BTCPay and documentation updates.

This commit is contained in:
Derek Smith 2022-10-26 19:33:43 -04:00
parent 286fd7176c
commit a3db31986b
Signed by: farscapian
GPG Key ID: 8F1CD799CCA516CC
11 changed files with 58 additions and 65 deletions

View File

@ -1,3 +1,13 @@
# Documentation # Documentation
All documentation for this project can be found at the [sovereign-stack.org](https://www.sovereign-stack.org). The Sovereign Stack scripts in this repository are meant to be cloned to and executed from your management machine.
You can update Sovereign Stack scripts on your management machine by running `git pull --all`. Generally, you want to use ONLY signed git tags for your deployments. Use `git checkout v0.1.0` for example to switch to a specific version of Sovereign Stack. The scripts ensure check to ensure that the code you're running on your management machine is GREATER THAN OR EQUAL TO each of your active deployments (TODO).
Once your managent machine is using a specific version of code, you will want to run the various scripts. But before you can do that, you need to bring a bare-metal Ubuntu 22.04 cluster host under management. Generally speaking you will run `ss-cluster` to bring a new bare-metal host under management of your management machine. This can be run AFTER you have verified SSH access to the bare-metal hosts. The device SHOULD also have a DHCP Reservation and DNS records in place.
After you have taken a machine under management, you can run `ss-deploy` it. All Sovereign Stack scripts execute against your current lxc remote. (Run `lxc remote list` to see your remotes). This will deploy Sovereign Stack software to your active remote in accordance with the various cluster, project, and site defintions. These files are stubbed out for the user automatically and documetnation guides the user through the process.
It is the responsiblity of the management machine (i.e,. system owner) to run the scripts on a regular and ongoing basis to ensure active deployments stay up-to-date with the Sovereign Stack master branch.
All other documentation for this project can be found at the [sovereign-stack.org](https://www.sovereign-stack.org).

View File

@ -167,7 +167,7 @@ ssh -t "ubuntu@$FQDN" "
# install lxd as a snap if it's not installed. We only really use the LXC part of this package. # install lxd as a snap if it's not installed. We only really use the LXC part of this package.
if ! snap list | grep -q lxd; then if ! snap list | grep -q lxd; then
sudo -A snap install lxd sudo snap install lxd --candidate
sleep 4 sleep 4
fi fi
" "
@ -196,7 +196,7 @@ networks:
dns.mode: "none" dns.mode: "none"
#managed: true #managed: true
description: ss-config,${DATA_PLANE_MACVLAN_INTERFACE:-},${DISK_TO_USE:-} description: ss-config,${DATA_PLANE_MACVLAN_INTERFACE:-},${DISK_TO_USE:-}
# lxdbrSS is an isolated bridge; no Internet access. # lxdbrSS is an isolated inter-vm network segment with no outbount Internet access.
cluster: cluster:
server_name: ${CLUSTER_NAME} server_name: ${CLUSTER_NAME}

View File

@ -2,9 +2,8 @@
set -eu set -eu
export DEPLOY_WWW_SERVER=false
export WWW_SERVER_MAC_ADDRESS= export WWW_SERVER_MAC_ADDRESS=
export DEPLOY_BTCPPAY_SERVER=false
export DEPLOY_GHOST=true export DEPLOY_GHOST=true
export DEPLOY_NOSTR_RELAY=true export DEPLOY_NOSTR_RELAY=true
@ -13,8 +12,8 @@ export DEPLOY_NEXTCLOUD=false
export DEPLOY_GITEA=false export DEPLOY_GITEA=false
export WWW_HOSTNAME="www" export WWW_HOSTNAME="www"
export BTCPAY_HOSTNAME="btcpay" export BTCPAY_HOSTNAME="btcpayserver"
export BTCPAY_HOSTNAME_IN_CERT="tip" export BTCPAY_HOSTNAME_IN_CERT="btcpay"
export NEXTCLOUD_HOSTNAME="nextcloud" export NEXTCLOUD_HOSTNAME="nextcloud"
export GITEA_HOSTNAME="git" export GITEA_HOSTNAME="git"
export NOSTR_HOSTNAME="relay" export NOSTR_HOSTNAME="relay"
@ -58,8 +57,6 @@ BTCPAY_INSTANCE_TYPE="t2.medium"
export WWW_INSTANCE_TYPE="$WWW_INSTANCE_TYPE" export WWW_INSTANCE_TYPE="$WWW_INSTANCE_TYPE"
export BTCPAY_INSTANCE_TYPE="$BTCPAY_INSTANCE_TYPE" export BTCPAY_INSTANCE_TYPE="$BTCPAY_INSTANCE_TYPE"
# TODO REMOVE SMTP_PASSWORD ONCE VERIFIED NO LONGER NEEDED
#export SMTP_PASSWORD=
export GHOST_MYSQL_PASSWORD= export GHOST_MYSQL_PASSWORD=
export GHOST_MYSQL_ROOT_PASSWORD= export GHOST_MYSQL_ROOT_PASSWORD=
export NEXTCLOUD_MYSQL_PASSWORD= export NEXTCLOUD_MYSQL_PASSWORD=
@ -110,7 +107,7 @@ DEFAULT_DB_IMAGE="mariadb:10.9.3-jammy"
# run the docker stack. # run the docker stack.
export GHOST_IMAGE="ghost:5.18.0" export GHOST_IMAGE="ghost:5.20.0"
# TODO switch to mysql. May require intricate export work. THIS MUST BE COMPLETED BEFORE v1 RELEASE # TODO switch to mysql. May require intricate export work. THIS MUST BE COMPLETED BEFORE v1 RELEASE
#https://forum.ghost.org/t/how-to-migrate-from-mariadb-10-to-mysql-8/29575 #https://forum.ghost.org/t/how-to-migrate-from-mariadb-10-to-mysql-8/29575

View File

@ -29,16 +29,15 @@ VPS_HOSTING_TARGET=lxd
RUN_CERT_RENEWAL=false RUN_CERT_RENEWAL=false
RESTORE_WWW=false RESTORE_WWW=false
BACKUP_CERTS=true BACKUP_CERTS=true
BACKUP_APPS=true BACKUP_APPS=false
BACKUP_BTCPAY=false BACKUP_BTCPAY=false
RESTORE_BTCPAY=false RESTORE_BTCPAY=false
MIGRATE_WWW=false MIGRATE_WWW=false
MIGRATE_BTCPAY=false MIGRATE_BTCPAY=false
USER_SKIP_WWW=false SKIP_WWW=false
USER_SKIP_BTCPAY=false SKIP_BTCPAY=false
UPDATE_BTCPAY=false UPDATE_BTCPAY=false
RECONFIGURE_BTCPAY_SERVER=false RECONFIGURE_BTCPAY_SERVER=false
DEPLOY_BTCPAY_SERVER=true
CLUSTER_NAME="$(lxc remote get-default)" CLUSTER_NAME="$(lxc remote get-default)"
STOP_SERVICES=false STOP_SERVICES=false
@ -82,11 +81,11 @@ for i in "$@"; do
shift shift
;; ;;
--skip-www) --skip-www)
USER_SKIP_WWW=true SKIP_WWW=true
shift shift
;; ;;
--skip-btcpay) --skip-btcpay)
USER_SKIP_BTCPAY=true SKIP_BTCPAY=true
shift shift
;; ;;
--backup-ghost) --backup-ghost)
@ -122,6 +121,7 @@ for i in "$@"; do
esac esac
done done
# set up our default paths. # set up our default paths.
source ./defaults.sh source ./defaults.sh
@ -134,7 +134,7 @@ export STOP_SERVICES="$STOP_SERVICES"
export BACKUP_CERTS="$BACKUP_CERTS" export BACKUP_CERTS="$BACKUP_CERTS"
export BACKUP_APPS="$BACKUP_APPS" export BACKUP_APPS="$BACKUP_APPS"
export RESTORE_BTCPAY="$RESTORE_BTCPAY" export RESTORE_BTCPAY="$RESTORE_BTCPAY"
export BACKUP_BTCPAY="$RESTORE_BTCPAY" export BACKUP_BTCPAY="$BACKUP_BTCPAY"
export MIGRATE_WWW="$MIGRATE_WWW" export MIGRATE_WWW="$MIGRATE_WWW"
export MIGRATE_BTCPAY="$MIGRATE_BTCPAY" export MIGRATE_BTCPAY="$MIGRATE_BTCPAY"
export RUN_CERT_RENEWAL="$RUN_CERT_RENEWAL" export RUN_CERT_RENEWAL="$RUN_CERT_RENEWAL"
@ -283,10 +283,13 @@ function instantiate_vms {
DDNS_HOST= DDNS_HOST=
MIGRATE_VPS=false MIGRATE_VPS=false
if [ "$VIRTUAL_MACHINE" = www ]; then if [ "$VIRTUAL_MACHINE" = www ]; then
if [ "$DEPLOY_WWW_SERVER" = false ] || [ "$USER_SKIP_WWW" = true ]; then echo "GOT HERE!!!"
if [ "$SKIP_WWW" = true ]; then
continue continue
fi fi
echo "AND HERE"
exit 1
VPS_HOSTNAME="$WWW_HOSTNAME" VPS_HOSTNAME="$WWW_HOSTNAME"
MAC_ADDRESS_TO_PROVISION="$WWW_SERVER_MAC_ADDRESS" MAC_ADDRESS_TO_PROVISION="$WWW_SERVER_MAC_ADDRESS"
DDNS_HOST="$WWW_HOSTNAME" DDNS_HOST="$WWW_HOSTNAME"
@ -294,11 +297,7 @@ function instantiate_vms {
if [ "$MIGRATE_WWW" = true ]; then if [ "$MIGRATE_WWW" = true ]; then
MIGRATE_VPS=true MIGRATE_VPS=true
fi fi
elif [ "$VIRTUAL_MACHINE" = btcpayserver ] || [ "$USER_SKIP_BTCPAY" = true ]; then elif [ "$VIRTUAL_MACHINE" = btcpayserver ] || [ "$SKIP_BTCPAY" = true ]; then
if [ "$DEPLOY_BTCPAY_SERVER" = false ]; then
continue
fi
DDNS_HOST="$BTCPAY_HOSTNAME" DDNS_HOST="$BTCPAY_HOSTNAME"
VPS_HOSTNAME="$BTCPAY_HOSTNAME" VPS_HOSTNAME="$BTCPAY_HOSTNAME"
MAC_ADDRESS_TO_PROVISION="$BTCPAYSERVER_MAC_ADDRESS" MAC_ADDRESS_TO_PROVISION="$BTCPAYSERVER_MAC_ADDRESS"
@ -470,9 +469,7 @@ function stub_project_definition {
# see https://www.sovereign-stack.org/project-definition for more info. # see https://www.sovereign-stack.org/project-definition for more info.
export DEPLOY_WWW_SERVER=true
export WWW_SERVER_MAC_ADDRESS="CHANGE_ME_REQUIRED" export WWW_SERVER_MAC_ADDRESS="CHANGE_ME_REQUIRED"
export DEPLOY_BTCPAY_SERVER=true
export BTCPAYSERVER_MAC_ADDRESS="CHANGE_ME_REQUIRED" export BTCPAYSERVER_MAC_ADDRESS="CHANGE_ME_REQUIRED"
# export BTC_CHAIN=mainnet # export BTC_CHAIN=mainnet
export PRIMARY_DOMAIN="CHANGE_ME" export PRIMARY_DOMAIN="CHANGE_ME"

View File

@ -7,6 +7,10 @@ cd "$(dirname "$0")"
# the script executed here from the BTCPAY repo will automatically take services down # the script executed here from the BTCPAY repo will automatically take services down
# and bring them back up. # and bring them back up.
echo "INFO!!!!!!!!!!! IN BTCPAY BACKUP SCRIPT."
sleep 4
ssh "$FQDN" "mkdir -p $REMOTE_HOME/backups; cd $REMOTE_HOME/; sudo BTCPAY_BASE_DIRECTORY=$REMOTE_HOME bash -c $BTCPAY_SERVER_APPPATH/btcpay-down.sh" ssh "$FQDN" "mkdir -p $REMOTE_HOME/backups; cd $REMOTE_HOME/; sudo BTCPAY_BASE_DIRECTORY=$REMOTE_HOME bash -c $BTCPAY_SERVER_APPPATH/btcpay-down.sh"
# TODO enable encrypted archives # TODO enable encrypted archives
@ -19,4 +23,11 @@ ssh "$FQDN" "cd $REMOTE_HOME/; sudo BTCPAY_BASE_DIRECTORY=$REMOTE_HOME BTCPAY_DO
ssh "$FQDN" "sudo cp /var/lib/docker/volumes/backup_datadir/_data/backup.tar.gz $REMOTE_HOME/backups/btcpay.tar.gz" ssh "$FQDN" "sudo cp /var/lib/docker/volumes/backup_datadir/_data/backup.tar.gz $REMOTE_HOME/backups/btcpay.tar.gz"
ssh "$FQDN" "sudo chown ubuntu:ubuntu $REMOTE_HOME/backups/btcpay.tar.gz" ssh "$FQDN" "sudo chown ubuntu:ubuntu $REMOTE_HOME/backups/btcpay.tar.gz"
scp "$FQDN:$REMOTE_HOME/backups/btcpay.tar.gz" "$LOCAL_BACKUP_PATH/$1.tar.gz"
LOCAL_BACKUP_PATH="$SITE_PATH/backups/btcpayserver/$BACKUP_TIMESTAMP"
mkdir -p "$LOCAL_BACKUP_PATH"
scp "$FQDN:$REMOTE_HOME/backups/btcpay.tar.gz" "$LOCAL_BACKUP_PATH/$UNIX_BACKUP_TIMESTAMP.tar.gz"
sleep 5
echo "EXITING SCRIPT"

View File

@ -1,2 +0,0 @@
# we append this text to the btcpay server /home/ubuntu/.bashrc so
# logged in users have more common access to the variou

View File

@ -0,0 +1,6 @@
# we append this text to the btcpay server /home/ubuntu/.bashrc so
# logged in users have more common access to the variou
alias bitcoin-cli="bitcoin-cli.sh $@"
alias lightning-cli="bitcoin-lightning-cli.sh $@"

View File

@ -46,7 +46,7 @@ fi
# if the script gets this far, then we grab a regular backup. # if the script gets this far, then we grab a regular backup.
if [ "$BACKUP_BTCPAY" = true ]; then if [ "$BACKUP_BTCPAY" = true ]; then
# we just grab a regular backup # we just grab a regular backup
./backup.sh "$UNIX_BACKUP_TIMESTAMP" ./backup_btcpay.sh
fi fi
if [ "$RUN_SERVICES" = true ]; then if [ "$RUN_SERVICES" = true ]; then

View File

@ -41,23 +41,8 @@ export BTCPAYGEN_ADDITIONAL_FRAGMENTS="opt-save-storage-s;opt-add-btctransmuter;
export BTCPAYGEN_REVERSEPROXY="nginx" export BTCPAYGEN_REVERSEPROXY="nginx"
export BTCPAY_ENABLE_SSH=false export BTCPAY_ENABLE_SSH=false
export BTCPAY_BASE_DIRECTORY=${REMOTE_HOME} export BTCPAY_BASE_DIRECTORY=${REMOTE_HOME}
EOL
# can add opt-add-tor-relay; in BTCPAYGEN_ADDITIONAL_FRAGMENTS
if [ "$VPS_HOSTING_TARGET" = lxd ]; then
cat >> "$SITE_PATH/btcpay.sh" <<EOL
export BTCPAYGEN_EXCLUDE_FRAGMENTS="nginx-https" export BTCPAYGEN_EXCLUDE_FRAGMENTS="nginx-https"
export REVERSEPROXY_DEFAULT_HOST="$BTCPAY_USER_FQDN" export REVERSEPROXY_DEFAULT_HOST="$BTCPAY_USER_FQDN"
EOL
elif [ "$VPS_HOSTING_TARGET" = aws ]; then
cat >> "$SITE_PATH/btcpay.sh" <<EOL
export BTCPAY_ADDITIONAL_HOSTS="${BTCPAY_ADDITIONAL_HOSTNAMES}"
export LETSENCRYPT_EMAIL="${CERTIFICATE_EMAIL_ADDRESS}"
EOL
fi
cat >> "$SITE_PATH/btcpay.sh" <<EOL
if [ "\$NBITCOIN_NETWORK" != regtest ]; then if [ "\$NBITCOIN_NETWORK" != regtest ]; then
# run fast_sync if it's not been done before. # run fast_sync if it's not been done before.
@ -74,6 +59,11 @@ fi
EOL EOL
# send an updated ~/.bashrc so we have quicker access to cli tools
scp ./bashrc.txt "ubuntu@$FQDN:$REMOTE_HOME/.bashrc"
ssh "$BTCPAY_FQDN" "chown ubuntu:ubuntu $REMOTE_HOME/.bashrc"
ssh "$BTCPAY_FQDN" "chmod 0664 $REMOTE_HOME/.bashrc"
# send the setup script to the remote machine. # send the setup script to the remote machine.
scp "$SITE_PATH/btcpay.sh" "ubuntu@$FQDN:$REMOTE_HOME/btcpay_setup.sh" scp "$SITE_PATH/btcpay.sh" "ubuntu@$FQDN:$REMOTE_HOME/btcpay_setup.sh"
ssh "$BTCPAY_FQDN" "chmod 0744 $REMOTE_HOME/btcpay_setup.sh" ssh "$BTCPAY_FQDN" "chmod 0744 $REMOTE_HOME/btcpay_setup.sh"

View File

@ -115,12 +115,8 @@ EOL
EOL EOL
fi fi
# REDIRECT FOR BTCPAY_USER_FQDN # BTCPAY server http->https redirect
if [ "$VPS_HOSTING_TARGET" = lxd ]; then cat >>"$NGINX_CONF_PATH" <<EOL
# gitea http to https redirect.
if [ "$DEPLOY_BTCPAY_SERVER" = true ]; then
cat >>"$NGINX_CONF_PATH" <<EOL
# http://${BTCPAY_USER_FQDN} redirect to https://${BTCPAY_USER_FQDN} # http://${BTCPAY_USER_FQDN} redirect to https://${BTCPAY_USER_FQDN}
server { server {
listen 80; listen 80;
@ -131,10 +127,6 @@ EOL
EOL EOL
fi
fi
if [ "$iteration" = 0 ]; then if [ "$iteration" = 0 ]; then
# TLS config for ghost. # TLS config for ghost.
cat >>"$NGINX_CONF_PATH" <<EOL cat >>"$NGINX_CONF_PATH" <<EOL
@ -219,12 +211,8 @@ EOL
EOL EOL
# SERVER block for BTCPAY Server cat >>"$NGINX_CONF_PATH" <<EOL
if [ "$VPS_HOSTING_TARGET" = lxd ]; then # https server block for https://${BTCPAY_USER_FQDN}
if [ "$DEPLOY_BTCPAY_SERVER" = true ]; then
cat >>"$NGINX_CONF_PATH" <<EOL
# http://${BTCPAY_USER_FQDN} redirect to https://${BTCPAY_USER_FQDN}
server { server {
listen 443 ssl http2; listen 443 ssl http2;
@ -250,10 +238,6 @@ EOL
EOL EOL
fi
fi
echo " # set up cache paths for nginx caching" >>"$NGINX_CONF_PATH" echo " # set up cache paths for nginx caching" >>"$NGINX_CONF_PATH"
for LANGUAGE_CODE in ${SITE_LANGUAGE_CODES//,/ }; do for LANGUAGE_CODE in ${SITE_LANGUAGE_CODES//,/ }; do
STACK_NAME="$DOMAIN_IDENTIFIER-$LANGUAGE_CODE" STACK_NAME="$DOMAIN_IDENTIFIER-$LANGUAGE_CODE"

View File

@ -33,7 +33,7 @@ fi
# install lxd as a snap if it's not installed. We only really use the client part of this package # install lxd as a snap if it's not installed. We only really use the client part of this package
# on the management machine. # on the management machine.
if ! snap list | grep -q lxd; then if ! snap list | grep -q lxd; then
sudo snap install lxd sudo snap install lxd --candidate
fi fi
# TODO WORK ON GETTING RID OF THIS DEPENDENCY # TODO WORK ON GETTING RID OF THIS DEPENDENCY