Sebastian Kippe
5a5db43de3
Fixes btcpay having still used the old postgres master, and integrating it into the global client config setup from here on out.
122 lines
3.4 KiB
Ruby
122 lines
3.4 KiB
Ruby
#
|
|
# Cookbook:: kosmos-bitcoin
|
|
# Recipe:: btcpay
|
|
#
|
|
|
|
build_essential
|
|
|
|
include_recipe "git"
|
|
|
|
git node['btcpay']['source_dir'] do
|
|
repository node['btcpay']['repo']
|
|
revision node['btcpay']['revision']
|
|
action :sync
|
|
notifies :run, 'bash[build_btcpay]', :immediately
|
|
end
|
|
|
|
bash 'build_btcpay' do
|
|
cwd node['btcpay']['source_dir']
|
|
code <<-EOH
|
|
systemctl stop btcpayserver.service
|
|
./build.sh
|
|
EOH
|
|
action :nothing
|
|
notifies :restart, "systemd_unit[btcpayserver.service]", :delayed
|
|
end
|
|
|
|
directory "/home/#{node['bitcoin']['username']}/.btcpayserver" do
|
|
owner node['bitcoin']['username']
|
|
group node['bitcoin']['usergroup']
|
|
mode '0750'
|
|
recursive true
|
|
end
|
|
|
|
directory File.dirname(node['btcpay']['config_path']) do
|
|
owner node['bitcoin']['username']
|
|
group node['bitcoin']['usergroup']
|
|
mode '0750'
|
|
recursive true
|
|
end
|
|
|
|
credentials = Chef::EncryptedDataBagItem.load('credentials', 'btcpay')
|
|
|
|
lnd_admin_macaroon_path = "#{node['lnd']['lnd_dir']}/data/chain/bitcoin/mainnet/admin.macaroon" rescue nil
|
|
|
|
template node['btcpay']['config_path'] do
|
|
source "btcpay-settings.config.erb"
|
|
owner node['bitcoin']['username']
|
|
group node['bitcoin']['usergroup']
|
|
mode '0640'
|
|
variables bitcoin_network: node['bitcoin']['network'],
|
|
nbxplorer_url: "http://127.0.0.1:#{node['nbxplorer']['port']}",
|
|
btcpay_port: node['btcpay']['port'],
|
|
btcpay_log_path: node['btcpay']['log_path'],
|
|
postgres_host: "pg.kosmos.local",
|
|
postgres_port: node['btcpay']['postgres']['port'],
|
|
postgres_database: node['btcpay']['postgres']['database'],
|
|
postgres_user: node['btcpay']['postgres']['user'],
|
|
postgres_password: credentials['postgres_password'],
|
|
lnd_admin_macaroon_path: lnd_admin_macaroon_path
|
|
notifies :restart, "systemd_unit[btcpayserver.service]", :delayed
|
|
end
|
|
|
|
directory '/run/btcpayserver' do
|
|
owner node['bitcoin']['username']
|
|
group node['bitcoin']['usergroup']
|
|
mode '0640'
|
|
end
|
|
|
|
systemd_unit 'btcpayserver.service' do
|
|
content({
|
|
Unit: {
|
|
Description: 'BTCPay Server daemon',
|
|
Documentation: ['https://docs.btcpayserver.org/ManualDeployment/'],
|
|
Requires: 'nbxplorer.service',
|
|
After: 'nbxplorer.service'
|
|
},
|
|
Service: {
|
|
User: node['bitcoin']['username'],
|
|
Group: node['bitcoin']['usergroup'],
|
|
Type: 'simple',
|
|
WorkingDirectory: node['btcpay']['source_dir'],
|
|
ExecStart: "#{node['btcpay']['source_dir']}/run.sh --conf=#{node['btcpay']['config_path']}",
|
|
PIDFile: '/run/btcpayserver/btcpayserver.pid',
|
|
Restart: 'on-failure',
|
|
PrivateTmp: true,
|
|
ProtectSystem: 'full',
|
|
NoNewPrivileges: true,
|
|
PrivateDevices: true
|
|
},
|
|
Install: {
|
|
WantedBy: 'multi-user.target'
|
|
}
|
|
})
|
|
verify false
|
|
triggers_reload true
|
|
action [:create, :enable, :start]
|
|
end
|
|
|
|
#
|
|
# HTTPS Reverse Proxy
|
|
#
|
|
|
|
include_recipe "kosmos-nginx"
|
|
server_name = node["btcpay"]["domain"]
|
|
|
|
template "#{node["nginx"]["dir"]}/sites-available/#{server_name}" do
|
|
source "nginx_conf_btcpayserver.erb"
|
|
owner node["nginx"]["user"]
|
|
mode 0640
|
|
variables btcpay_port: node["btcpay"]["port"],
|
|
server_name: server_name,
|
|
ssl_cert: "/etc/letsencrypt/live/#{server_name}/fullchain.pem",
|
|
ssl_key: "/etc/letsencrypt/live/#{server_name}/privkey.pem"
|
|
notifies :reload, "service[nginx]", :delayed
|
|
end
|
|
|
|
nginx_site server_name do
|
|
action :enable
|
|
end
|
|
|
|
nginx_certbot_site server_name
|