From 92568b4c127bcbe8e0ef9315d87214b6a29ac127 Mon Sep 17 00:00:00 2001
From: Peter Rounce <peter@rounce.me.uk>
Date: Fri, 12 Aug 2022 07:11:41 +0100
Subject: [PATCH 1/4] specify the o/s login

fixes #6
---
 docs/INSTALL.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index 0fccff7..1946f79 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -5,6 +5,10 @@
 1 GHz processor, 2 GB RAM, 10GB storage minimum  
 Ubuntu 20.04 LTS server
 
+### login
+
+create and use a user named `ubuntu`
+
 ### install Go
 
 [Go download & install](https://go.dev/doc/install)  

From 0b4b312ce1c83ad548150c9110fffe261a42dec7 Mon Sep 17 00:00:00 2001
From: Peter Rounce <peter@rounce.me.uk>
Date: Tue, 16 Aug 2022 15:56:44 +0100
Subject: [PATCH 2/4] Update INSTALL.md

add a step to enable the boltcard service
---
 docs/INSTALL.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index 1946f79..e546652 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -55,7 +55,8 @@ edit `create_db.sql` to set the cardapp password
 ### boltcard service install
 `$ sudo cp boltcard.service /etc/systemd/system/boltcard.service`  
 `$ ./s_build`  
-`$ systemctl status boltcard`
+`$ sudo systemctl enable boltcard`
+`$ sudo systemctl status boltcard`
 
 ### https setup
 set up the domain A record to point to the server  

From 5b500ad569326a493fc0311dcfb858cfde864b0e Mon Sep 17 00:00:00 2001
From: Peter Rounce <peter@rounce.me.uk>
Date: Wed, 17 Aug 2022 11:04:47 +0100
Subject: [PATCH 3/4] Update INSTALL.md

add security recommendations for production use
---
 docs/INSTALL.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index e546652..1929e8f 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -83,6 +83,11 @@ this should respond with 'bad request' and show up in the service log
 [create a bolt card](CARD.md) with the URI pointing to this server  
 use a PoS setup to read the bolt card, e.g. [Breez wallet](https://breez.technology/)   
 monitor the service log to ensure decryption, authentication, payment rules and lightning payment work as expected  
+#### production use
+ensure that LOG_LEVEL is set to PRODUCTION  
+ensure that all secrets are minimally available  
+ensure that you have good operational security practices  
+monitor the system for unusual activity  
 
 # Further information and support
 

From a22669a988b4c898a90d98962ba0a91e79e8f1cc Mon Sep 17 00:00:00 2001
From: Peter Rounce <peter@rounce.me.uk>
Date: Wed, 17 Aug 2022 14:38:42 +0100
Subject: [PATCH 4/4] Update INSTALL.md

fix formatting
---
 docs/INSTALL.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index 1929e8f..6b821e9 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -55,7 +55,7 @@ edit `create_db.sql` to set the cardapp password
 ### boltcard service install
 `$ sudo cp boltcard.service /etc/systemd/system/boltcard.service`  
 `$ ./s_build`  
-`$ sudo systemctl enable boltcard`
+`$ sudo systemctl enable boltcard`  
 `$ sudo systemctl status boltcard`
 
 ### https setup