d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
95522d3bca40620da88c5cccb901d297bca52c67
proxmox/scripts/omnl/office2-shamrayan-dryrun.sh
defiQUG b3a8fe4496
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
chore: sync all changes to Gitea 
- Config, docs, scripts, and backup manifests
- Submodule refs unchanged (m = modified content in submodules)

Made-with: Cursor
2026-03-02 11:37:34 -08:00

178 lines
7.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Office 2 / SHAMRAYAN — DRY RUN (NO SEND). Builds payloads and curl commands per API CIS & Procedure SHAMRAYAN PDF.
# Usage: from repo root. Optional: SENDER_SERVER_IP, SOURCE_ACCOUNT_NAME, SOURCE_ACCOUNT_NUMBER (or placeholders).
# Optional: DRYRUN_SKIP_ACK=1 to skip interactive confirmation; DRYRUN_ACK=YES to pre-set acknowledgment.
# See docs/04-configuration/mifos-omnl-central-bank/OFFICE_2_SHAMRAYAN_RUNBOOK.md
set -euo pipefail
REPO_ROOT="${REPO_ROOT:-$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)}"
cd "$REPO_ROOT"
# =========================
# Office 2 / SHAMRAYAN — DRY RUN
# =========================
# ---- OMNL side (ledger mirror happens ONLY after settled; DRY RUN will NOT mirror/post) ----
export OMNL_OFFICE_ID="2" # SHAMRAYAN
export OMNL_AMOUNT="5000000000" # 5B
export OMNL_CURRENCY="USD"
export OMNL_TX_DATE="${OMNL_TX_DATE:-$(date +%F)}"
# ---- P2P banking rail (from SHAMRAYAN PDF) ----
export P2P_BASE_URL="https://banktransfer.devmindgroup.com"
export P2P_ENDPOINT_BANK_SERVERS="/api/bank-servers"
export P2P_ENDPOINT_BANK_ACCOUNTS="/api/bank-accounts"
export P2P_ENDPOINT_TRANSACTIONS="/api/transactions"
# Receiver (from runbook / package)
export RECEIVER_BANK_NAME="DFCU Bank Limited"
export RECEIVER_SWIFT="DFCUUGKA"
export RECEIVER_ACCOUNT_NAME="SHAMRAYAN ENTERPRISES"
export RECEIVER_ACCOUNT_NUMBER="02650010158937"
export RECEIVER_COUNTRY="Uganda"
export PROVIDER="SWIFT"
export CHANNEL="Instant Server Settlement"
# Auth: vault-only. Do not commit tokens. Set P2P_BEARER_TOKEN and P2P_API_KEY when running EXECUTE.
# export P2P_API_KEY="<from vault omnl/offices/2/p2p>"
# export P2P_BEARER_TOKEN="<from vault omnl/offices/2/p2p>"
# ---- Required operator fields (placeholders for artifact building) ----
export APPROVER="${APPROVER:-<<APPROVER_NAME>>}"
# Sender-side placeholders (set to real values for EXECUTE)
export SENDER_SERVER_NAME="${SENDER_SERVER_NAME:-OMNL-OFF2-SHAMRAYAN}"
export SENDER_SERVER_IP="${SENDER_SERVER_IP:-<<SENDER_SERVER_PUBLIC_IP>>}"
export SOURCE_ACCOUNT_NAME="${SOURCE_ACCOUNT_NAME:-<<HYBX_SOURCE_ACCOUNT_NAME>>}"
export SOURCE_ACCOUNT_NUMBER="${SOURCE_ACCOUNT_NUMBER:-<<HYBX_SOURCE_ACCOUNT_NUMBER>>}"
# ---- Idempotency (runbook rule) ----
TS="$(date +%Y%m%d)-$(date +%H%M%S)"
export IDEMPOTENCY_KEY="OFF2-SHAMRAYAN-5B-${TS}"
# ---- Evidence folder (runbook package) ----
OUT_DIR="reconciliation/p2p-office2-${TS}"
mkdir -p "$OUT_DIR"
printf "%s\n" "$IDEMPOTENCY_KEY" > "${OUT_DIR}/03_idempotency_key.txt"
echo "== DRY RUN: Office 2 SHAMRAYAN (NO SEND) =="
echo "Evidence folder: $OUT_DIR"
echo "Idempotency key: $IDEMPOTENCY_KEY"
echo
# =========================
# [A] API connectivity check (safe)
# =========================
echo "== [A] API connectivity check =="
curl -sS -I "${P2P_BASE_URL}" 2>/dev/null | head -n 5 | tee "${OUT_DIR}/00_api_head.txt" || true
echo
# =========================
# [B] Build the three payloads (NO POST)
# =========================
echo "== [B] Building payloads (NO POST) =="
# Step 1 per API doc: name + server_ip_address only (no id, channel, or idempotency_key in doc)
cat > "${OUT_DIR}/01_bank_server.request.json" <<JSON
{
"name": "${SENDER_SERVER_NAME}",
"server_ip_address": "${SENDER_SERVER_IP}"
}
JSON
# Step 2 per API doc: bank_server, account_name, account_number only
cat > "${OUT_DIR}/02_bank_account.request.json" <<JSON
{
"bank_server": "<<BANK_SERVER_ID_FROM_STEP_1>>",
"account_name": "${SOURCE_ACCOUNT_NAME}",
"account_number": "${SOURCE_ACCOUNT_NUMBER}"
}
JSON
# Step 3 per API doc: transaction_type bank_transfer, channel optional
cat > "${OUT_DIR}/03_transaction.request.json" <<JSON
{
"transaction_type": "bank_transfer",
"amount": ${OMNL_AMOUNT},
"currency": "${OMNL_CURRENCY}",
"source_account": "<<BANK_ACCOUNT_ID_FROM_STEP_2>>",
"target_iban": null,
"target_swift_code": "${RECEIVER_SWIFT}",
"target_bank_account_number": "${RECEIVER_ACCOUNT_NUMBER}",
"target_bank_name": "${RECEIVER_BANK_NAME}",
"target_country": "${RECEIVER_COUNTRY}",
"provider": "${PROVIDER}",
"reference": "${IDEMPOTENCY_KEY}",
"channel": "${CHANNEL}"
}
JSON
echo "Wrote:"
ls -1 "${OUT_DIR}/01_bank_server.request.json" "${OUT_DIR}/02_bank_account.request.json" "${OUT_DIR}/03_transaction.request.json"
echo
# =========================
# [C] Print the EXACT curl commands (still NO POST)
# =========================
echo "== [C] Commands that would be run in EXECUTE mode (NOT RUN NOW) =="
RUN_DIR="p2p-office2-${TS}"
cat > "${OUT_DIR}/DRYRUN.commands.txt" <<TXT
# 1) Create bank server
curl -sS -X POST "\${P2P_BASE_URL}\${P2P_ENDPOINT_BANK_SERVERS}" \\
-H "Content-Type: application/json" \\
-H "Authorization: Bearer \${P2P_BEARER_TOKEN}" \\
-H "x-api-key: \${P2P_API_KEY}" \\
-d @reconciliation/${RUN_DIR}/01_bank_server.request.json | tee reconciliation/${RUN_DIR}/01_bank_server.response.json
# 2) Create bank account (replace <<BANK_SERVER_ID_FROM_STEP_1>> in 02 request with id from step 1 response)
curl -sS -X POST "\${P2P_BASE_URL}\${P2P_ENDPOINT_BANK_ACCOUNTS}" \\
-H "Content-Type: application/json" \\
-H "Authorization: Bearer \${P2P_BEARER_TOKEN}" \\
-H "x-api-key: \${P2P_API_KEY}" \\
-d @reconciliation/${RUN_DIR}/02_bank_account.request.json | tee reconciliation/${RUN_DIR}/02_bank_account.response.json
# 3) Create transaction (send) — replace <<BANK_ACCOUNT_ID_FROM_STEP_2>> in 03 request with id from step 2 response
curl -sS -X POST "\${P2P_BASE_URL}\${P2P_ENDPOINT_TRANSACTIONS}" \\
-H "Content-Type: application/json" \\
-H "Authorization: Bearer \${P2P_BEARER_TOKEN}" \\
-H "x-api-key: \${P2P_API_KEY}" \\
-d @reconciliation/${RUN_DIR}/03_transaction.request.json | tee reconciliation/${RUN_DIR}/03_transaction.response.json
TXT
echo "Saved: ${OUT_DIR}/DRYRUN.commands.txt"
echo
# =========================
# [D] Operator confirmation gate (still NO SEND)
# =========================
echo "== [D] CONFIRMATION GATE =="
echo "Check these before any real send:"
echo " - SENDER_SERVER_IP is correct (public sender IP): ${SENDER_SERVER_IP}"
echo " - SOURCE_ACCOUNT_* are your real HYBX source identifiers"
echo " - Amount/currency match: ${OMNL_AMOUNT} ${OMNL_CURRENCY}"
echo " - Receiver: ${RECEIVER_BANK_NAME}, SWIFT ${RECEIVER_SWIFT}, ACCT ${RECEIVER_ACCOUNT_NUMBER}, ${RECEIVER_COUNTRY}"
echo " - Idempotency key recorded: ${IDEMPOTENCY_KEY}"
echo
if [ -t 0 ] && [ "${DRYRUN_SKIP_ACK:-0}" != "1" ]; then
read -r -p 'Type YES to acknowledge DRY RUN artifacts look correct (NO SEND happens either way): ' ACK
else
ACK="${DRYRUN_ACK:-SKIPPED}"
echo "Non-interactive: ACK=${ACK}"
fi
echo "ACK=${ACK}" | tee "${OUT_DIR}/DRYRUN.ack.txt"
echo
echo "DRY RUN COMPLETE. Nothing was sent."
echo ""
echo "--- EXECUTE (only after you confirm; load vault secrets first) ---"
echo "export P2P_BEARER_TOKEN=\"<<from vault>>\""
echo "export P2P_API_KEY=\"<<from vault if required>>\""
echo "export P2P_BASE_URL=\"https://banktransfer.devmindgroup.com\""
echo "export P2P_ENDPOINT_BANK_SERVERS=\"/api/bank-servers\""
echo "export P2P_ENDPOINT_BANK_ACCOUNTS=\"/api/bank-accounts\""
echo "export P2P_ENDPOINT_TRANSACTIONS=\"/api/transactions\""
echo "RUN_DIR=\"$(basename "$OUT_DIR")\""
echo "bash -c \"set -euo pipefail; source omnl-fineract/.env 2>/dev/null || true; cat reconciliation/\\\${RUN_DIR}/DRYRUN.commands.txt | bash\""
echo "---"
Reference in New Issue View Git Blame Copy Permalink