# BTCPay Server Deployment Instructions ## Infrastructure Status - **Target Server**: portainer-01 (10.0.0.51) - **Domain**: https://pay.silverlabs.uk - **HAProxy Router**: VyOS (10.0.0.1) ## Prerequisites 1. Access to portainer-01 server (10.0.0.51) with sysadmin/Phenom12# credentials 2. Access to VyOS router (10.0.0.1) for HAProxy configuration 3. Docker and Docker Compose installed on portainer-01 ## Step 1: Deploy BTCPay Server to Portainer ### Option A: Via Portainer Web UI 1. Access Portainer at https://10.0.0.51:9443 2. Login with admin credentials (may need to reset if infrastructure was reset) 3. Navigate to "Stacks" → "Add Stack" 4. Name: `btcpay-server` 5. Copy the contents of `btcpay-server-compose.yml` into the web editor 6. Upload the environment file `btcpay.env` or add environment variables manually 7. Deploy the stack ### Option B: Via SSH/Command Line (if SSH access is available) ```bash # Copy deployment files to server scp btcpay-server-compose.yml sysadmin@10.0.0.51:/tmp/ scp btcpay.env sysadmin@10.0.0.51:/tmp/ # SSH to server ssh sysadmin@10.0.0.51 # Create deployment directory sudo mkdir -p /opt/btcpay sudo cp /tmp/btcpay-server-compose.yml /opt/btcpay/docker-compose.yml sudo cp /tmp/btcpay.env /opt/btcpay/.env # Deploy BTCPay Server cd /opt/btcpay sudo docker-compose up -d ``` ### Option C: Via Docker API (if accessible) ```bash # Copy files and use docker-compose remotely export DOCKER_HOST=tcp://10.0.0.51:2376 docker-compose -f btcpay-server-compose.yml --env-file btcpay.env up -d ``` ## Step 2: Configure HAProxy on VyOS Router SSH to VyOS router (10.0.0.1) and configure routing: ```bash ssh sysadmin@10.0.0.1 # Enter configuration mode configure # Configure backend for BTCPay Server set load-balancing reverse-proxy service btcpay-backend backend btcpay-server address 10.0.0.51 set load-balancing reverse-proxy service btcpay-backend backend btcpay-server port 49392 set load-balancing reverse-proxy service btcpay-backend backend btcpay-server check # Configure frontend rule for pay.silverlabs.uk set load-balancing reverse-proxy service btcpay-frontend bind 0.0.0.0 port 443 set load-balancing reverse-proxy service btcpay-frontend rule pay-silverlabs domain-name pay.silverlabs.uk set load-balancing reverse-proxy service btcpay-frontend rule pay-silverlabs set backend btcpay-backend set load-balancing reverse-proxy service btcpay-frontend ssl certificate selfsigned # Also configure HTTP redirect to HTTPS set load-balancing reverse-proxy service btcpay-frontend-http bind 0.0.0.0 port 80 set load-balancing reverse-proxy service btcpay-frontend-http rule pay-silverlabs-redirect domain-name pay.silverlabs.uk set load-balancing reverse-proxy service btcpay-frontend-http rule pay-silverlabs-redirect redirect location https://pay.silverlabs.uk # Commit and save commit save ``` ## Step 3: Verify Deployment 1. **Check container status**: ```bash ssh sysadmin@10.0.0.51 sudo docker ps | grep btcpay ``` 2. **Check logs**: ```bash sudo docker logs btcpayserver sudo docker logs btcpay-postgres sudo docker logs btcpay-nbxplorer ``` 3. **Test local access**: ```bash curl -k http://10.0.0.51:49392/api/v1/health ``` 4. **Test domain access**: ```bash curl -k https://pay.silverlabs.uk/api/v1/health ``` ## Step 4: Complete BTCPay Server Setup 1. Access https://pay.silverlabs.uk 2. Create admin account (suggest using jamie@silverlabs.uk as before) 3. Complete initial setup wizard: - Set up Bitcoin wallet (hot wallet for development) - Configure store settings - Generate API keys for LittleShop integration 4. Configure webhooks pointing to LittleShop instance ## Step 5: Update LittleShop Configuration Update LittleShop's `appsettings.json`: ```json { "BTCPayServer": { "BaseUrl": "https://pay.silverlabs.uk", "ApiKey": "GENERATED_API_KEY_FROM_BTCPAY", "StoreId": "STORE_ID_FROM_BTCPAY", "WebhookSecret": "WEBHOOK_SECRET_FROM_BTCPAY" } } ``` ## Troubleshooting ### If Portainer access is needed: - Reset Portainer admin password via Docker: ```bash sudo docker exec -it portainer /portainer --admin-password='$2y$10$HASH_OF_NEW_PASSWORD' ``` ### If deployment fails: - Check Docker logs: `sudo docker logs btcpayserver` - Verify network connectivity between containers - Check if ports are already in use: `sudo netstat -tulpn | grep 49392` ### If domain routing doesn't work: - Verify HAProxy configuration: `show configuration` in VyOS - Check if SSL certificate is valid - Test direct IP access first: http://10.0.0.51:49392 ## Security Considerations - Change all default passwords in btcpay.env - Use proper SSL certificates (Let's Encrypt recommended) - Ensure Bitcoin node is properly secured - Monitor logs for any suspicious activity - Regular backups of BTCPay data and Bitcoin blockchain data ## Post-Deployment After successful deployment: 1. Test payment flow end-to-end 2. Configure additional cryptocurrencies if needed 3. Set up monitoring and alerting 4. Schedule regular backups 5. Update DNS records if necessary ## Container Services Overview | Service | Port | Purpose | |---------|------|---------| | btcpayserver | 49392 | Main BTCPay Server application | | postgres | 5432 | Database for BTCPay data | | nbxplorer | 32838 | Bitcoin blockchain explorer | | bitcoind | 8332/8333 | Bitcoin node (RPC/P2P) | | tor | 9050 | Tor proxy for privacy | All services are connected via Docker network `btcpaynetwork`.