Initial commit of LittleShop project (excluding large archives)

- BTCPay Server integration
- TeleBot Telegram bot
- Review system
- Admin area
- Docker deployment configuration

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

Hostinger/MATTERMOST_LOCAL_SETUP.md

@@ -0,0 +1,270 @@
+# MATTERMOST LOCAL API SETUP
+## SSH-based BTCPay Onion Address Retrieval
+
+**Purpose:** Run a local web API on your Mattermost server that executes SSH commands to retrieve BTCPay onion addresses  
+**Method:** Mattermost Slash Command → Local API → SSH to VPS → Return Results  
+**Security:** No external ports exposed on VPS, SSH key authentication only
+
+---
+
+## 🚀 **SETUP ON YOUR MATTERMOST SERVER**
+
+### **Step 1: Install Dependencies**
+```bash
+# On your Mattermost server
+mkdir ~/btcpay-api
+cd ~/btcpay-api
+
+# Copy the local API script
+# (Copy mattermost_local_api.js to this directory)
+
+# Install Node.js if not installed
+curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo bash -
+sudo apt-get install -y nodejs npm
+
+# Install Express
+npm init -y
+npm install express
+```
+
+### **Step 2: Configure SSH Access**
+```bash
+# Copy your VPS SSH key to Mattermost server
+# (Copy vps_hardening_key to your Mattermost server)
+
+# Set correct permissions
+chmod 600 ~/btcpay-api/vps_hardening_key
+
+# Test SSH access to VPS
+ssh -i ~/btcpay-api/vps_hardening_key -p 2255 sysadmin@thebankofdebbie.giize.com "echo 'SSH test successful'"
+```
+
+### **Step 3: Update Configuration**
+```javascript
+// Edit mattermost_local_api.js
+const config = {
+    vps_domain: 'thebankofdebbie.giize.com',
+    vps_port: 2255,
+    vps_user: 'sysadmin',
+    ssh_key_path: '/home/your-user/btcpay-api/vps_hardening_key', // UPDATE THIS
+    mattermost_token: 'dr7gz6xwmt8qjg71wxcqjwqz1r',
+    allowed_users: ['bankofdebbie', 'admin', 'sysadmin'] // ADD YOUR USERS
+};
+```
+
+### **Step 4: Start the Local API**
+```bash
+cd ~/btcpay-api
+node mattermost_local_api.js
+
+# Or run as service
+nohup node mattermost_local_api.js > api.log 2>&1 &
+```
+
+**Expected Output:**
+```
+🚀 Mattermost BTCPay Local API running on localhost:3333
+🎯 Target VPS: thebankofdebbie.giize.com:2255
+🔑 Method: SSH-based command execution
+💡 Endpoints:
+   POST /btcpay - Mattermost slash command handler
+   GET  /test - Test SSH connectivity
+   GET  /health - Health check
+
+🔧 Mattermost Slash Command Setup:
+   Command: /btcpay
+   URL: http://localhost:3333/btcpay
+   Token: dr7gz6xwmt8qjg71wxcqjwqz1r
+   Method: POST
+```
+
+---
+
+## 📱 **MATTERMOST SLASH COMMAND CONFIGURATION**
+
+### **Create Slash Command in Mattermost:**
+
+1. **Go to:** System Console → Integrations → Slash Commands
+2. **Click:** Add Slash Command
+3. **Configure:**
+   - **Title:** BTCPay Server Info
+   - **Command Trigger Word:** `btcpay`
+   - **Request URL:** `http://localhost:3333/btcpay`
+   - **Request Method:** POST
+   - **Response Username:** BTCPay Bot
+   - **Response Icon:** 🧅 (optional)
+   - **Autocomplete:** Yes
+   - **Autocomplete Description:** Get BTCPay Server onion addresses
+
+### **Usage in Mattermost:**
+```
+/btcpay                    - Get onion addresses
+/btcpay onion             - Get onion addresses  
+/btcpay status            - Get full system status
+/btcpay help              - Show available commands
+```
+
+---
+
+## 🧅 **EXAMPLE RESPONSES**
+
+### **`/btcpay` or `/btcpay onion`:**
+```
+## 🧅 BTCPay Tor Onion Addresses
+
+🌐 Domain: https://thebankofdebbie.giize.com
+
+🧅 Tor Hidden Services:
+• BTCPay Server: gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion
+• Bitcoin P2P: p4gve626jjn73ia35ikr7zhnmwknokrzv2eb2gfbqlytlgbckhaeibyd.onion
+
+🔐 Access Methods:
+• Clearnet: https://thebankofdebbie.giize.com
+• Tor Browser: http://gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion
+
+⚡ API Endpoints:
+• REST API: https://thebankofdebbie.giize.com/api
+• Tor API: http://gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion/api
+
+📅 Retrieved: 2025-09-10 17:20:15
+👤 Requested by: bankofdebbie
+```
+
+### **`/btcpay status`:**
+```
+## 📊 BTCPay Server Status Report
+
+🌐 Domain: https://thebankofdebbie.giize.com
+
+🧅 Tor Onion Services:
+• BTCPay: gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion
+• Bitcoin P2P: p4gve626jjn73ia35ikr7zhnmwknokrzv2eb2gfbqlytlgbckhaeibyd.onion
+
+📊 System Health:
+• Containers: 8 containers running
+• Storage: 4.5G used / 394G total
+• Bitcoin: 10000 MiB max storage
+
+🔒 Security: Tor-only Bitcoin, Hardened Debian 13
+📅 Retrieved: 2025-09-10 17:20:15
+👤 Requested by: bankofdebbie
+```
+
+---
+
+## 🔧 **SYSTEMD SERVICE (OPTIONAL)**
+
+### **Create Service File:**
+```bash
+sudo tee /etc/systemd/system/btcpay-api.service << 'EOF'
+[Unit]
+Description=BTCPay Mattermost Local API
+After=network.target
+
+[Service]
+Type=simple
+User=your-username
+WorkingDirectory=/home/your-username/btcpay-api
+ExecStart=/usr/bin/node mattermost_local_api.js
+Restart=always
+RestartSec=10
+Environment=NODE_ENV=production
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+# Enable and start
+sudo systemctl enable btcpay-api
+sudo systemctl start btcpay-api
+sudo systemctl status btcpay-api
+```
+
+---
+
+## 🔍 **TESTING**
+
+### **Test SSH Connectivity:**
+```bash
+curl http://localhost:3333/test
+```
+
+### **Test Health Check:**
+```bash
+curl http://localhost:3333/health
+```
+
+### **Test Mattermost Webhook:**
+```bash
+curl -X POST http://localhost:3333/btcpay \
+  -H "Content-Type: application/json" \
+  -d '{
+    "token": "dr7gz6xwmt8qjg71wxcqjwqz1r",
+    "user_name": "bankofdebbie", 
+    "text": "onion"
+  }'
+```
+
+---
+
+## 🚨 **TROUBLESHOOTING**
+
+### **Common Issues:**
+
+**1. SSH Connection Failed:**
+- Check SSH key path in config
+- Verify SSH key permissions (600)
+- Test manual SSH: `ssh -i path/to/key -p 2255 sysadmin@thebankofdebbie.giize.com`
+
+**2. "Permission Denied" for sudo:**
+- VPS sysadmin user needs passwordless sudo for reading onion files
+- Or modify commands to not use sudo
+
+**3. "Command Timeout":**
+- VPS might be under load
+- Increase timeout in executeSSHCommand function
+
+**4. "Invalid Token":**
+- Check Mattermost slash command token matches config
+
+---
+
+## 🔒 **SECURITY NOTES**
+
+**✅ Secure Design:**
+- API runs on localhost only (127.0.0.1)
+- Uses SSH key authentication to VPS
+- No persistent connections
+- Token-based Mattermost authentication
+- User authorization checks
+
+**📝 Security Checklist:**
+- [ ] SSH key has correct permissions (600)
+- [ ] API runs on localhost only
+- [ ] Authorized users configured in config
+- [ ] VPS SSH key access tested
+- [ ] Mattermost token configured correctly
+
+---
+
+## 📋 **SETUP SUMMARY**
+
+**🏗️ Architecture:**
+```
+Mattermost → Slash Command → Local API (localhost:3333) → SSH → VPS → Return Data
+```
+
+**🔐 Security:**
+- No external VPS ports exposed for webhook
+- SSH key authentication only
+- Localhost API binding
+- Token validation
+- User authorization
+
+**⚡ Usage:**
+- Simple `/btcpay` command in Mattermost
+- Instant onion address retrieval
+- Full system status on demand
+- No persistent connections needed
+
+**🎯 Ready to deploy on your Mattermost server!**