Installation on Debian ===================== Have a Debian server ----------------------- Ensure you have a Debian server up and running before proceeding. Add the Taler repository to the apt sources list --------------------------------------------------- To add the Taler repository to your apt sources, run: .. code-block:: bash echo 'deb [signed-by=/etc/apt/keyrings/taler-systems.gpg] https://deb.taler.net/apt/debian bookworm main' | sudo tee /etc/apt/sources.list.d/taler.list Import the Taler Systems SA public key and install packages -------------------------------------------------------------- You must import the Taler Systems SA package signing key and then update/upgrade packages: .. code-block:: bash wget -O /etc/apt/keyrings/taler-systems.gpg https://taler.net/taler-systems.gpg sudo apt update sudo apt upgrade -y sudo apt install postgresql nginx taler-merchant certbot python3-certbot-nginx -y Configure the Taler merchant database ---------------------------------------- For the Taler merchant backend, configure the PostgreSQL database by running: .. code-block:: bash taler-merchant-dbconfig Start the Taler merchant services ------------------------------------ Enable and start the Taler merchant services: .. code-block:: bash systemctl enable --now taler-merchant.target Check that Taler merchant is running --------------------------------------- Verify that the merchant service is active: .. code-block:: bash systemctl status taler-merchant-httpd.service If you see **active (running)**, the Backend is installed successfully. Press **q** to exit the status screen. Configure a DNS record ------------------------- Create a new DNS record with your domain registrar: - **Type**: A - **Name**: backend (or a subdomain of your choice, in this tutorial we are using **tutorial**) - **Value**: Your server’s IP address Return to this guide after the DNS record is set up. Create HTTPS certificates ---------------------------- Use Certbot to request an SSL/TLS certificate. Replace ``your.domain`` with your domain: .. code-block:: bash sudo certbot certonly --webroot -w /var/www/html -d your.domain Follow the prompts to provide an email address and accept the terms of service. Set up Taler merchant in Nginx --------------------------------- Open the Nginx configuration file for Taler merchant: .. code-block:: bash nano /etc/nginx/sites-available/taler-merchant Replace ``your.domain`` with your domain name as needed: .. code-block:: bash server { listen 80; listen [::]:80; server_name your.domain; access_log /var/log/nginx/merchant.log; error_log /var/log/nginx/merchant.err; location / { proxy_pass http://unix:/var/run/taler-merchant/httpd/merchant-http.sock; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host "your.domain"; proxy_set_header X-Forwarded-Proto "http"; } } server { listen 443 ssl; listen [::]:443 ssl; server_name your.domain; ssl_certificate /etc/letsencrypt/live/your.domain/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/your.domain/privkey.pem; access_log /var/log/nginx/merchant.log; error_log /var/log/nginx/merchant.err; location / { proxy_pass http://unix:/var/run/taler-merchant/httpd/merchant-http.sock; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host "your.domain"; proxy_set_header X-Forwarded-Proto "https"; } } Activate the Nginx configuration ------------------------------------ Create a symbolic link and test your configuration: .. code-block:: bash sudo ln -s /etc/nginx/sites-available/taler-merchant /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx You should see: ``nginx: configuration file /etc/nginx/nginx.conf test is successful``. Set up Taler merchant in Apache ------------------------------- In case you prefer Apache, you can set up Taler merchant with it. Firstly, we need to check that it is installed: .. code-block:: bash sudo apt install apache2 -y Open the Apache configuration file for Taler merchant: .. code-block:: bash nano /etc/apache2/sites-available/taler-merchant.conf Replace ``your.domain`` with your domain name as needed: .. code-block:: apache2 ServerName your.domain ErrorLog /var/log/apache2/merchant-error.log CustomLog /var/log/apache2/merchant-access.log combined ProxyPreserveHost On ProxyRequests Off ProxyPass / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/ ProxyPassReverse / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/ RequestHeader set X-Forwarded-Proto "http" ServerName your.domain ErrorLog /var/log/apache2/merchant-error.log CustomLog /var/log/apache2/merchant-access.log combined SSLEngine On SSLCertificateFile /etc/letsencrypt/live/your.domain/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/your.domain/privkey.pem ProxyPreserveHost On ProxyRequests Off ProxyPass / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/ ProxyPassReverse / unix:/var/run/taler-merchant/httpd/merchant-http.sock|http://localhost/ RequestHeader set X-Forwarded-Proto "https" Activate the Apache configuration ----------------------------------- Make sure apache has modules enabled: .. code-block:: bash sudo a2enmod proxy proxy_http headers ssl sudo systemctl restart apache2 Finally, activate the configuration and restart Apache: .. code-block:: bash sudo a2ensite taler-merchant sudo systemctl reload apache2 You could also run test the configuration with: .. code-block:: bash sudo apache2ctl configtest If you see ``Syntax OK``, the configuration is correct. Access the Taler merchant ------------------------- Open your browser and navigate to the domain you entered before. You should see the Taler merchant interface if everything is configured correctly.