diff --git a/Production-NoReverseProxy/README.md b/Production-NoReverseProxy/README.md index 095358e..25de599 100644 --- a/Production-NoReverseProxy/README.md +++ b/Production-NoReverseProxy/README.md @@ -25,6 +25,8 @@ The relevant environment variables are: * `BTCPAY_ROOTPATH`: The root path directory where BTCPay is accessed, more information below. (default: /) * `BTCPAY_PROTOCOL`: the protocol used to access this website from the internet (valid values: `http` and `https`, default: `https`) * `LIGHTNING_ALIAS`: Optional, if using the integrated lightning feature, customize the alias of your nodes +* `BTCPAY_SSHKEYFILE`: Optional, SSH private key that BTCPay can use to connect to this VM's SSH server (You need to copy the key file on BTCPay's datadir volume) +* `BTCPAY_SSHTRUSTEDFINGERPRINTS`: Optional, BTCPay will ensure that it is connecting to the expected SSH server by checking the host public's key against those fingerprints The ports mapped on the host are: diff --git a/Production/README.md b/Production/README.md index fbbb0c1..5f4868a 100644 --- a/Production/README.md +++ b/Production/README.md @@ -34,6 +34,8 @@ The relevant environment variables are: * `LETSENCRYPT_EMAIL`: The email Let's Encrypt will use to notify you about certificate expiration. * `ACME_CA_URI`: Let's encrypt API endpoint (`https://acme-staging.api.letsencrypt.org/directory` for a staging certificate, `https://acme-v01.api.letsencrypt.org/directory` for a production one) * `LIGHTNING_ALIAS`: Optional, if using the integrated lightning feature, customize the alias of your nodes +* `BTCPAY_SSHKEYFILE`: Optional, SSH private key that BTCPay can use to connect to this VM's SSH server (You need to copy the key file on BTCPay's datadir volume) +* `BTCPAY_SSHTRUSTEDFINGERPRINTS`: Optional, BTCPay will ensure that it is connecting to the expected SSH server by checking the host public's key against those fingerprints If `BTCPAY_HOST` is `btcpay.example.com` and `BTCPAY_ROOTPATH` is `/btcpay`, then you can access the site via `https://btcpay.example.com/btcpay` diff --git a/README.md b/README.md index b37f40b..9ba5d0e 100644 --- a/README.md +++ b/README.md @@ -71,6 +71,21 @@ export BTCPAYGEN_LIGHTNING="clightning" * Add BTCPay utilities in /usr/bin * Start BTCPay +# Environment variables + +`btcpay-setup.sh` will use the following environment variables: +* `BTCPAY_HOST`: The hostname of your website (eg. btcpay.example.com) +* `LETSENCRYPT_EMAIL`: A mail will be sent to this address if certificate expires and fail to renew automatically (eg. me@example.com) +* `NBITCOIN_NETWORK`: The type of network to use (eg. mainnet, testnet or regtest. Default`: mainnet) +* `LIGHTNING_ALIAS`: An alias for your lightning network node if used +* `BTCPAYGEN_CRYPTO1`: First supported crypto currency (eg. btc, ltc, none. Default`: btc) +* `BTCPAYGEN_CRYPTO2`: Second supported crypto currency (eg. btc, ltc, none. Default`: empty) +* `BTCPAYGEN_CRYPTON`: N th supported crypto currency where N is maximum at maximum 9. (eg. btc, ltc. Default: none) +* `BTCPAYGEN_REVERSEPROXY`: Whether to use or not a reverse proxy. NGinx setup HTTPS for you. (eg. nginx, none. Default: nginx) +* `BTCPAYGEN_LIGHTNING`: Lightning network implementation to use (eg. clightning, none) +* `ACME_CA_URI`: The API endpoint to ask for HTTPS certificate (default: https://acme-v01.api.letsencrypt.org/directory) +* `BTCPAY_HOST_SSHKEYFILE`: Optional, SSH private key that BTCPay can use to connect to this VM's SSH server. This key will be copied on BTCPay's data directory + # Tooling A wide range of tooling get available on your system when btcpay is installed: @@ -163,12 +178,15 @@ export BTCPAYGEN_REVERSEPROXY="nginx" export BTCPAY_DOCKER_COMPOSE="/var/lib/waagent/custom-script/download/0/btcpayserver-docker/Production/docker-compose.generated.yml" export BTCPAY_BASE_DIRECTORY="/var/lib/waagent/custom-script/download/0" export BTCPAY_ENV_FILE="/var/lib/waagent/custom-script/download/0/.env" +export BTCPAY_HOST_SSHKEYFILE="/root/.ssh/id_rsa_btcpay" if cat $BTCPAY_ENV_FILE &> /dev/null; then export BTCPAY_HOST="$(cat $BTCPAY_ENV_FILE | sed -n 's/^BTCPAY_HOST=\(.*\)$/\1/p')" export LETSENCRYPT_EMAIL="$(cat $BTCPAY_ENV_FILE | sed -n 's/^LETSENCRYPT_EMAIL=\(.*\)$/\1/p')" export NBITCOIN_NETWORK="$(cat $BTCPAY_ENV_FILE | sed -n 's/^NBITCOIN_NETWORK=\(.*\)$/\1/p')" export LIGHTNING_ALIAS="$(cat $BTCPAY_ENV_FILE | sed -n 's/^LIGHTNING_ALIAS=\(.*\)$/\1/p')" export ACME_CA_URI="$(cat $BTCPAY_ENV_FILE | sed -n 's/^ACME_CA_URI=\(.*\)$/\1/p')" +export BTCPAY_SSHKEYFILE="$(cat $BTCPAY_ENV_FILE | sed -n 's/^BTCPAY_SSHKEYFILE=\(.*\)$/\1/p')" +export BTCPAY_SSHTRUSTEDFINGERPRINTS="$(cat $BTCPAY_ENV_FILE | sed -n 's/^BTCPAY_SSHTRUSTEDFINGERPRINTS=\(.*\)$/\1/p')" fi ``` @@ -199,6 +217,8 @@ BTCPAY_HOST=btcpay.example.com ACME_CA_URI=https://acme-v01.api.letsencrypt.org/directory NBITCOIN_NETWORK=mainnet LETSENCRYPT_EMAIL=me@example.com +BTCPAY_SSHTRUSTEDFINGERPRINTS=SHA256:eSCD7NtQ/Q6IBl2iRB9caAQ3lDZd8s8iUL6SdeNnhpA +BTCPAY_SSHKEYFILE=/datadir/id_rsa ``` # How to extend with your own crypto? diff --git a/btcpay-setup.sh b/btcpay-setup.sh index 06d6a33..1167f06 100755 --- a/btcpay-setup.sh +++ b/btcpay-setup.sh @@ -58,6 +58,7 @@ Environment variables: BTCPAYGEN_REVERSEPROXY: Whether to use or not a reverse proxy. NGinx setup HTTPS for you. (eg. nginx, none. Default: nginx) BTCPAYGEN_LIGHTNING: Lightning network implementation to use (eg. clightning, none) ACME_CA_URI: The API endpoint to ask for HTTPS certificate (default: https://acme-v01.api.letsencrypt.org/directory) + BTCPAY_HOST_SSHKEYFILE: Optional, SSH private key that BTCPay can use to connect to this VM's SSH server. This key will be copied on BTCPay's data directory END }