diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..775f70b --- /dev/null +++ b/.env.example @@ -0,0 +1 @@ +DB_PASSWORD=password \ No newline at end of file diff --git a/Caddyfile_docker b/Caddyfile_docker new file mode 100644 index 0000000..e32ab53 --- /dev/null +++ b/Caddyfile_docker @@ -0,0 +1,2 @@ +https://card.yourdomain.com +reverse_proxy boltcard_main:9000 \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..6f08e14 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +FROM golang:1.19.0-bullseye + +WORKDIR /App +ADD . /App +RUN go build + +WORKDIR /App/createboltcard +RUN go get github.com/skip2/go-qrcode +RUN go build + +WORKDIR /App/wipeboltcard +RUN go build + +WORKDIR /App + +ENTRYPOINT ["/App/boltcard"] \ No newline at end of file diff --git a/README.md b/README.md index 8d5c7fb..aa8f9eb 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,7 @@ The 'bolt card creation' instructions describe how to set up bolt cards for use | [Specification](docs/SPEC.md) | Bolt card specifications | | [System](docs/SYSTEM.md) | Bolt card system overview | | [Service Install](docs/INSTALL.md) | Bolt card service installation | +| [Docker Service Install](docs/DOCKER_INSTALL.md) | Bolt card service docker installation | | [Automatic Card Creation](docs/CARD_ANDROID.md) | Bolt card creation using the Bolt Card app| | [Manual Card Creation](docs/CARD_MANUAL.md) | Bolt card creation using NXP TagXplorer software| | [FAQ](docs/FAQ.md) | Frequently asked questions | diff --git a/create_db.sql b/create_db.sql index 7bc9842..f50285b 100644 --- a/create_db.sql +++ b/create_db.sql @@ -1,9 +1,3 @@ -DROP DATABASE IF EXISTS card_db; -CREATE DATABASE card_db; - -DROP USER IF EXISTS cardapp; -CREATE USER cardapp WITH PASSWORD 'database_password'; - \c card_db; CREATE TABLE settings ( diff --git a/create_db_init.sql b/create_db_init.sql new file mode 100644 index 0000000..2a65afb --- /dev/null +++ b/create_db_init.sql @@ -0,0 +1,2 @@ +DROP DATABASE IF EXISTS card_db; +CREATE DATABASE card_db; diff --git a/create_db_user.sql b/create_db_user.sql new file mode 100644 index 0000000..678c8b1 --- /dev/null +++ b/create_db_user.sql @@ -0,0 +1,2 @@ +DROP USER cardapp; +CREATE USER cardapp WITH PASSWORD 'database_password'; \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..31ef452 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,62 @@ +version: '3' +services: + boltcard: + build: + context: ./ + dockerfile: Dockerfile + container_name: boltcard_main + depends_on: + - db + restart: unless-stopped + environment: + - LOG_LEVEL=DEBUG + - DB_HOST=db + - DB_USER=cardapp + - DB_PASSWORD=${DB_PASSWORD} + - DB_PORT=5432 + - DB_NAME=card_db + expose: + - "9000" + volumes: + - ${PWD}/tls.cert:/boltcard/tls.cert + - ${PWD}/admin.macaroon:/boltcard/admin.macaroon + networks: + - boltnet + db: + image: postgres + container_name: boltcard_db + restart: unless-stopped + environment: + - POSTGRES_USER=cardapp + - POSTGRES_PASSWORD=${DB_PASSWORD} + - POSTGRES_DB=card_db + - PGDATA=/var/lib/postgresql/data/pgdata + volumes: + - db-data:/var/lib/postgresql/data + - ./select_db.sql:/docker-entrypoint-initdb.d/select_db.sql + - ./create_db.sql:/docker-entrypoint-initdb.d/create_db.sql + - ./settings.sql:/docker-entrypoint-initdb.d/settings.sql + expose: + - "5432" + networks: + - boltnet + webserver: + image: caddy + restart: unless-stopped + ports: + - "80:80" + - "443:443" + - "443:443/udp" + volumes: + - ${PWD}/Caddyfile_docker:/etc/caddy/Caddyfile + - caddy_data:/data + - caddy_config:/config + networks: + - boltnet +networks: + boltnet: +volumes: + db-data: + caddy_data: + external: true + caddy_config: \ No newline at end of file diff --git a/docker_init.sh b/docker_init.sh new file mode 100755 index 0000000..511b9bc --- /dev/null +++ b/docker_init.sh @@ -0,0 +1,34 @@ +#!/bin/bash +echo Enter the domain name excluding the protocol +read domainname + +echo Enter your LND node gRPC domain +read lnd_host + +echo LND node gRPC port +read lnd_port +sed -i "1s/.*/https:\/\/$domainname/" Caddyfile_docker +sed -i "s/[(]'HOST_DOMAIN'[^)]*[)]/(\'HOST_DOMAIN\', \'$domainname\')/" settings.sql +echo writing the domain name to $domainname ... + +PASSWORD=$(date +%s|sha256sum|base64|head -c 32) +if [[ ! -e .env ]]; then + cp .env.example .env +fi +sed -i "s/^DB_PASSWORD=.*$/DB_PASSWORD=$PASSWORD/g" .env +decrypt_key=$(hexdump -vn16 -e'4/4 "%08x" 1 "\n"' /dev/random) +echo $decrypt_key + +sed -i "s/[(]'LOG_LEVEL'[^)]*[)]/(\'LOG_LEVEL\', \'DEBUG\')/" settings.sql +sed -i "s/[(]'AES_DECRYPT_KEY'[^)]*[)]/(\'AES_DECRYPT_KEY\', \'$decrypt_key\')/" settings.sql +sed -i "s/[(]'MIN_WITHDRAW_SATS'[^)]*[)]/(\'MIN_WITHDRAW_SATS\', \'1\')/" settings.sql +sed -i "s/[(]'MAX_WITHDRAW_SATS'[^)]*[)]/(\'MAX_WITHDRAW_SATS\', \'1000000\')/" settings.sql +sed -i "s/[(]'LN_HOST'[^)]*[)]/(\'LN_HOST\', \'$lnd_host\')/" settings.sql +sed -i "s/[(]'LN_PORT'[^)]*[)]/(\'LN_PORT\', \'$lnd_port\')/" settings.sql +sed -i "s/[(]'LN_TLS_FILE'[^)]*[)]/(\'LN_TLS_FILE\', \'\/boltcard\/tls.cert\')/" settings.sql +sed -i "s/[(]'LN_MACAROON_FILE'[^)]*[)]/(\'LN_MACAROON_FILE\', \'\/boltcard\/admin.macaroon\')/" settings.sql +sed -i "s/[(]'FEE_LIMIT_SAT'[^)]*[)]/(\'FEE_LIMIT_SAT\', \'10\')/" settings.sql +sed -i "s/[(]'FEE_LIMIT_PERCENT'[^)]*[)]/(\'FEE_LIMIT_PERCENT\', \'0.5\')/" settings.sql +sed -i "s/[(]'FUNCTION_LNURLW'[^)]*[)]/(\'FUNCTION_LNURLW\', \'ENABLE\')/" settings.sql +sed -i "s/[(]'FUNCTION_LNURLP'[^)]*[)]/(\'FUNCTION_LNURLP\', \'DISABLE\')/" settings.sql +sed -i "s/[(]'FUNCTION_EMAIL'[^)]*[)]/(\'FUNCTION_EMAIL\', \'DISABLE\')/" settings.sql diff --git a/docs/DOCKER_INSTALL.md b/docs/DOCKER_INSTALL.md new file mode 100644 index 0000000..576705a --- /dev/null +++ b/docs/DOCKER_INSTALL.md @@ -0,0 +1,53 @@ +# Bolt card service installation using Docker + +### install Docker engine and Docker compose + +- [Docker engine download & + install](https://docs.docker.com/engine/install/) + +### Set up the boltcard server +- Run `./docker_init.sh` to set up the initial data +- Put the `tls.cert` file and `admin.macaroon` files in the project root directory + +### https setup + +set up the domain A record to point to the server + +set up the server hosting firewall to allow open access to https (port 443) only + +### database setup + +copy the `.env.example` file to `.env` and change the database password + + +### service bring-up and running +``` +$ sudo groupadd docker +$ sudo usermod -aG docker ${USER} +(log out & in again) +$ docker volume create caddy_data +// add -d option for detached mode +$ docker compose up +``` + +### stop docker +``` +$ docker compose down +``` +To delete the database and reset the docker volume, run `docker compose down --volumes` +*NOTE: caddy_data volume won't be removed even if you run `docker compose down --volumes` because it's an external volume. **Make sure to wipe your programmed cards before wiping the database*** + +### check container logs + +- [Docker Logs](https://docs.docker.com/engine/reference/commandline/logs/) + +``` +$ docker logs [OPTIONS] CONTAINER +``` + +Run `$ docker ps` to list containers and get container names/ids + +#### running create bolt card command +- `docker exec boltcard_main createboltcard/createboltcard` to see options +- `docker exec boltcard_main createboltcard/createboltcard -enable -allow_neg_bal -tx_max=1000 -day_max=10000 -name=card_1` for example +- this will give you a one-time link in text and QR code form diff --git a/s_create_db b/s_create_db index bf7f18c..f5d85f6 100755 --- a/s_create_db +++ b/s_create_db @@ -12,7 +12,9 @@ echo Continue? "(y or n)" read x if [ "$x" = "y" ]; then + psql postgres -f create_db_init.sql psql postgres -f create_db.sql + psql postgres -f create_db_user.sql psql postgres -f settings.sql echo Database created else diff --git a/select_db.sql b/select_db.sql new file mode 100644 index 0000000..340c842 --- /dev/null +++ b/select_db.sql @@ -0,0 +1 @@ +SELECT 'CREATE DATABASE card_db' WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'card_db'); \ No newline at end of file