================================================================================ BTCPAY SERVER WITH TOR INTEGRATION SETUP ================================================================================ Setup Completed: September 10, 2025 Status: FULLY OPERATIONAL WITH TOR HIDDEN SERVICES ✅ ================================================================================ TOR ONION ADDRESSES ================================================================================ 🧅 BTCPAY SERVER ONION ADDRESS: njoc2ubkk7ymgqfg6plt3wcltvcvuv3j4eemixnovicegrlwhq2zwfad.onion 🔗 BITCOIN P2P ONION ADDRESS: s7n55wptvooma4gqsbdo5vn6v6nphjffqsmlufoa3fzqhwkqgeasslad.onion ⚠️ IMPORTANT: Keep these addresses private and secure! ================================================================================ ACCESS METHODS ================================================================================ 🌐 CLEARNET ACCESS (Standard Web): https://srv1002428.hstgr.cloud - Full BTCPay functionality - SSL/TLS encrypted - Public internet accessible 🧅 TOR ONION ACCESS (Maximum Privacy): http://njoc2ubkk7ymgqfg6plt3wcltvcvuv3j4eemixnovicegrlwhq2zwfad.onion - Requires Tor Browser - Complete anonymity for customers - No exit node exposure 🔐 SSH TUNNEL ACCESS (Admin Security): ssh -i vps_hardening_key -p 2255 -L 8080:localhost:80 ubuntu@srv1002428.hstgr.cloud Then browse to: http://localhost:8080 ================================================================================ BITCOIN NODE CONFIGURATION ================================================================================ ⚙️ BITCOIN CORE SETTINGS: Mode: PRUNED (50GB blockchain storage) Network: Tor-Only (onlynet=onion) Connections: Up to 16 onion peers Proxy: tor:9050 (internal Docker network) P2P Service: s7n55wptvooma4gqsbdo5vn6v6nphjffqsmlufoa3fzqhwkqgeasslad.onion 📊 SYNC STATUS: Initial sync: In progress (headers downloading over Tor) Expected time: 12-24 hours for full sync Storage usage: ~50GB maximum (pruned) 🔒 PRIVACY FEATURES: ✅ All Bitcoin P2P traffic via Tor ✅ No clearnet Bitcoin connections ✅ Automatic onion peer discovery ✅ Hidden service for incoming connections ================================================================================ DOCKER SERVICES RUNNING ================================================================================ 🐳 BTCPAY CORE SERVICES: ✅ btcpayserver_bitcoind - Bitcoin Core (pruned + Tor) ✅ generated_btcpayserver_1 - BTCPay Server application ✅ generated_nbxplorer_1 - Blockchain explorer ✅ generated_postgres_1 - PostgreSQL database ✅ nginx - Reverse proxy with SSL ✅ tor - Tor daemon for onion services ✅ tor-gen - Tor configuration generator 🔐 TOR SERVICES: ✅ Hidden service for BTCPay web interface ✅ Hidden service for Bitcoin P2P network ✅ Automatic onion address generation ✅ Traffic routing through Tor network ================================================================================ LIGHTNING NETWORK ================================================================================ ⚡ LIGHTNING STATUS: Currently: NOT ENABLED (can be added later) To enable Lightning Network with Tor: 1. Run: sudo /opt/btcpayserver-docker/btcpay-setup.sh 2. Set BTCPAYGEN_LIGHTNING=lnd (or clightning) 3. Lightning will automatically get Tor hidden service ⚡ LIGHTNING OVER TOR FEATURES: - Hidden service for Lightning node - Tor-only channel connections - Invoice generation over onion network - Complete payment privacy ================================================================================ SECURITY CONFIGURATION ================================================================================ 🔒 NETWORK SECURITY: ✅ UFW Firewall active with BTCPay rules ✅ SSH on port 2255 (key authentication) ✅ Fail2Ban monitoring SSH and web access ✅ Dokploy admin panel blocked externally ✅ Tor traffic allowed for local connections 🛡️ TOR SECURITY: ✅ Bitcoin node: Tor-only (no clearnet connections) ✅ BTCPay Server: Accessible via both clearnet and onion ✅ Hidden services properly configured ✅ No DNS leaks (Bitcoin uses onlynet=onion) ⚠️ SECURITY NOTES: - Tor provides privacy, not perfect anonymity - BTCPay plugins may have clearnet dependencies - Regular security updates still required - Monitor logs for any clearnet leaks ================================================================================ STORAGE & PERFORMANCE ================================================================================ 💾 CURRENT STORAGE USAGE: Total Space: 387GB SSD BTCPay Services: ~5GB Bitcoin Blockchain: ~50GB (pruned, growing) Docker Images: ~3GB Available: ~329GB remaining 📈 PERFORMANCE EXPECTATIONS: Bitcoin Sync: Slower over Tor (12-24 hours) Transaction Processing: Normal speed Web Interface: Slight Tor overhead for onion access API Calls: Standard response times 🔄 MAINTENANCE: Bitcoin pruning: Automatic (keeps last 50GB) Log rotation: Configured in Docker daemon Backup schedule: Manual (set up as needed) ================================================================================ BACKUP PROCEDURES ================================================================================ 💾 CRITICAL DATA TO BACKUP: 1. BTCPay Database: /var/lib/docker/volumes/generated_postgres_* 2. Bitcoin Wallet: /var/lib/docker/volumes/generated_bitcoin_* 3. Tor Keys: /var/lib/docker/volumes/generated_tor_* 4. Configuration: /opt/.env and /opt/btcpayserver-docker/ 🔄 BACKUP COMMANDS: # Create backup archive sudo tar -czf btcpay-backup-$(date +%Y%m%d).tar.gz \ /var/lib/docker/volumes/generated_* \ /opt/.env \ /opt/btcpayserver-docker/docker-compose.generated.yml # Restore from backup sudo systemctl stop btcpayserver sudo tar -xzf btcpay-backup-YYYYMMDD.tar.gz -C / sudo systemctl start btcpayserver ================================================================================ MONITORING COMMANDS ================================================================================ 🔍 SYSTEM HEALTH: # Bitcoin sync status sudo docker exec btcpayserver_bitcoind bitcoin-cli getblockchaininfo # BTCPay services status sudo docker ps | grep -E "(btcpay|bitcoin|tor)" # Tor connectivity sudo docker exec tor ps aux | grep tor # Storage usage df -h / 🔧 MAINTENANCE COMMANDS: # Restart all BTCPay services sudo btcpay-restart.sh # Check Bitcoin logs sudo docker logs btcpayserver_bitcoind --tail 50 # Check BTCPay logs sudo docker logs generated_btcpayserver_1 --tail 50 # Update BTCPay to latest version sudo btcpay-update.sh ================================================================================ INTEGRATION WITH LITTLESHOP ================================================================================ 🔗 API INTEGRATION: Clearnet API: https://srv1002428.hstgr.cloud/api Onion API: http://njoc2ubkk7ymgqfg6plt3wcltvcvuv3j4eemixnovicegrlwhq2zwfad.onion/api For maximum privacy, use onion API endpoint in LittleShop configuration. 💳 PAYMENT PROCESSING: ✅ Bitcoin payments (on-chain) ✅ Invoice generation ✅ Webhook notifications ✅ Payment verification ⚡ Lightning payments (when enabled) 🔐 WEBHOOK CONFIGURATION: For Tor privacy, configure webhooks to use onion address: http://njoc2ubkk7ymgqfg6plt3wcltvcvuv3j4eemixnovicegrlwhq2zwfad.onion/webhook ================================================================================ TROUBLESHOOTING ================================================================================ 🚨 COMMON ISSUES: 1. Bitcoin Sync Slow: - Normal over Tor network - Check: docker logs btcpayserver_bitcoind - Solution: Wait 12-24 hours for initial sync 2. Onion Service Not Accessible: - Check Tor container: docker ps | grep tor - Restart if needed: docker restart tor - Verify address: cat /var/lib/docker/volumes/generated_tor_servicesdir/_data/BTCPayServer/hostname 3. BTCPay Web Interface Not Loading: - Check nginx: docker logs nginx - Restart services: btcpay-restart.sh - Check SSL certificate: curl -I https://srv1002428.hstgr.cloud 4. Storage Issues: - Monitor with: df -h / - Bitcoin pruning should keep usage ~50GB - Clean old Docker images: btcpay-clean.sh 🔧 RECOVERY PROCEDURES: If BTCPay becomes unresponsive: 1. sudo btcpay-restart.sh 2. Check logs for errors 3. If needed: sudo btcpay-down.sh && sudo btcpay-up.sh 4. Last resort: Restore from backup ================================================================================ NEXT STEPS ================================================================================ 🎯 IMMEDIATE ACTIONS: 1. Wait for Bitcoin initial sync to complete (~24 hours) 2. Access BTCPay via Tor Browser using onion address 3. Create BTCPay admin account during setup wizard 4. Test payment processing with small amount ⚡ OPTIONAL ENHANCEMENTS: 1. Enable Lightning Network for instant payments 2. Set up automated backups 3. Configure email notifications 4. Add additional cryptocurrencies (Monero, Litecoin) 🔗 LITTLESHOP INTEGRATION: 1. Update LittleShop config to use BTCPay API 2. Test order creation and payment flow 3. Configure webhook endpoints 4. Enable Tor routing for maximum customer privacy ================================================================================ SUPPORT & RESOURCES ================================================================================ 📚 DOCUMENTATION: BTCPay Server Docs: https://docs.btcpayserver.org/ Tor Project: https://www.torproject.org/ Bitcoin Core: https://bitcoincore.org/ 🛠️ USEFUL COMMANDS REFERENCE: btcpay-setup.sh - Reconfigure BTCPay Server btcpay-restart.sh - Restart all services btcpay-update.sh - Update to latest version btcpay-clean.sh - Remove old Docker images bitcoin-cli.sh - Bitcoin Core CLI commands 🔐 SECURITY RESOURCES: Check for updates: sudo apt list --upgradable UFW status: sudo ufw status Fail2Ban status: sudo fail2ban-client status ================================================================================ END OF BTCPAY TOR SETUP ================================================================================