dockerize the boltcard service with bundled postgres. updated readme accordingly

2022-08-28 13:59:10 +03:00 · 2022-08-28 13:59:10 +03:00 · e83035e175
commit e83035e175
parent 009d3e0c3a
5 changed files with 121 additions and 1 deletions
--- a/.env
+++ b/.env
@ -0,0 +1,20 @@
+HOST_DOMAIN=card.yourdomain.com
+
+# Generate a new key with
+# hexdump -vn16 -e'4/4 "%08x" 1 "\n"' /dev/random
+BC_AES_DECRYPT_KEY=00000000000000000000000000000000
+
+BC_MIN_WITHDRAW_SATS=1
+BC_MAX_WITHDRAW_SATS=1000000
+BC_FEE_LIMIT_SAT=10
+
+LN_HOST=ln.yourdomain.com
+LN_GRPC_PORT=10009
+
+# optional - to only allow payments to this LN node
+LN_TESTNODE=YOUR_LN_NODE_ID
+
+DB_PORT=5432
+DB_USER=cardapp
+DB_PASSWORD=321someRandomPasscodeWithSaltAndPepperAndThyme123
+DB_NAME=card_db
--- a/13
+++ b/13
@ -0,0 +1,13 @@
+FROM golang:1.19.0-bullseye
+
+WORKDIR /App
+ADD . /App
+RUN go build
+
+WORKDIR /App/createboltcard
+RUN go get github.com/skip2/go-qrcode
+RUN go build
+
+WORKDIR /App
+
+ENTRYPOINT ["/App/boltcard"]
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -0,0 +1,52 @@
+version: '3'
+services:
+  boltcard:
+    build: .
+    container_name: boltcard_main
+    depends_on:
+     - db
+    restart: unless-stopped
+    environment:
+      - LOG_LEVEL=DEBUG
+      - DB_HOST=db
+
+      - HOST_DOMAIN=${HOST_DOMAIN} 
+      - AES_DECRYPT_KEY=${BC_AES_DECRYPT_KEY}
+      - DB_PORT=${DB_PORT}
+      - DB_USER=${DB_USER}
+      - DB_PASSWORD=${DB_PASSWORD}
+      - DB_NAME=${DB_NAME}
+      - MIN_WITHDRAW_SATS=${BC_MIN_WITHDRAW_SATS}
+      - MAX_WITHDRAW_SATS=${BC_MAX_WITHDRAW_SATS}
+      - FEE_LIMIT_SAT=${BC_FEE_LIMIT_SAT}
+      - LN_HOST=${LN_HOST}
+      - LN_PORT=${LN_GRPC_PORT}
+      - LN_TESTNODE=${LN_TESTNODE}
+
+      - LN_TLS_FILE=/boltcard/tls.cert
+      - LN_MACAROON_FILE=/boltcard/SendPaymentV2.macaroon
+    ports:
+      - 9000:9000
+    volumes:
+    - ${PWD}/tls.cert:/boltcard/tls.cert
+    - ${PWD}/SendPaymentV2.macaroon:/boltcard/SendPaymentV2.macaroon
+    networks:
+        - boltnet
+  db:
+    image: postgres:14.4-bullseye
+    container_name: boltcard_db
+    restart: unless-stopped
+    environment:
+      - POSTGRES_USER=${DB_USER}
+      - POSTGRES_PASSWORD=${DB_PASSWORD}
+      - POSTGRES_DB=${DB_NAME}
+      - PGDATA=/var/lib/postgresql/data/pgdata
+    volumes:
+    - db-data:/var/lib/postgresql/data
+    - ${PWD}/create_db.sql:/docker-entrypoint-initdb.d/10-create_db.sql
+    networks:
+    - boltnet
+networks:
+  boltnet:
+volumes:
+  db-data:
--- a/docs/CARD_ANDROID.md
+++ b/docs/CARD_ANDROID.md
@ -42,6 +42,7 @@ on the bolt card server
 - `./createboltcard -help` to see options
 - `./createboltcard -enable -tx_max=1000 -day_max=10000 -name=card_1` for example
 - this will give you a one-time link in text and QR code form
+- if the boltcard service is running in **docker**, use ```docker exec boltcard_main createboltcard/createboltcard``` instead

 on the app
 - select `Key Management`
@ -50,7 +51,7 @@ on the app
 - bring the card to the device for programming the keys

 ### Update the card record on the server
-on the bolt card server
+on the bolt card db server
 - `$ psql card_db`
 - `card_db=# select card_id, one_time_code from cards order by card_id desc limit 1;`
 - check that this is the correct record (one_time_code matches from before)
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@ -5,6 +5,40 @@
 1 GHz processor, 2 GB RAM, 10GB storage minimum  
 Ubuntu 20.04 LTS server

+## With docker & docker-compose
+### 1. Download the boltcard repository
+
+`$ git clone https://github.com/boltcard/boltcard`
+
+### 2. Get a macaroon and tls.cert from the lightning node
+
+Create a macaroon with limited permissions to the lightning node  
+[lncli download & install](https://github.com/lightningnetwork/lnd/blob/master/docs/INSTALL.md)
+```
+$ lncli \                                                    
+--rpcserver=lightning-node.io:10009 \
+--macaroonpath=admin.macaroon \
+--tlscertpath="tls.cert" \
+bakemacaroon uri:/routerrpc.Router/SendPaymentV2 > SendPaymentV2.macaroon.hex
+
+$ xxd -r -p SendPaymentV2.macaroon.hex SendPaymentV2.macaroon
+```
+Copy tls.cert and SendPaymentV2.macaroon to your boltcard directory
+
+### 3. Configure and run
+
+Edit the .env file to your preference and run
+
+```
+docker-compose up -d
+```
+
+This will spin up a *postgresql* container, and the *boltcard service* container available at port **9000**. For publishing with a domain name and https, you can use a reverse proxy like nginx, traefik or caddy.
+
+You can monitor with ```docker logs container_name```.
+
+## Without docker
+
 ### login

 create and use a user named `ubuntu`