2. Installation

Note

Currently, GNU Anastasis is released as alpha-quality software. When testing Anastasis, please choose demoland as your country of residence! It is not yet production ready! You cannot rely on it to keep your secrets recoverable today! In particular, we need to still review the various country-specific questions used to create unique user identifiers at the beginning of the backup and recovery process. Community feedback on those inputs would be particularly welcome!

Please install the following packages before proceeding with the exchange compilation.

  • libsqlite3 >= 3.16.2
  • GNU libunistring >= 0.9.3
  • libcurl >= 7.26 (or libgnurl >= 7.26)
  • libqrencode >= 4.0.0
  • GNU libgcrypt >= 1.6
  • libsodium >= 1.0
  • libargon2 >= 20171227
  • libjansson >= 2.7
  • Postgres >= 9.6, including libpq
  • GNU libmicrohttpd >= 0.9.71
  • GNUnet >= 0.14.0 (from source tarball)
  • GNU Taler exchange
  • GNU Taler merchant backend

Except for the last two, these are available in most GNU/Linux distributions and should just be installed using the respective package manager.

2.1. Installing from source

The following instructions will show how to install libgnunetutil and the GNU Taler exchange from source.

2.1.1. Installing GNUnet

Before you install GNUnet, you must download and install the dependencies mentioned in the previous section, otherwise the build may succeed, but could fail to export some of the tooling required by GNU Taler.

To install GNUnet, unpack the tarball and change into the resulting directory, then proceed as follows:

$ ./configure [--prefix=GNUNETPFX]
$ # Each dependency can be fetched from non standard locations via
$ # the '--with-<LIBNAME>' option. See './configure --help'.
$ make
# make install
# ldconfig

If you did not specify a prefix, GNUnet will install to /usr/local, which requires you to run the last step as root. The ldconfig command (also run as root) makes the shared object libraries (.so files) visible to the various installed programs.

2.1.2. Installing the Taler Exchange

After installing GNUnet, unpack the GNU Taler exchange tarball, change into the resulting directory, and proceed as follows:

$ ./configure [--prefix=EXCHANGEPFX] \
              [--with-gnunet=GNUNETPFX]
$ # Each dependency can be fetched from non standard locations via
$ # the '--with-<LIBNAME>' option. See './configure --help'.
$ make
# make install

If you did not specify a prefix, the exchange will install to /usr/local, which requires you to run the last step as root. You have to specify --with-gnunet=/usr/local if you installed GNUnet to /usr/local in the previous step.

2.1.3. Installing the Taler Merchant

GNU Taler merchant has these additional dependencies:

  • libqrencode >= 4.0.0

The following steps assume all dependencies are installed.

First, unpack the GNU Taler merchant tarball and change into the resulting directory. Then, use the following commands to build and install the merchant backend:

$ ./configure [--prefix=PFX] \
              [--with-gnunet=GNUNETPFX] \
              [--with-exchange=EXCHANGEPFX]
$ # Each dependency can be fetched from non standard locations via
$ # the '--with-<LIBNAME>' option. See './configure --help'.
$ make
# make install

If you did not specify a prefix, the exchange will install to /usr/local, which requires you to run the last step as root.

You have to specify --with-exchange=/usr/local and/or --with-gnunet=/usr/local if you installed the exchange and/or GNUnet to /usr/local in the previous steps.

Depending on the prefixes you specified for the installation and the distribution you are using, you may have to edit /etc/ld.so.conf, adding lines for GNUNETPFX/lib/ and EXCHANGEPFX/lib/ and PFX/lib/ (replace the prefixes with the actual paths you used). Afterwards, you should run ldconfig. Without this step, it is possible that the linker may not find the installed libraries and launching the Taler merchant backend would then fail.

2.1.4. Installing Anastasis

The following steps assume all dependencies are installed.

First, unpack the Anastasis tarball and change into the resulting directory. Then, use the following commands to build and install Anastasis:

$ ./configure [--prefix=PFX] \
              [--with-gnunet=GNUNETPFX] \
              [--with-exchange=EXCHANGEPFX]
$ # Each dependency can be fetched from non standard locations via
$ # the '--with-<LIBNAME>' option. See './configure --help'.
$ make
# make install

If you did not specify a prefix, Anastasis will be installed to /usr/local, which requires you to run the last step as root.

You have to specify --with-exchange=/usr/local and/or --with-gnunet=/usr/local if you installed the exchange and/or GNUnet to /usr/local in the previous steps.

Depending on the prefixes you specified for the installation and the distribution you are using, you may have to edit /etc/ld.so.conf, adding lines for GNUNETPFX/lib/ and EXCHANGEPFX/lib/ and PFX/lib/ (replace the prefixes with the actual paths you used). Afterwards, you should run ldconfig. Without this step, it is possible that the linker may not find the installed libraries and launching the Anastasis backend would then fail.

2.1.5. Installing GNUnet-gtk

The following steps assume at least the GNUnet and Gtk+ dependencies are installed.

First, unpack the gnunet-gtk tarball and change into the resulting directory. Then, use the following commands to build and install gnunet-gtk:

$ ./configure [--prefix=$PFX] \
              [--with-gnunet=$GNUNETPFX]
$ # Each dependency can be fetched from non standard locations via
$ # the '--with-<LIBNAME>' option. See './configure --help'.
$ make
# make install

It is highly recommended to use the same prefix ($PFX) for gnunet-gtk that was used for GNUnet ($GNUNETPFX). If you did not specify a prefix, gnunet-gtk will be installed to /usr/local, which requires you to run the last step as root.

You have to specify --with-gnunet=/usr/local if you installed GNUnet to /usr/local in the previous steps.

Depending on the prefixes you specified for the installation and the distribution you are using, you may have to edit /etc/ld.so.conf, adding lines for $GNUNETPFX/lib/ and $PFX/lib/ (replace the prefixes with the actual paths you used). Afterwards, you should run ldconfig. Without this step, it is possible that the linker may not find the installed libraries and launching gnunet-gtk would then fail.

2.1.6. Installing Anastasis-gtk

The following steps assume at least the GNUnet, gnunet-gtk and Anastasis dependencies are installed.

First, unpack the anastasis-gtk tarball and change into the resulting directory. Then, use the following commands to build and install anastasis-gtk:

$ ./configure [--prefix=PFX] \
              [--with-gnunet=GNUNETPFX] \
              [--with-exchange=EXCHANGEPFX] \
              [--with-anastasis=ANASTASISPFX]
$ # Each dependency can be fetched from non standard locations via
$ # the '--with-<LIBNAME>' option. See './configure --help'.
$ make
# make install

If you did not specify a prefix, anastasis-gtk will be installed to /usr/local, which requires you to run the last step as root.

You have to specify -with-anastasis=/usr/local, --with-exchange=/usr/local and/or --with-gnunet=/usr/local if you installed the exchange and/or GNUnet to /usr/local in the previous steps.

Depending on the prefixes you specified for the installation and the distribution you are using, you may have to edit /etc/ld.so.conf, adding lines for GNUNETPFX/lib/ and EXCHANGEPFX/lib/ and PFX/lib/ (replace the prefixes with the actual paths you used). Afterwards, you should run ldconfig. Without this step, it is possible that the linker may not find the installed libraries and launching anastasis-gtk would then fail.

2.2. Installing Anastasis binary packages on Debian

To install the GNU Taler Debian packages, first ensure that you have the right Debian distribution. At this time, the packages are built for Sid, which means you should use a system which at least includes unstable packages in its source list. We recommend using APT pinning to limit unstable packages to those explicitly requested. To do this, set your /etc/apt/preferences as follows:

Package: *
Pin: release a=stable
Pin-Priority: 700

Package: *
Pin: release a=testing
Pin-Priority: 650

Package: *
Pin: release a=unstable
Pin-Priority: 600

Package: *
Pin: release l=Debian-Security
Pin-Priority: 1000

A typical /etc/apt/sources.list file for this setup which combines Debian stable with more recent packages from testing and unstable would look like this:

deb http://ftp.ch.debian.org/debian/ buster main
deb http://security.debian.org/debian-security buster/updates main
deb http://ftp.ch.debian.org/debian/ testing main
deb http://ftp.ch.debian.org/debian/ unstable main

Naturally, you may want to use different mirrors depending on your region. Additionally, you must add a file to import the GNU Taler packages. Typically, this is done by adding a file /etc/apt/sources.list.d/taler.list that looks like this:

deb https://deb.taler.net/apt/debian sid main

Next, you must import the Taler Systems SA public package signing key into your keyring and update the package lists:

# wget -O - https://taler.net/taler-systems.gpg.key | apt-key add -
# apt update

Note

You may want to verify the correctness of the Taler Systems key out-of-band.

Now your system is ready to install the official GNU Taler binary packages using apt.

2.2.1. Installing the graphical front-end

To install the Anastasis Gtk+ frontend, you can simply run:

# apt install anastasis-gtk

To use anastasis-gtk, you can simply run:

$ anastasis-gtk

2.2.2. Installing the backend

If you want to install the Anastasis backend-end (which normal users do not need), you should run:

# apt install -t sid anastasis-httpd

Note that the latter package does not perform all of the configuration work. It does setup the user users and the systemd service scripts, but you still must configure the database backup, HTTP reverse proxy (typically with TLS certificates), Taler merchant backend for payments, authentication services, prices and the terms of service.

Sample configuration files for the HTTP reverse proxy can be found in /etc/anastasis.conf.

Note that the package does not complete the integration of the backend with the HTTP reverse proxy (typically with TLS certificates). A configuration fragment for Nginx or Apache will be placed in /etc/{apache,nginx}/conf-available/anastasis.conf.

To operate an Anastasis backend with payments, you additionally need to install a Taler merchant backend via:

# apt install -t sid taler-merchant-httpd

2.3. Installing Anastasis binary packages on Ubuntu

To install the GNU Taler Ubuntu packages, first ensure that you have the right Ubuntu distribution. At this time, the packages are built for Ubuntu 20.04 LTS (Focal Fossa).

A typical /etc/apt/sources.list.d/taler.list file for this setup would look like this:

deb https://deb.taler.net/apt/ubuntu/ focal-fossa main

The last line is crucial, as it adds the GNU Taler packages.

Next, you must import the Taler Systems SA public package signing key into your keyring and update the package lists:

# wget -O - https://taler.net/taler-systems.gpg.key | apt-key add -
# apt update

Note

You may want to verify the correctness of the Taler Systems key out-of-band.

Now your system is ready to install the official GNU Taler binary packages using apt.

2.3.1. Installing the graphical front-end

To install the Anastasis front-end, you can now simply run:

# apt install -t focal-fossa anastasis-gtk

To use anastasis-gtk, you can simply run:

$ anastasis-gtk

2.3.2. Installing the backend

If you want to install the Anastasis backend-end (which normal users do not need), you should run:

# apt install -t focal-fossa anastasis-httpd

Note that the latter package does not perform all of the configuration work. It does setup the user users and the systemd service scripts, but you still must configure the database backup, HTTP reverse proxy (typically with TLS certificates), Taler merchant backend for payments, authentication services, prices and the terms of service.

Sample configuration files for the HTTP reverse proxy can be found in /etc/anastasis.conf.

To operate an Anastasis backend with payments, you additionally need to install a Taler merchant backend via:

# apt install -t sid taler-merchant-httpd