Installation on Debian
=====================
Have a Debian server
-----------------------
Ensure you have a Debian server up and running before proceeding.
Add the Taler repository to the apt sources list
---------------------------------------------------
To add the Taler repository to your apt sources, run:
.. code-block:: bash
echo 'deb [signed-by=/etc/apt/keyrings/taler-systems.gpg] https://deb.taler.net/apt/debian bookworm main' | sudo tee /etc/apt/sources.list.d/taler.list
Import the Taler Systems SA public key and install packages
--------------------------------------------------------------
You must import the Taler Systems SA package signing key and then update/upgrade packages:
.. code-block:: bash
wget -O /etc/apt/keyrings/taler-systems.gpg https://taler.net/taler-systems.gpg
sudo apt update
sudo apt upgrade -y
sudo apt install postgresql nginx taler-merchant certbot python3-certbot-nginx -y
Configure the Taler merchant database
----------------------------------------
For the Taler merchant backend, configure the PostgreSQL database by running:
.. code-block:: bash
taler-merchant-dbconfig
Start the Taler merchant services
------------------------------------
Enable and start the Taler merchant services:
.. code-block:: bash
systemctl enable --now taler-merchant.target
Check that Taler merchant is running
---------------------------------------
Verify that the merchant service is active:
.. code-block:: bash
systemctl status taler-merchant-httpd.service
If you see **active (running)**, the Backend is installed successfully. Press **q** to exit the status screen.
Configure a DNS record
-------------------------
Create a new DNS record with your domain registrar:
- **Type**: A
- **Name**: backend (or a subdomain of your choice, in this tutorial we are using **tutorial**)
- **Value**: Your server’s IP address
Return to this guide after the DNS record is set up.
Create HTTPS certificates
----------------------------
Use Certbot to request an SSL/TLS certificate. Replace ``your.domain`` with your domain:
.. code-block:: bash
sudo certbot certonly --webroot -w /var/www/html -d your.domain
Follow the prompts to provide an email address and accept the terms of service.
Set up Taler merchant in Nginx
---------------------------------
Open the Nginx configuration file for Taler merchant:
.. code-block:: bash
nano /etc/nginx/sites-available/taler-merchant
Replace ``your.domain`` with your domain name as needed:
.. code-block:: bash
server {
listen 80;
listen [::]:80;
server_name your.domain;
access_log /var/log/nginx/merchant.log;
error_log /var/log/nginx/merchant.err;
location / {
proxy_pass http://unix:/var/run/taler-merchant/httpd/merchant-http.sock;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host "your.domain";
proxy_set_header X-Forwarded-Proto "http";
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name your.domain;
ssl_certificate /etc/letsencrypt/live/your.domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your.domain/privkey.pem;
access_log /var/log/nginx/merchant.log;
error_log /var/log/nginx/merchant.err;
location / {
proxy_pass http://unix:/var/run/taler-merchant/httpd/merchant-http.sock;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host "your.domain";
proxy_set_header X-Forwarded-Proto "https";
}
}
Activate the Nginx configuration
------------------------------------
Create a symbolic link and test your configuration:
.. code-block:: bash
sudo ln -s /etc/nginx/sites-available/taler-merchant /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
You should see:
``nginx: configuration file /etc/nginx/nginx.conf test is successful``.
Set up Taler merchant in Apache
-------------------------------
In case you prefer Apache, you can set up Taler merchant with it. Firstly, we need to check that it is installed:
.. code-block:: bash
sudo apt install apache2 -y
Open the Apache configuration file for Taler merchant:
.. code-block:: bash
nano /etc/apache2/sites-available/taler-merchant.conf
Replace ``your.domain`` with your domain name as needed:
.. code-block:: apache2
ServerName your.domain
ErrorLog /var/log/apache2/merchant-error.log
CustomLog /var/log/apache2/merchant-access.log combined
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/
ProxyPassReverse / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/
RequestHeader set X-Forwarded-Proto "http"
ServerName your.domain
ErrorLog /var/log/apache2/merchant-error.log
CustomLog /var/log/apache2/merchant-access.log combined
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/your.domain/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/your.domain/privkey.pem
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/
ProxyPassReverse / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/
RequestHeader set X-Forwarded-Proto "https"
Activate the Apache configuration
-----------------------------------
Make sure apache has modules enabled:
.. code-block:: bash
sudo a2enmod proxy proxy_http headers ssl
sudo systemctl restart apache2
Finally, activate the configuration and restart Apache:
.. code-block:: bash
sudo a2ensite taler-merchant
sudo systemctl reload apache2
You could also run test the configuration with:
.. code-block:: bash
sudo apache2ctl configtest
If you see ``Syntax OK``, the configuration is correct.
Access the Taler merchant
-------------------------
Open your browser and navigate to the domain you entered before. You should see the Taler merchant interface if everything is configured correctly.