From f4476a09937d4e45587e7b49dc3380f5227d43a0 Mon Sep 17 00:00:00 2001 From: Peter Rounce Date: Thu, 11 Aug 2022 07:23:26 +0100 Subject: [PATCH 1/9] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b75b9c3..8d5c7fb 100644 --- a/README.md +++ b/README.md @@ -16,9 +16,9 @@ The 'bolt card creation' instructions describe how to set up bolt cards for use | --- | --- | | [Specification](docs/SPEC.md) | Bolt card specifications | | [System](docs/SYSTEM.md) | Bolt card system overview | -| [Install](docs/INSTALL.md) | Bolt card service installation | +| [Service Install](docs/INSTALL.md) | Bolt card service installation | | [Automatic Card Creation](docs/CARD_ANDROID.md) | Bolt card creation using the Bolt Card app| -| [Manual Card Creation](docs/CARD_MANUAL.md) | Bolt card creation using NXP TagXplorer| +| [Manual Card Creation](docs/CARD_MANUAL.md) | Bolt card creation using NXP TagXplorer software| | [FAQ](docs/FAQ.md) | Frequently asked questions | ## Telegram group From 92568b4c127bcbe8e0ef9315d87214b6a29ac127 Mon Sep 17 00:00:00 2001 From: Peter Rounce Date: Fri, 12 Aug 2022 07:11:41 +0100 Subject: [PATCH 2/9] specify the o/s login fixes #6 --- docs/INSTALL.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 0fccff7..1946f79 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -5,6 +5,10 @@ 1 GHz processor, 2 GB RAM, 10GB storage minimum Ubuntu 20.04 LTS server +### login + +create and use a user named `ubuntu` + ### install Go [Go download & install](https://go.dev/doc/install) From 0b4b312ce1c83ad548150c9110fffe261a42dec7 Mon Sep 17 00:00:00 2001 From: Peter Rounce Date: Tue, 16 Aug 2022 15:56:44 +0100 Subject: [PATCH 3/9] Update INSTALL.md add a step to enable the boltcard service --- docs/INSTALL.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 1946f79..e546652 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -55,7 +55,8 @@ edit `create_db.sql` to set the cardapp password ### boltcard service install `$ sudo cp boltcard.service /etc/systemd/system/boltcard.service` `$ ./s_build` -`$ systemctl status boltcard` +`$ sudo systemctl enable boltcard` +`$ sudo systemctl status boltcard` ### https setup set up the domain A record to point to the server From 5b500ad569326a493fc0311dcfb858cfde864b0e Mon Sep 17 00:00:00 2001 From: Peter Rounce Date: Wed, 17 Aug 2022 11:04:47 +0100 Subject: [PATCH 4/9] Update INSTALL.md add security recommendations for production use --- docs/INSTALL.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index e546652..1929e8f 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -83,6 +83,11 @@ this should respond with 'bad request' and show up in the service log [create a bolt card](CARD.md) with the URI pointing to this server use a PoS setup to read the bolt card, e.g. [Breez wallet](https://breez.technology/) monitor the service log to ensure decryption, authentication, payment rules and lightning payment work as expected +#### production use +ensure that LOG_LEVEL is set to PRODUCTION +ensure that all secrets are minimally available +ensure that you have good operational security practices +monitor the system for unusual activity # Further information and support From a22669a988b4c898a90d98962ba0a91e79e8f1cc Mon Sep 17 00:00:00 2001 From: Peter Rounce Date: Wed, 17 Aug 2022 14:38:42 +0100 Subject: [PATCH 5/9] Update INSTALL.md fix formatting --- docs/INSTALL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 1929e8f..6b821e9 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -55,7 +55,7 @@ edit `create_db.sql` to set the cardapp password ### boltcard service install `$ sudo cp boltcard.service /etc/systemd/system/boltcard.service` `$ ./s_build` -`$ sudo systemctl enable boltcard` +`$ sudo systemctl enable boltcard` `$ sudo systemctl status boltcard` ### https setup From 10e2786972fd3e38e59d9b1ee4b860485c3a8476 Mon Sep 17 00:00:00 2001 From: orfeas0 Date: Wed, 17 Aug 2022 17:15:01 +0300 Subject: [PATCH 6/9] Update CARD_ANDROID.md changed field enabled to enable_flag, as per the db schema --- docs/CARD_ANDROID.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/CARD_ANDROID.md b/docs/CARD_ANDROID.md index 749d4c1..4164fea 100644 --- a/docs/CARD_ANDROID.md +++ b/docs/CARD_ANDROID.md @@ -8,7 +8,7 @@ Here we describe how to create your own bolt cards with the Bolt Card Android ap - some `NXP DNA 424 NTAG` cards - an Android device with NFC -- a Bolt Card serice +- a Bolt Card service - [the Bolt Card app](https://github.com/boltcard/bolt-nfc-android-app) - [the Bolt Card app usage document](https://github.com/boltcard/bolt-nfc-android-app#usage) @@ -52,7 +52,7 @@ on the bolt card server - `card_db=# select card_id, one_time_code from cards order by card_id desc limit 1;` - check that this is the correct record (one_time_code matches from before) - `card_db=# update cards set uid = 'UID value from before without the 0x prefix' where card_id=card_id from before;` -- `card_db=# update cards set enabled = 'Y' where card_id=card_id from before;` +- `card_db=# update cards set enable_flag = 'Y' where card_id=card_id from before;` ### Make a payment - monitor the bolt card service logs From 832e046af5407be10a08eed2496ec58942757f32 Mon Sep 17 00:00:00 2001 From: blackcoffeexbt <87530449+blackcoffeexbt@users.noreply.github.com> Date: Wed, 17 Aug 2022 20:40:02 +0100 Subject: [PATCH 7/9] Fix enable_flag column name in SQL command --- docs/CARD_ANDROID.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/CARD_ANDROID.md b/docs/CARD_ANDROID.md index 749d4c1..c61deb2 100644 --- a/docs/CARD_ANDROID.md +++ b/docs/CARD_ANDROID.md @@ -52,7 +52,7 @@ on the bolt card server - `card_db=# select card_id, one_time_code from cards order by card_id desc limit 1;` - check that this is the correct record (one_time_code matches from before) - `card_db=# update cards set uid = 'UID value from before without the 0x prefix' where card_id=card_id from before;` -- `card_db=# update cards set enabled = 'Y' where card_id=card_id from before;` +- `card_db=# update cards set enable_flag = 'Y' where card_id=card_id from before;` ### Make a payment - monitor the bolt card service logs From 9d79fb3dab6bcc1b37e5d6cbb6f493ee1f7b5fad Mon Sep 17 00:00:00 2001 From: Peter Rounce Date: Thu, 18 Aug 2022 10:09:37 +0100 Subject: [PATCH 8/9] Update INSTALL.md update link --- docs/INSTALL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 6b821e9..24df150 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -80,7 +80,7 @@ this should respond with 'bad request' and show up in the service log navigate to the service URL from a browser, for example `https://card.yourdomain.com/ln?2` this should respond with 'bad request' and show up in the service log #### bolt card -[create a bolt card](CARD.md) with the URI pointing to this server +[create a bolt card](CARD_ANDROID.md) with the URI pointing to this server use a PoS setup to read the bolt card, e.g. [Breez wallet](https://breez.technology/) monitor the service log to ensure decryption, authentication, payment rules and lightning payment work as expected #### production use From 17f098a1cee2f914b342885b2b89550a32928117 Mon Sep 17 00:00:00 2001 From: Peter Rounce Date: Sun, 21 Aug 2022 07:06:40 +0100 Subject: [PATCH 9/9] Update CARD_ANDROID.md fixes #7 --- docs/CARD_ANDROID.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/CARD_ANDROID.md b/docs/CARD_ANDROID.md index 4164fea..9003956 100644 --- a/docs/CARD_ANDROID.md +++ b/docs/CARD_ANDROID.md @@ -35,6 +35,7 @@ lnurlw://card.yourdomain.com/ln?c=...&p=... ### Write the key values to the card on the bolt card server +- ensure the environment variables for the database connection are set up (see `boltcard.service`) - enter the `createboltcard` directory - `$ go build` - `./createboltcard`