lift_dir /etc/taler etc-taler
-lift_dir /etc/libeufin etc-libeufin
-lift_dir /var/lib/postgresql var-lib-postgresql
-
-# Caddy configuration.
-# We use the caddy reverse proxy with automatic
-# internal TLS setup to ensure that the services are
-# reachable inside the container without any external
-# DNS setup under the same domain name and with TLS
-# from inside the container.
-
-systemctl stop caddy.service
-
-cat <<EOF > /etc/caddy/Caddyfile
-https://$BANK_DOMAIN {
- tls internal
- reverse_proxy :8080 {
- # libeufin-bank should eventually not require this anymore,
- # but currently doesn't work without this header.
- header_up X-Forwarded-Prefix ""
- }
-}
-
-https://$EXCHANGE_DOMAIN {
- tls internal
- reverse_proxy unix//run/taler/exchange-httpd/exchange-http.sock
-}
-
-https://$MERCHANT_DOMAIN {
- tls internal
- reverse_proxy unix//run/taler/merchant-httpd/merchant-http.sock
-}
-
-# Services that only listen on unix domain sockets
-# are reverse-proxied to serve on a TCP port.
-
-:$PORT_INTERNAL_EXCHANGE {
- reverse_proxy unix//run/taler/exchange-httpd/exchange-http.sock
-}
-
-:$PORT_INTERNAL_MERCHANT {
- reverse_proxy unix//run/taler/merchant-httpd/merchant-http.sock {
- # Set this, or otherwise wrong taler://pay URIs will be generated.
- header_up X-Forwarded-Proto "https"
- }
-}
-
-:$PORT_INTERNAL_BANK_SPA {
- root * /usr/share/libeufin/spa
- root /settings.json /etc/libeufin/
- file_server
-}
-EOF
-
-cat <<EOF >> /etc/hosts
-# Start of Taler Sandcastle Domains
-127.0.0.1 $LANDING_DOMAIN
-127.0.0.1 $BANK_DOMAIN
-127.0.0.1 $EXCHANGE_DOMAIN
-127.0.0.1 $MERCHANT_DOMAIN
-127.0.0.1 $BLOG_DOMAIN
-127.0.0.1 $DONATIONS_DOMAIN
-127.0.0.1 $SURVEY_DOMAIN
-# End of Taler Sandcastle Domains
-EOF
-
-systemctl start caddy.service
-
-# Install local, internal CA certs for caddy
-caddy trust
-
-systemctl start postgresql.service
-
-# Set up bank
-
-
-BANK_DB=libeufinbank
-
-cat <<EOF >/etc/libeufin/libeufin-bank.conf
-[libeufin-bankdb-postgres]
-# DB connection string
-CONFIG = postgresql:///$BANK_DB
-
-[libeufin-bank]
-CURRENCY = $CURRENCY
-DEFAULT_DEBT_LIMIT = $CURRENCY:500
-REGISTRATION_BONUS = $CURRENCY:100
-SPA_CAPTCHA_URL = https://$BANK_DOMAIN/webui/#/operation/{woid}
-SUGGESTED_WITHDRAWAL_EXCHANGE = https://$EXCHANGE_DOMAIN/
-ALLOW_REGISTRATION = yes
-SERVE = tcp
-PORT = 8080
-
-[currency-$CURRENCY]
-ENABLED = YES
-name = "$CURRENCY (Taler Demonstrator)"
-code = "$CURRENCY"
-decimal_separator = "."
-fractional_input_digits = 2
-fractional_normal_digits = 2
-fractional_trailing_zero_digits = 2
-is_currency_name_leading = NO
-alt_unit_names = {"0":"$CURRENCY"}
-EOF
-
-cat <<EOF >/etc/libeufin/settings.json
-{
- "topNavSites": {
- "Landing": "https://$LANDING_DOMAIN/";,
- "Bank": "https://$BANK_DOMAIN";,
- "Essay Shop": "https://$BLOG_DOMAIN";,
- "Donations": "https://$DONATIONS_DOMAIN";,
- "Survey": "https://$SURVEY_DOMAIN";
- }
-}
-EOF
-
-libeufin-dbconfig
-
-systemctl enable --now libeufin-bank.service
-
-taler-harness deployment wait-taler-service libeufin-bank
https://$BANK_DOMAIN/config
-
-taler-harness deployment provision-bank-account https://$BANK_DOMAIN/ \
- --login exchange --exchange --public \
- --payto $EXCHANGE_PLAIN_PAYTO \
- --name Exchange \
- --password sandbox
-
-taler-harness deployment provision-bank-account https://$BANK_DOMAIN/ \
- --login merchant-default --public \
- --payto "payto://iban/$MERCHANT_IBAN_DEFAULT" \
- --name "Default Demo Merchant" \
- --password sandbox
-
-taler-harness deployment provision-bank-account https://$BANK_DOMAIN/ \
- --login merchant-pos --public \
- --payto "payto://iban/$MERCHANT_IBAN_POS" \
- --name "PoS Merchant" \
- --password sandbox
-
-taler-harness deployment provision-bank-account https://$BANK_DOMAIN/ \
- --login merchant-blog --public \
- --payto "payto://iban/$MERCHANT_IBAN_BLOG" \
- --name "Blog Merchant" \
- --password sandbox
-
-taler-harness deployment provision-bank-account https://$BANK_DOMAIN/ \
- --login merchant-gnunet --public \
- --payto "payto://iban/$MERCHANT_IBAN_GNUNET" \
- --name "GNUnet Donations Merchant" \
- --password sandbox
-
-taler-harness deployment provision-bank-account https://$BANK_DOMAIN/ \
- --login merchant-taler --public \
- --payto "payto://iban/$MERCHANT_IBAN_TALER" \
- --name "Taler Donations Merchant" \
- --password sandbox
-
-taler-harness deployment provision-bank-account https://$BANK_DOMAIN/ \
- --login merchant-tor --public \
- --payto "payto://iban/$MERCHANT_IBAN_TOR" \
- --name "Tor Donations Merchant" \
- --password sandbox
-
-taler-harness deployment provision-bank-account https://$BANK_DOMAIN/ \
- --login merchant-survey --public \
- --payto "payto://iban/$MERCHANT_IBAN_SURVEY" \
- --name "Tor Survey Merchant" \
- --password sandbox
-
-sudo -i -u libeufin-bank libeufin-bank edit-account admin
--debit_threshold=$CURRENCY:1000000
-sudo -i -u libeufin-bank libeufin-bank passwd admin sandbox
-
-# Set up exchange
-
-MASTER_PUBLIC_KEY=$(sudo -i -u taler-exchange-offline taler-exchange-offline
-LDEBUG setup)
-
-EXCHANGE_DB=talerexchange
-
-# Generate /etc/taler/conf.d/setup.conf
-cat <<EOF > /etc/taler/conf.d/setup.conf
-[taler]
-CURRENCY = $CURRENCY
-CURRENCY_ROUND_UNIT = $CURRENCY:0.01
-
-[currency-$CURRENCY]
-ENABLED = YES
-name = "$CURRENCY (Taler Demonstrator)"
-code = "$CURRENCY"
-decimal_separator = "."
-fractional_input_digits = 2
-fractional_normal_digits = 2
-fractional_trailing_zero_digits = 2
-is_currency_name_leading = NO
-alt_unit_names = {"0":"$CURRENCY"}
-
-[exchange]
-AML_THRESHOLD = $CURRENCY:1000000
-MASTER_PUBLIC_KEY = $MASTER_PUBLIC_KEY
-BASE_URL = https://$EXCHANGE_DOMAIN/
-
-[exchange-account-default]
-PAYTO_URI = $EXCHANGE_FULL_PAYTO
-ENABLE_DEBIT = YES
-ENABLE_CREDIT = YES
-@inline-secret@ exchange-accountcredentials-default
../secrets/exchange-accountcredentials-default.secret.conf
-EOF
-
-cat <<EOF >/etc/taler/secrets/exchange-db.secret.conf
-[exchangedb-postgres]
-CONFIG=postgres:///${EXCHANGE_DB}
-EOF
-chmod 440 /etc/taler/secrets/exchange-db.secret.conf
-chown root:taler-exchange-db /etc/taler/secrets/exchange-db.secret.conf
-
-cat <<EOF > /etc/taler/secrets/exchange-accountcredentials-default.secret.conf
-[exchange-accountcredentials-default]
-WIRE_GATEWAY_URL = https://$BANK_DOMAIN/accounts/exchange/taler-wire-gateway/
-WIRE_GATEWAY_AUTH_METHOD = basic
-USERNAME = exchange
-PASSWORD = ${EXCHANGE_BANK_PASSWORD}
-EOF
-
-chmod 400 /etc/taler/secrets/exchange-accountcredentials-default.secret.conf
-chown taler-exchange-wire:taler-exchange-db
/etc/taler/secrets/exchange-accountcredentials-default.secret.conf
-
-if [[ ! -e /etc/taler/conf.d/$CURRENCY-coins.conf ]]; then
- # Only create if necessary, as each [COIN-...] section
- # has a unique name with a timestamp.
- taler-harness deployment gen-coin-config \
- --min-amount "${CURRENCY}:0.01" \
- --max-amount "${CURRENCY}:100" \
- >"/etc/taler/conf.d/$CURRENCY-coins.conf"
-fi
-
-echo "Initializing exchange database"
-taler-exchange-dbconfig
-
-taler-terms-generator -K -i /usr/share/taler/terms/exchange-tos-v0
-taler-terms-generator -K -i /usr/share/taler/terms/exchange-pp-v0
-
-systemctl enable --now taler-exchange.target
-
-taler-harness deployment wait-taler-service taler-exchange
https://$EXCHANGE_DOMAIN/config
-taler-harness deployment wait-endpoint https://$EXCHANGE_DOMAIN/management/keys
-
-sudo -i -u taler-exchange-offline \
- taler-exchange-offline \
- -c /etc/taler/taler.conf \
- download \
- sign \
- upload
-
-sudo -i -u taler-exchange-offline \
- taler-exchange-offline \
- enable-account "${EXCHANGE_FULL_PAYTO}" \
- wire-fee now iban "${CURRENCY}":0 "${CURRENCY}":0 \
- global-fee now "${CURRENCY}":0 "${CURRENCY}":0 "${CURRENCY}":0 1h 6a 0 \
- upload
-
-# Set up merchant backend
-
-MERCHANT_DB=talermerchant
-
-cat <<EOF >/etc/taler/secrets/merchant-db.secret.conf
-[merchantdb-postgres]
-CONFIG=postgres:///${MERCHANT_DB}
-EOF
-
-chmod 440 /etc/taler/secrets/merchant-db.secret.conf
-chown taler-merchant-httpd:root /etc/taler/secrets/merchant-db.secret.conf
-
-taler-merchant-dbconfig
-
-# The config shipped with the package can conflict with the
-# trusted sandcastle exchange if the currency is KUDOS.
-rm /usr/share/taler/config.d/kudos.conf
-
-cat <<EOF >/etc/taler/conf.d/merchant-exchanges.conf
-[merchant-exchange-sandcastle]
-EXCHANGE_BASE_URL = https://$EXCHANGE_DOMAIN/
-MASTER_KEY = $MASTER_PUBLIC_KEY
-CURRENCY = $CURRENCY
-EOF
-
-systemctl enable --now taler-merchant-httpd
-taler-harness deployment wait-taler-service taler-merchant
https://$MERCHANT_DOMAIN/config
-
-taler-harness deployment provision-merchant-instance \
- https://$MERCHANT_DOMAIN/ \
- --management-token secret-token:sandbox \
- --instance-token secret-token:sandbox \
- --name Merchant \
- --id default \
- --payto "payto://iban/$MERCHANT_IBAN_DEFAULT?receiver-name=Merchant"
-
-taler-harness deployment provision-merchant-instance \
- https://$MERCHANT_DOMAIN/ \
- --management-token secret-token:sandbox \
- --instance-token secret-token:sandbox \
- --name "POS Merchant" \
- --id pos \
- --payto "payto://iban/$MERCHANT_IBAN_POS?receiver-name=POS+Merchant"
-
-taler-harness deployment provision-merchant-instance \
- https://$MERCHANT_DOMAIN/ \
- --management-token secret-token:sandbox \
- --instance-token secret-token:sandbox \
- --name "Blog Merchant" \
- --id blog \
- --payto "payto://iban/$MERCHANT_IBAN_BLOG?receiver-name=Blog+Merchant"
-
-taler-harness deployment provision-merchant-instance \
- https://$MERCHANT_DOMAIN/ \
- --management-token secret-token:sandbox \
- --instance-token secret-token:sandbox \
- --name "GNUnet Merchant" \
- --id gnunet \
- --payto "payto://iban/$MERCHANT_IBAN_GNUNET?receiver-name=GNUnet+Merchant"
-
-taler-harness deployment provision-merchant-instance \
- https://$MERCHANT_DOMAIN/ \
- --management-token secret-token:sandbox \
- --instance-token secret-token:sandbox \
- --name "Taler Merchant" \
- --id taler \
- --payto "payto://iban/$MERCHANT_IBAN_TALER?receiver-name=Taler+Merchant"
-
-taler-harness deployment provision-merchant-instance \
- https://$MERCHANT_DOMAIN/ \
- --management-token secret-token:sandbox \
- --instance-token secret-token:sandbox \
- --name "Tor Merchant" \
- --id tor \
- --payto "payto://iban/$MERCHANT_IBAN_TOR?receiver-name=Tor+Merchant"
-
-
-# Now we set up the taler-merchant-demos
-
-cat <<EOF >/etc/taler/taler-merchant-frontends.conf
-# Different entry point, we need to repeat some settings.
-# In the future, taler-merchant-demos should become
-# robust enough to read from the main config.
-[taler]
-CURRENCY = $CURRENCY
-[frontends]
-BACKEND = https://$MERCHANT_DOMAIN/
-BACKEND_APIKEY = secret-token:sandbox
-[landing]
-SERVE = http
-HTTP_PORT = $PORT_INTERNAL_LANDING
-[blog]
-SERVE = http
-HTTP_PORT = $PORT_INTERNAL_BLOG
-[donations]
-SERVE = http
-HTTP_PORT = $PORT_INTERNAL_DONATIONS
-[survey]
-SERVE = http
-HTTP_PORT = $PORT_INTERNAL_SURVEY
-EOF
-
-# This really should not exist, the taler-merchant-frontends
-# should be easier to configure!
-cat <<EOF >/etc/taler/taler-merchant-frontends.env
-TALER_ENV_URL_INTRO=https://$LANDING_DOMAIN/
-TALER_ENV_URL_LANDING=https://$LANDING_DOMAIN/
-TALER_ENV_URL_BANK=https://$BANK_DOMAIN/
-TALER_ENV_URL_MERCHANT_BLOG=https://$BLOG_DOMAIN/
-TALER_ENV_URL_MERCHANT_DONATIONS=https://$DONATIONS_DOMAIN/
-TALER_ENV_URL_MERCHANT_SURVEY=https://$SURVEY_DOMAIN/
-EOF
-
-systemctl enable --now taler-demo-landing
-systemctl enable --now taler-demo-blog
-systemctl enable --now taler-demo-donations
-systemctl enable --now taler-demo-survey
-
-
-# FIXME: Maybe do some taler-wallet-cli test?
-# FIXME: How do we report errors occurring during the setup script?
diff --git a/sandcastle-ng/scripts/none/setup-sandcastle.sh
b/sandcastle-ng/scripts/none/setup-sandcastle.sh
deleted file mode 100755
index 1427b11..0000000
--- a/sandcastle-ng/scripts/none/setup-sandcastle.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/usr/bin/env bash
-
-echo "skipping provisioning"
diff --git a/sandcastle-ng/systemd/setup-sandcastle.service
b/sandcastle-ng/systemd/setup-sandcastle.service
deleted file mode 100644
index 31ff233..0000000
--- a/sandcastle-ng/systemd/setup-sandcastle.service
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=Provision the sandcastle
-ConditionPathExists=/provision/setup-sandcastle.sh
-
-[Service]
-Type=oneshot
-ExecStart=/provision/setup-sandcastle.sh
-RemainAfterExit=yes
-
-[Install]
-WantedBy=multi-user.target
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-deployment] branch master updated: remove sandcastle-ng from tree,
gnunet <=