Configure and run BTCPay Server

data_bags/credentials/btcpay.json

@@ -0,0 +1,10 @@
+{
+  "id": "btcpay",
+  "postgres_password": {
+    "encrypted_data": "sDiikAwXFqRCguREzzL0ybo33pl3CiSnJt5pqqnY7Q==\n",
+    "iv": "2qY/agvlvTJCGaj+\n",
+    "auth_tag": "kC5KmBBtlR0Yzi44WU5Ntw==\n",
+    "version": 3,
+    "cipher": "aes-256-gcm"
+  }
+}

site-cookbooks/kosmos-bitcoin/attributes/default.rb

@@ -41,3 +41,9 @@ node.default['nbxplorer']['port'] = '24445'
 node.default['btcpay']['repo'] = 'https://github.com/btcpayserver/btcpayserver'
 node.default['btcpay']['revision'] = 'latest'
 node.default['btcpay']['source_dir'] = '/opt/btcpay'
+node.default['btcpay']['config_path'] = "/home/#{node['bitcoin']['username']}/.btcpayserver/Main/settings.config"
+node.default['btcpay']['log_path'] = "/home/#{node['bitcoin']['username']}/.btcpayserver/debug.log"
+node.default['btcpay']['port'] = '23001'
+node.default['btcpay']['postgres']['port'] = 5432
+node.default['btcpay']['postgres']['database'] = 'btcpayserver'
+node.default['btcpay']['postgres']['user'] = 'satoshi'

site-cookbooks/kosmos-bitcoin/recipes/btcpay.rb

@@ -7,15 +7,83 @@ build_essential
 
 include_recipe "git"
 
-git node['nbxplorer']['source_dir'] do
-  repository node['nbxplorer']['repo']
-  revision node['nbxplorer']['revision']
+git node['btcpay']['source_dir'] do
+  repository node['btcpay']['repo']
+  revision node['btcpay']['revision']
   action :sync
-  notifies :run, 'bash[build_nbxplorer]', :immediately
+  notifies :run, 'bash[build_btcpay]', :immediately
 end
 
-bash 'build_nbxplorer' do
-  cwd node['nbxplorer']['source_dir']
+bash 'build_btcpay' do
+  cwd node['btcpay']['source_dir']
   code './build.sh'
   action :nothing
 end
+
+directory "/home/#{node['bitcoin']['username']}/.btcpayserver" do
+  owner node['bitcoin']['username']
+  group node['bitcoin']['usergroup']
+  mode '0750'
+  recursive true
+end
+
+directory File.dirname(node['btcpay']['config_path']) do
+  owner node['bitcoin']['username']
+  group node['bitcoin']['usergroup']
+  mode '0750'
+  recursive true
+end
+
+credentials = Chef::EncryptedDataBagItem.load('credentials', 'btcpay')
+
+template node['btcpay']['config_path'] do
+  source "btcpay-settings.config.erb"
+  owner node['bitcoin']['username']
+  group node['bitcoin']['usergroup']
+  mode '0640'
+  variables bitcoin_network: node['bitcoin']['network'],
+            nbxplorer_url: "http://127.0.0.1:#{node['nbxplorer']['port']}",
+            btcpay_port: node['btcpay']['port'],
+            btcpay_log_path: node['btcpay']['log_path'],
+            postgres_host: "192.168.122.1",
+            postgres_port: node['btcpay']['postgres']['port'],
+            postgres_database: node['btcpay']['postgres']['database'],
+            postgres_user: node['btcpay']['postgres']['user'],
+            postgres_password: credentials['postgres_password']
+end
+
+directory '/run/btcpayserver' do
+  owner node['bitcoin']['username']
+  group node['bitcoin']['usergroup']
+  mode '0640'
+end
+
+systemd_unit 'btcpayserver.service' do
+  content({
+    Unit: {
+      Description: 'BTCPay Server daemon',
+      Documentation: ['https://docs.btcpayserver.org/ManualDeployment/'],
+      Requires: 'nbxplorer.service',
+      After: 'nbxplorer.service'
+    },
+    Service: {
+      User: node['bitcoin']['username'],
+      Group: node['bitcoin']['usergroup'],
+      Type: 'simple',
+      WorkingDirectory: node['btcpay']['source_dir'],
+      ExecStart: "#{node['btcpay']['source_dir']}/run.sh --conf=#{node['btcpay']['config_path']}",
+      PIDFile: '/run/btcpayserver/btcpayserver.pid',
+      Restart: 'on-failure',
+      PrivateTmp: true,
+      ProtectSystem: 'full',
+      NoNewPrivileges: true,
+      PrivateDevices: true
+    },
+    Install: {
+      WantedBy: 'multi-user.target'
+    }
+  })
+  verify false
+  triggers_reload true
+  action [:create, :enable, :start]
+end

site-cookbooks/kosmos-bitcoin/recipes/nbxplorer.rb

@@ -1,27 +1,34 @@
 #
 # Cookbook:: kosmos-bitcoin
-# Recipe:: btcpay
+# Recipe:: nbxplorer
 #
 
 build_essential
 
 include_recipe "git"
 
-git node['btcpay']['source_dir'] do
-  repository node['btcpay']['repo']
-  revision node['btcpay']['revision']
+git node['nbxplorer']['source_dir'] do
+  repository node['nbxplorer']['repo']
+  revision node['nbxplorer']['revision']
   action :sync
-  notifies :run, 'bash[build_btcpay]', :immediately
+  notifies :run, 'bash[build_nbxplorer]', :immediately
 end
 
-bash 'build_btcpay' do
-  cwd node['btcpay']['source_dir']
+bash 'build_nbxplorer' do
+  cwd node['nbxplorer']['source_dir']
   code './build.sh'
   action :nothing
 end
 
 bitcoin_credentials = Chef::EncryptedDataBagItem.load('credentials', 'bitcoin')
 
+directory "/home/#{node['bitcoin']['username']}/.nbxplorer" do
+  owner node['bitcoin']['username']
+  group node['bitcoin']['usergroup']
+  mode '0750'
+  recursive true
+end
+
 directory File.dirname(node['nbxplorer']['config_path']) do
   owner node['bitcoin']['username']
   group node['bitcoin']['usergroup']
@@ -59,7 +66,7 @@ systemd_unit 'nbxplorer.service' do
       Group: node['bitcoin']['usergroup'],
       Type: 'simple',
       ExecStart: "/usr/bin/dotnet '#{node['nbxplorer']['source_dir']}/NBXplorer/bin/Release/netcoreapp3.1/NBXplorer.dll' -c #{node['nbxplorer']['config_path']} --noauth",
-      PIDFile: "/run/nbxplorer/nbxplorer.pid",
+      PIDFile: '/run/nbxplorer/nbxplorer.pid',
       Restart: 'on-failure',
       PrivateTmp: true,
       ProtectSystem: 'full',

site-cookbooks/kosmos-bitcoin/recipes/source.rb

@@ -27,6 +27,7 @@ end
 build_essential
 include_recipe 'ark'
 
+
 %w{ libtool autotools-dev make automake cmake curl g++-multilib libtool
     binutils-gold bsdmainutils pkg-config python3 patch }.each do |pkg|
   apt_package pkg

site-cookbooks/kosmos-bitcoin/templates/btcpay-settings.config.erb

@@ -0,0 +1,8 @@
+network=<%= @bitcoin_network %>
+port=<%= @btcpay_port %>
+bind=127.0.0.1
+chains=btc
+BTC.explorer.url=<%= @nbxplorer_url %>
+postgres=User ID=<%= @postgres_user %>;Password=<%= @postgres_password %>;Host=<%= @postgres_host %>;Port=<%= @postgres_port %>;Database=<%= @postgres_database %>;
+debuglog=<%= @btcpay_log_path %>
+<%# TODO BTC.lightning=type=clightning;server=/mnt/data/lightningd/lightning-rpc %>