koopa-admin-log/scripts/taler-merchant/README.md

2.1 KiB

taler-merchant scripts

Mirrored from podman taler-hacktivism.

File Location in container User
start_base_services_for_taler.sh /root/ root
start_merchant.sh /usr/local/bin/ taler-merchant-httpd
ensure_merchant_helpers.sh /usr/local/bin/ root → taler-merchant-httpd
setup_credit_facade.sh host root (/root/koopa-admin-log/…) root on koopa
check_merchant-health.sh /usr/local/bin/ any
certbot_renew.sh /root/scripts/ root (bg from base)
stats--merchant-payments.sh /usr/local/bin/ ops
taler-hacktivism-email-helper.sh /usr/local/bin/ merchant (SMTP password via env in git mirror)
taler-hacktivism-sms-helper-wrapper.sh /usr/local/bin/ merchant

Settlement (wired / transfers)

Automatic import needs:

  1. credit_facade_url = …/accounts/$BANK_USER/taler-revenue/ (not taler-wire-gateway/)
  2. Bearer bank token in credit_facade_credentials (Basic fails on history)
  3. Running taler-merchant-wirewatch + taler-merchant-depositcheck
# on koopa as root
./setup_credit_facade.sh
./ensure_merchant_helpers.sh   # inside container or via start_merchant

SMS backends are symlinks into /var/taler-src/... (not copied).

Usage

# root in container
./start_base_services_for_taler.sh
# then as taler-merchant-httpd in /usr/local/bin:
./start_merchant.sh --restart
# nginx (TLS frontend) if not already up — root:
# /etc/init.d/nginx start
./check_merchant-health.sh

check_merchant-health.sh

Check Severity
socket + listener + httpd + nginx FAIL
merchant /config (unix sock or :9010) FAIL
each enabled [merchant-exchange-*]: GET …/keys FAIL
MASTER_KEY matches master_public_key in /keys FAIL
helpers (webhook, exchangekeyupdate, depositcheck) WARN

Disabled exchanges (DISABLED = YES) are skipped.
If public exchange URL is unreachable from the container, falls back to http://127.0.0.1:9011/keys (and pasta host IPs).