123 lines
3.5 KiB
Ruby
123 lines
3.5 KiB
Ruby
#
|
|
# Cookbook:: kosmos-bitcoin
|
|
# Recipe:: btcpay
|
|
#
|
|
|
|
build_essential
|
|
|
|
include_recipe "git"
|
|
|
|
git node['btcpay']['source_dir'] do
|
|
repository node['btcpay']['repo']
|
|
revision node['btcpay']['revision']
|
|
action :sync
|
|
notifies :stop, "systemd_unit[btcpayserver.service]", :immediately
|
|
notifies :run, 'bash[build_btcpay]', :immediately
|
|
end
|
|
|
|
bash 'build_btcpay' do
|
|
cwd node['btcpay']['source_dir']
|
|
code <<-EOH
|
|
systemctl stop btcpayserver.service
|
|
./build.sh
|
|
EOH
|
|
action :nothing
|
|
notifies :restart, "systemd_unit[btcpayserver.service]", :delayed
|
|
end
|
|
|
|
directory "/home/#{node['bitcoin']['username']}/.btcpayserver" do
|
|
owner node['bitcoin']['username']
|
|
group node['bitcoin']['usergroup']
|
|
mode '0750'
|
|
recursive true
|
|
end
|
|
|
|
directory File.dirname(node['btcpay']['config_path']) do
|
|
owner node['bitcoin']['username']
|
|
group node['bitcoin']['usergroup']
|
|
mode '0750'
|
|
recursive true
|
|
end
|
|
|
|
credentials = Chef::EncryptedDataBagItem.load('credentials', 'btcpay')
|
|
|
|
lnd_admin_macaroon_path = "#{node['lnd']['lnd_dir']}/data/chain/bitcoin/mainnet/admin.macaroon" rescue nil
|
|
|
|
template node['btcpay']['config_path'] do
|
|
source "btcpay-settings.config.erb"
|
|
owner node['bitcoin']['username']
|
|
group node['bitcoin']['usergroup']
|
|
mode '0640'
|
|
variables bitcoin_network: node['bitcoin']['network'],
|
|
nbxplorer_url: "http://127.0.0.1:#{node['nbxplorer']['port']}",
|
|
btcpay_port: node['btcpay']['port'],
|
|
btcpay_log_path: node['btcpay']['log_path'],
|
|
postgres_host: "pg.kosmos.local",
|
|
postgres_port: node['btcpay']['postgres']['port'],
|
|
postgres_database: node['btcpay']['postgres']['database'],
|
|
postgres_user: node['btcpay']['postgres']['user'],
|
|
postgres_password: credentials['postgres_password'],
|
|
lnd_admin_macaroon_path: lnd_admin_macaroon_path
|
|
notifies :restart, "systemd_unit[btcpayserver.service]", :delayed
|
|
end
|
|
|
|
directory '/run/btcpayserver' do
|
|
owner node['bitcoin']['username']
|
|
group node['bitcoin']['usergroup']
|
|
mode '0640'
|
|
end
|
|
|
|
systemd_unit 'btcpayserver.service' do
|
|
content({
|
|
Unit: {
|
|
Description: 'BTCPay Server daemon',
|
|
Documentation: ['https://docs.btcpayserver.org/ManualDeployment/'],
|
|
Requires: 'nbxplorer.service',
|
|
After: 'nbxplorer.service'
|
|
},
|
|
Service: {
|
|
User: node['bitcoin']['username'],
|
|
Group: node['bitcoin']['usergroup'],
|
|
Type: 'simple',
|
|
WorkingDirectory: node['btcpay']['source_dir'],
|
|
ExecStart: "#{node['btcpay']['source_dir']}/run.sh --conf=#{node['btcpay']['config_path']}",
|
|
PIDFile: '/run/btcpayserver/btcpayserver.pid',
|
|
Restart: 'on-failure',
|
|
PrivateTmp: true,
|
|
ProtectSystem: 'full',
|
|
NoNewPrivileges: true,
|
|
PrivateDevices: true
|
|
},
|
|
Install: {
|
|
WantedBy: 'multi-user.target'
|
|
}
|
|
})
|
|
verify false
|
|
triggers_reload true
|
|
action [:create, :enable, :start]
|
|
end
|
|
|
|
#
|
|
# HTTPS Reverse Proxy
|
|
#
|
|
|
|
include_recipe "kosmos-nginx"
|
|
server_name = node["btcpay"]["domain"]
|
|
|
|
template "#{node["nginx"]["dir"]}/sites-available/#{server_name}" do
|
|
source "nginx_conf_btcpayserver.erb"
|
|
owner node["nginx"]["user"]
|
|
mode 0640
|
|
variables btcpay_port: node["btcpay"]["port"],
|
|
server_name: server_name,
|
|
ssl_cert: "/etc/letsencrypt/live/#{server_name}/fullchain.pem",
|
|
ssl_key: "/etc/letsencrypt/live/#{server_name}/privkey.pem"
|
|
notifies :reload, "service[nginx]", :delayed
|
|
end
|
|
|
|
nginx_site server_name do
|
|
action :enable
|
|
end
|
|
|
|
nginx_certbot_site server_name
|