web/boltcard
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions
boltcard/docs/INSTALL.md
Peter Rounce 8d01474d5f add LNURLp switch
2022-09-19 06:40:24 +00:00

3 KiB
Raw Blame History

Bolt card service installation

hardware & o/s

1 GHz processor, 2 GB RAM, 10GB storage minimum
Ubuntu 20.04 LTS server

login

create and use a user named ubuntu

install Go

Go download & install
$ go version >= 1.18.3

install Postgres

Postgres download & install
$ psql --version >= 12.11

install Caddy

Caddy download & install
$ caddy version >= 2.5.2

download the boltcard repository

$ git clone https://github.com/boltcard/boltcard

get a macaroon and tls.cert from the lightning node

create a macaroon with limited permissions to the lightning node
lncli download & install

$ lncli \                                                    
--rpcserver=lightning-node.io:10009 \
--macaroonpath=admin.macaroon \
--tlscertpath="tls.cert" \
bakemacaroon uri:/routerrpc.Router/SendPaymentV2 > SendPaymentV2.macaroon.hex

$ xxd -r -p SendPaymentV2.macaroon.hex SendPaymentV2.macaroon

setup the boltcard server

edit boltcard.service in the section named boltcard service settings
edit Caddyfile to set the boltcard domain name

database creation

edit create_db.sql to set the cardapp password
$ sudo -u postgres createuser -s ubuntu
$ ./s_create_db

boltcard service install

$ ./s_build
$ sudo systemctl enable boltcard
$ sudo systemctl status boltcard

https setup

set up the domain A record to point to the server
set up the server hosting firewall to allow open access to https (port 443) only

caddy setup for https

$ sudo cp Caddyfile /etc/caddy
$ sudo systemctl stop caddy
$ sudo systemctl start caddy
$ sudo systemctl status caddy
you should see 'certificate obtained successfully' in the service log

service bring-up and testing

service log

the service log should be monitored on a separate console while tests are run
$ journalctl -u boltcard.service -f

local http

$ curl http://127.0.0.1:9000/ln?1
this should respond with 'bad request' and show up in the service log

remote https

navigate to the service URL from a browser, for example https://card.yourdomain.com/ln?2
this should respond with 'bad request' and show up in the service log

bolt card

create a bolt card with the URI pointing to this server
use a PoS setup to read the bolt card, e.g. Breez wallet
monitor the service log to ensure decryption, authentication, payment rules and lightning payment work as expected

production use

ensure that LOG_LEVEL is set to PRODUCTION
ensure that all secrets are minimally available
ensure that you have good operational security practices
monitor the system for unusual activity

Further information and support

bolt card FAQ
bolt card telegram group