| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
 | \input texinfo @c -*-texinfo-*-
@c %**start of header
@setfilename manual.info
@include version.texi
@settitle The GNU Taler exchange operator tutorial @value{VERSION}
@c Define a new index for options.
@defcodeindex op
@c Combine everything into one index (arbitrarily chosen to be the
@c concept index).
@syncodeindex op cp
@c %**end of header
@copying
This manual is for the GNU Taler exchange (version @value{VERSION}, @value{UPDATED}),
Copyright @copyright{} 2017 INRIA
@quotation
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
any later version published by the Free Software Foundation; with no
Invariant Sections, with no Front-Cover Texts, and with no Back-Cover
Texts.  A copy of the license is included in the section entitled
``GNU Free Documentation License''.
@end quotation
@end copying
@c If your manual is published on paper by the FSF, it should include
@c The standard FSF Front-Cover and Back-Cover Texts, as given in
@c maintain.texi.
@c
@c Titlepage
@c
@titlepage
@title The GNU Taler exchange operator tutorial
@subtitle Version @value{VERSION}
@subtitle @value{UPDATED}
@author Marcello Stanisci (@email{marcello.stanisci@@inria.fr})
@page
@vskip 0pt plus 1filll
@insertcopying
@end titlepage
@summarycontents
@contents
@ifnottex
@node Top
@top The GNU Taler manual for Web shops
@insertcopying
@end ifnottex
@menu
* Introduction::            Whom this manual is addressed to
* Installation::            Installing the exchange
* Configuration::           How to set up the exchange
Appendices
* GNU-LGPL::                     The GNU Lesser General Public License says how you
                                 can use the code of libtalermerchant.so in your own projects.
* GNU Affero GPL::               The Affero GNU General Public License says how you
                                 can copy and share the Taler merchant backend.
* GNU-FDL::                      The GNU Free Documentation License says how you
                                 can copy and share the documentation of GNU Taler.
Indices
* Concept Index::               Index of concepts and programs.
@end menu
@node Introduction
@chapter Introduction
@section About GNU Taler
GNU Taler is an open protocol for an electronic payment system with a
free software reference implementation.  GNU Taler offers secure, fast
and easy payment processing using well understood cryptographic
techniques.  GNU Taler allows customers to remain anonymous, while
ensuring that merchants can be held accountable by governments.
Hence, GNU Taler is compatible with anti-money-laundering (AML) and
know-your-customer (KYC) regulation, as well as data protection
regulation (such as GDPR).
GNU Taler is not yet production-ready, after following this manual
you will have a working Taler exchange installed and configured.
@section About this manual
This tutorial targets system administrators who want to install a GNU Taler exchange.
We expect some moderate familiarity with the compilation and installation
of free software packages. An understanding of cryptography is not required.
@section Architecture overview
@node Installation
@menu
* generic-instructions:: Generic installation guidelines
@end menu
@chapter Installation
This chapter describes how to install the GNU Taler exchange.
@node generic-instructions
@section Generic instructions
This section provides generic instructions for the exchange
installation independent of any particular operating system.
Operating system specific instructions are provided in the following
sections.  You should follow the operating system specific
instructions if those are available, and only consult the generic
instructions if no system-specific instructions are provided for your
specific operating system.
@subsection Installation of dependencies
The following packages need to be installed before we can compile the
backend:
@itemize
@item autoconf @math{\ge 2.69}
@item automake @math{\ge 1.14}
@item libtool @math{\ge 2.4}
@item autopoint @math{\ge 0.19}
@item libltdl @math{\ge 2.4}
@item libunistring @math{\ge 0.9.3}
@item libcurl @math{\ge 7.26} (or libgnurl @math{\ge 7.26})
@item GNU libmicrohttpd @math{\ge 0.9.39}
@item GNU libgcrypt @math{\ge 1.6}
@item libjansson @math{\ge 2.7}
@item Postgres @math{\ge 9.4}, including libpq
@item libgnunetutil (from Git)
@item GNU Taler exchange (from Git)
@end itemize
Except for the last two, these are available in most GNU/Linux
distributions and should just be installed using the respective
package manager.
The following sections will provide detailed instructions for
installing the libgnunetutil and GNU Taler exchange dependencies.
@subsection Installing libgnunetutil
@cindex GNUnet
Before you install libgnunetutil, you must download and install the
dependencies mentioned in the previous section, otherwise the build
may succeed but fail to export some of the tooling required by Taler.
To download and install libgnunetutil, proceed as follows:
@example
$ git clone https://gnunet.org/git/gnunet/
$ cd gnunet/
$ ./bootstrap
$ ./configure [--prefix=GNUNETPFX]
$ # Each dependency can be fetched from non standard locations via
$ # the '--with-<LIBNAME>' option. See './configure --help'.
$ make
# make install
@end example
If you did not specify a prefix, GNUnet will install to
@code{/usr/local}, which requires you to run the last step as
@code{root}.
@subsection Installing the GNU Taler exchange
@cindex exchange
After installing GNUnet, you can download and install
the exchange as follows:
@example
$ git clone git://taler.net/exchange
$ cd exchange
$ ./bootstrap
$ ./configure [--prefix=EXCHANGEPFX] \
              [--with-gnunet=GNUNETPFX]
$ # Each dependency can be fetched from non standard locations via
$ # the '--with-<LIBNAME>' option. See './configure --help'.
$ make
# make install
@end example
If you did not specify a prefix, the exchange will install to
@code{/usr/local}, which requires you to run the last step as
@code{root}.  Note that you have to specify
@code{--with-gnunet=/usr/local} if you installed GNUnet to
@code{/usr/local} in the previous step.
@node Configuration
@chapter How to configure the exchange
@section The configuration file
@cindex taler-config
@cindex taler.conf
The installation already provides reasonable defaults.  The file
@code{$HOME/.config/taler.conf} is responsible of overriding defaults
values, or add new ones.  The format of the configuration file is
the well-known INI file format.  Nonetheless, the exchange takes a
@code{-c CONFIG} option that makes the file @code{CONFIG} ovveride
the defaults.
@cindex keys
@cindex denomination keys
@cindex auditor
@section Configuring keys
@subsection Denomination keys
@c FIXME TBD - NOTE, docs.taler.net contains already some text on this
@subsection Master key
@c FIXME TBD - NOTE, docs.taler.net contains already some text on this
@subsection Specifying auditors
In order to "add" any auditor to the list of the auditors accepted by
the exchange, it's required to (1) generate a cryptographic blob containing
metadata about the denomination keys, (2) ask the auditor to sign this blob,
and (3) copy the auditor signed blob to a exchange's dedicated directory.
The following command accomplishes step (1).
@example
taler-exchange-keyup -o blob
@end example
In production, step (2) is accomplished thanks to each auditor providing a RESTful
service that lets the exchange administrator upload the @code{blob} and get a signed
version of it.
Nonetheless, for testing purposes, the following command emulates a auditor's
signature that a exchange administrator can run locally.
@example
taler-auditor-sign -m EXCHANGE_MASTER_PUB -r BLOB -u AUDITOR_URI -o OUTPUT_FILE
@end example
The shown arguments are all mandatory.
@itemize
@item @code{EXCHANGE_MASTER_PUB} the base32 Crockford-encoded exchange's master
public key.  Tipically, this value lies in the configuration option
@code{[exchange]/master_public_key}.
@item @code{BLOB} the blob generated in step (1).
@item @code{AUDITOR_URI} the URI that identifies the auditor.
@item @code{OUTPUT_FILE} where on the disk the signed blob is to be saved.
@end itemize
As of step (3), the signed blob must be copied into the dorectory specified
by the option @code{AUDITOR_BASE_DIR} under the section @code{[exchangedb]}.
Assuming @code{AUDITOR_BASE_DIR = $@{HOME@}/.local/share/taler/auditors}, the
following command will "add" a auditor to the exchange.
@example
# assuming that the file 'blob' is in the CWD
cp blob $@{HOME@}/.local/share/taler/auditors
@end example
If the auditor has been correctly added, the exchange's @code{/keys} response
must contain an entry in the @code{auditors} array mentioning the auditor's URI
specified at step (2) in the @code{-u} argument.
@section Wire formats
@c FIXME TBD - NOTE, docs.taler.net _might_ contain already some text on this
@c **********************************************************
@c *******************  Appendices  *************************
@c **********************************************************
@node GNU-LGPL
@unnumbered GNU-LGPL
@cindex license
@cindex LGPL
@include lgpl.texi
@node GNU Affero GPL
@unnumbered GNU Affero GPL
@cindex license
@cindex Affero GPL
@include agpl.texi
@node GNU-FDL
@unnumbered GNU-FDL
@cindex license
@cindex GNU Free Documentation License
@include fdl-1.3.texi
@node Concept Index
@unnumbered Concept Index
@printindex cp
@bye
 |