You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

63 lines
3.0 KiB

# How to use docker-compose with NGinx
6 years ago
NGinx acts as a reverse proxy, and takes care of renewing HTTPS certificates for you.
BTCPay Server deployment using NGinx are typically composed of:
1. One full node per supported cryptocurrency (bitcoind/litecoind)
2. A lightweight block explorer ([NBxplorer](https://github.com/dgarage/NBXplorer))
3. A [BTCPay Server](https://github.com/btcpayserver/btcpayserver)
4. A database (Postgres)
5. A reverse proxy (NGINX)
6. Two containers configuring NGINX as a reverse proxy and renewing SSL certificates.
![Architecture](Production.png)
7 years ago
[The Deploy on Azure Button](https://github.com/btcpayserver/btcpayserver-azure) is using this `docker-compose` under the hood on an Ubuntu machine. You can use it on any docker supporting host.
The relevant environment variables are:
* `NBITCOIN_NETWORK`: The blockchain identifier used by NBitcoin (eg., `regtest`, `testnet`, `mainnet`)
* `BTCPAY_HOST`: The external url used to access the NGINX server from internet. This domain name must point to this machine for Let's Encrypt to create your certificate. (typically with a CNAME or A record)
* `BTCPAY_ROOTPATH`: The root path directory where BTCPay is accessed, more information below. (default: /)
* `LETSENCRYPT_EMAIL`: The email Let's Encrypt will use to notify you about certificate expiration.
* `ACME_CA_URI`: Let's encrypt API endpoint (`https://acme-staging.api.letsencrypt.org/directory` for a staging certificate, `https://acme-v01.api.letsencrypt.org/directory` for a production one)
* `LIGHTNING_ALIAS`: Optional, if using the integrated lightning feature, customize the alias of your nodes
* `BTCPAY_SSHKEYFILE`: Optional, SSH private key that BTCPay can use to connect to this VM's SSH server (You need to copy the key file on BTCPay's datadir volume)
* `BTCPAY_SSHTRUSTEDFINGERPRINTS`: Optional, BTCPay will ensure that it is connecting to the expected SSH server by checking the host public's key against those fingerprints
If `BTCPAY_HOST` is `btcpay.example.com` and `BTCPAY_ROOTPATH` is `/btcpay`, then you can access the site via `https://btcpay.example.com/btcpay`
7 years ago
Any unset or empty environment variable will be set for a `regtest` deployment.
7 years ago
7 years ago
The ports mapped on the host are:
7 years ago
1. `80` for Let's encrypt
2. `443` for the website
7 years ago
3. `9735` for the bitcoin lightning network node (if used)
4. `9736` for the litecoin lightning network node (if used)
7 years ago
Example for running on `mainnet`:
For linux:
```
docker-compose up \
-e "NBITCOIN_NETWORK=mainnet" \
-e "BTCPAY_HOST=btcpay.example.com" \
-e "LETSENCRYPT_EMAIL=me@example.com" \
-e "ACME_CA_URI=https://acme-v01.api.letsencrypt.org/directory"
```
7 years ago
For powershell:
7 years ago
```
docker-compose up `
-e "NBITCOIN_NETWORK=mainnet" `
-e "BTCPAY_HOST=btcpay.example.com" `
-e "LETSENCRYPT_EMAIL=me@example.com" `
-e "ACME_CA_URI=https://acme-v01.api.letsencrypt.org/directory"
```
7 years ago
See also [The guide for docker noobs](../README.md#fornoobs).
7 years ago
Make sure the domain `btcpay.example.com` point to your server and that port `80` and `443` are open.