Versions Compared

Old Version 5

changes.mady.by.user Karel Kyovsky

Saved on

compared with

New Version 6

changes.mady.by.user Karel Kyovsky

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Terminals connect to Server via VPN that is being provided by additional hardware such as router. This scenario is considered as more secure then A as the VPN configuration is NOT distributed by CAS.

...

Notes

Gate service

Listens for terminal’s pairing requests. In case of successful pairing gate service sends terminal VPN configuration including the information on where to connect to master service. Prior paring terminal VPN configuration must exist.
Gate service uses batmgate unix user, which is member of batm group.
Gate service is listening on port 7741. Please note that same port uses master service but on different interface.

Note

Gate service is only compatible with terminals running on version 20230801 and newer! Terminals running older software will automatically get upgraded by gate service.

Configuration of gate service

/batm/config/network

See the example below to see that every service has it’s own bind IP address used to run application enabling expected behavior, basic setup will be created during first batm-manage start

Code Block
public_ip=1.2.3.4
master_bind_ip=10.1.1.1
admin_bind_ip=10.1.1.2
gate_bind_ip=10.1.1.3

/batm/config/gate.properties

Basic properties fully functional will be generated by first batm-manage start gate (or all when it comes to gate service)

However gate service can be further configured by following properties:

  • batm.processing-slots

    • optional, default value: 20

    • this property is used to throttle upgrade traffic so server won’t be overloaded by too many terminals downloading upgrade packages at a time

  • batm.download

    • optional, default value: /batm/app/shared/

    • location where terminal upgrade package used to upgrade terminals to version 20230801 will be located, package will be downloaded once and then reused for all terminals

    • make sure location has correct permission and is accessible to batmgate user

Master service

Listens to terminal’s requests. Answers only terminal requests that are coming from trusted ( paired ) devicesterminals.
Master service uses batmmaster unix user, which is member of batm group.
Master service is listening on port 7741. Please note that same port uses gate service but on different interface.

Note

Master service should never be exposed to the Internet.

Admin service

Listens to user's browser requests. Enables CAS users to configure ATMs remotely and inspect processed transactions.
Admin service uses batmadmin unix user, which is member of batm group.

Admin service is listening on port 7777.

Note

Admin service should never be exposed to the Internet.

Extensions

Very powerful way how to extend existing server’s functionality. More can be read here.