Allow BTCPay API access over private network
This commit is contained in:
parent
6a85c2d5c6
commit
7a52f2bd89
|
@ -97,13 +97,23 @@ systemd_unit 'btcpayserver.service' do
|
|||
action [:create, :enable, :start]
|
||||
end
|
||||
|
||||
firewall_rule "BTCPay API private access" do
|
||||
command :allow
|
||||
port 23001
|
||||
protocol :tcp
|
||||
source "10.1.1.0/24"
|
||||
end
|
||||
|
||||
#
|
||||
# HTTPS Reverse Proxy
|
||||
# TODO move to separate recipe, nginx proxy role
|
||||
#
|
||||
|
||||
include_recipe "kosmos-nginx"
|
||||
server_name = node["btcpay"]["domain"]
|
||||
|
||||
nginx_certbot_site server_name
|
||||
|
||||
template "#{node["nginx"]["dir"]}/sites-available/#{server_name}" do
|
||||
source "nginx_conf_btcpayserver.erb"
|
||||
owner node["nginx"]["user"]
|
||||
|
@ -118,5 +128,3 @@ end
|
|||
nginx_site server_name do
|
||||
action :enable
|
||||
end
|
||||
|
||||
nginx_certbot_site server_name
|
||||
|
|
Loading…
Reference in New Issue