# Deploy BTCPay API to SilverLABS Infrastructure ## Target Server: PORTAINER-02 (10.0.0.52) **Location:** Same server as Mattermost (ops.silverlabs.uk) ## Files to Deploy 1. **mattermost_local_api.js** - Main API server 2. **vps_hardening_key** - SSH key for VPS access 3. **package.json** - Node.js dependencies ## Deployment Steps ### 1. Access PORTAINER-02 Server ```bash # SSH to PORTAINER-02 ssh sysadmin@10.0.0.52 # Password: Phenom12#. ``` ### 2. Create Directory Structure ```bash # Create API directory mkdir -p /home/sysadmin/btcpay-api cd /home/sysadmin/btcpay-api # Create SSH keys directory mkdir -p ~/.ssh ``` ### 3. Copy Files (Manual Transfer) Copy these files to `/home/sysadmin/btcpay-api/`: **mattermost_local_api.js** (already configured with correct SSH key path) **vps_hardening_key** (SSH key for thebankofdebbie.giize.com) ### 4. Set Up SSH Key ```bash # Copy SSH key to proper location cp /home/sysadmin/btcpay-api/vps_hardening_key ~/.ssh/ chmod 600 ~/.ssh/vps_hardening_key # Test SSH connectivity to BTCPay VPS ssh -i ~/.ssh/vps_hardening_key -p 2255 -o ConnectTimeout=10 sysadmin@thebankofdebbie.giize.com "echo 'SSH test successful'" ``` ### 5. Install Node.js Dependencies ```bash cd /home/sysadmin/btcpay-api # Install Node.js if not present curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash - sudo apt-get install -y nodejs # Install required packages npm install express # Create package.json for future dependencies cat > package.json << 'EOF' { "name": "btcpay-api", "version": "1.0.0", "description": "Mattermost BTCPay SSH API Server", "main": "mattermost_local_api.js", "dependencies": { "express": "^4.18.0" }, "scripts": { "start": "node mattermost_local_api.js", "dev": "node mattermost_local_api.js" } } EOF ``` ### 6. Update Configuration Edit `mattermost_local_api.js` and verify these settings: ```javascript const config = { vps_domain: 'thebankofdebbie.giize.com', vps_port: 2255, vps_user: 'sysadmin', ssh_key_path: '/home/sysadmin/.ssh/vps_hardening_key', // ✅ Correct path mattermost_token: '7grgg4r7sjf4dx9qxa7wuybmnh', // ✅ Already configured allowed_users: ['bankofdebbie', 'admin', 'sysadmin'] }; ``` ### 7. Test the API Server ```bash cd /home/sysadmin/btcpay-api # Start the server (test mode) node mattermost_local_api.js # Should see: # 🚀 Mattermost BTCPay Local API running on localhost:3333 # 🎯 Target VPS: thebankofdebbie.giize.com:2255 ``` ### 8. Set Up as Service (Production) ```bash # Create systemd service sudo tee /etc/systemd/system/btcpay-api.service << 'EOF' [Unit] Description=BTCPay Mattermost API Server After=network.target [Service] Type=simple User=sysadmin WorkingDirectory=/home/sysadmin/btcpay-api ExecStart=/usr/bin/node mattermost_local_api.js Restart=always RestartSec=10 Environment=NODE_ENV=production [Install] WantedBy=multi-user.target EOF # Enable and start service sudo systemctl daemon-reload sudo systemctl enable btcpay-api sudo systemctl start btcpay-api # Check status sudo systemctl status btcpay-api ``` ### 9. Test Slash Command In Mattermost, try: - `/btcpay help` - `/btcpay` (get onion addresses) - `/btcpay status` (full system status) ## Troubleshooting ### If SSH fails: ```bash # Check SSH key permissions ls -la ~/.ssh/vps_hardening_key # Should be 600 # Test SSH manually ssh -i ~/.ssh/vps_hardening_key -p 2255 sysadmin@thebankofdebbie.giize.com "echo test" ``` ### If API server fails: ```bash # Check logs journalctl -u btcpay-api -f # Check if port 3333 is available sudo netstat -tlnp | grep 3333 ``` ### If Mattermost can't connect: 1. Verify AllowedUntrustedInternalConnections includes `localhost:3333` 2. Check that API server is running: `curl http://localhost:3333/health` ## Security Notes - API server only listens on localhost:3333 (not accessible externally) - SSH key has 600 permissions (owner read/write only) - Only authorized Mattermost users can execute commands - All VPS communication uses SSH key authentication on port 2255 ## File Locations After Deployment - API Server: `/home/sysadmin/btcpay-api/mattermost_local_api.js` - SSH Key: `/home/sysadmin/.ssh/vps_hardening_key` - Service: `/etc/systemd/system/btcpay-api.service` - Logs: `journalctl -u btcpay-api` ## Current Configuration - **Mattermost URL**: http://localhost:3333/btcpay - **Token**: 7grgg4r7sjf4dx9qxa7wuybmnh - **VPS Target**: thebankofdebbie.giize.com:2255 - **SSH User**: sysadmin - **Allowed Users**: bankofdebbie, admin, sysadmin