SilverLABS/littleshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
261c3e0580
littleshop/Hostinger/MATTERMOST_LOCAL_SETUP.md
SysAdmin e1b377a042 Initial commit of LittleShop project (excluding large archives) 
- BTCPay Server integration
- TeleBot Telegram bot
- Review system
- Admin area
- Docker deployment configuration

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-17 15:07:38 +01:00

270 lines
6.6 KiB
Markdown
Raw Blame History

# MATTERMOST LOCAL API SETUP
## SSH-based BTCPay Onion Address Retrieval
**Purpose:** Run a local web API on your Mattermost server that executes SSH commands to retrieve BTCPay onion addresses
**Method:** Mattermost Slash Command → Local API → SSH to VPS → Return Results
**Security:** No external ports exposed on VPS, SSH key authentication only
---
## 🚀 **SETUP ON YOUR MATTERMOST SERVER**
### **Step 1: Install Dependencies**
```bash
# On your Mattermost server
mkdir ~/btcpay-api
cd ~/btcpay-api
# Copy the local API script
# (Copy mattermost_local_api.js to this directory)
# Install Node.js if not installed
curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo bash -
sudo apt-get install -y nodejs npm
# Install Express
npm init -y
npm install express
```
### **Step 2: Configure SSH Access**
```bash
# Copy your VPS SSH key to Mattermost server
# (Copy vps_hardening_key to your Mattermost server)
# Set correct permissions
chmod 600 ~/btcpay-api/vps_hardening_key
# Test SSH access to VPS
ssh -i ~/btcpay-api/vps_hardening_key -p 2255 sysadmin@thebankofdebbie.giize.com "echo 'SSH test successful'"
```
### **Step 3: Update Configuration**
```javascript
// Edit mattermost_local_api.js
const config = {
vps_domain: 'thebankofdebbie.giize.com',
vps_port: 2255,
vps_user: 'sysadmin',
ssh_key_path: '/home/your-user/btcpay-api/vps_hardening_key', // UPDATE THIS
mattermost_token: 'dr7gz6xwmt8qjg71wxcqjwqz1r',
allowed_users: ['bankofdebbie', 'admin', 'sysadmin'] // ADD YOUR USERS
};
```
### **Step 4: Start the Local API**
```bash
cd ~/btcpay-api
node mattermost_local_api.js
# Or run as service
nohup node mattermost_local_api.js > api.log 2>&1 &
```
**Expected Output:**
```
🚀 Mattermost BTCPay Local API running on localhost:3333
🎯 Target VPS: thebankofdebbie.giize.com:2255
🔑 Method: SSH-based command execution
💡 Endpoints:
POST /btcpay - Mattermost slash command handler
GET /test - Test SSH connectivity
GET /health - Health check
🔧 Mattermost Slash Command Setup:
Command: /btcpay
URL: http://localhost:3333/btcpay
Token: dr7gz6xwmt8qjg71wxcqjwqz1r
Method: POST
```
---
## 📱 **MATTERMOST SLASH COMMAND CONFIGURATION**
### **Create Slash Command in Mattermost:**
1. **Go to:** System Console → Integrations → Slash Commands
2. **Click:** Add Slash Command
3. **Configure:**
- **Title:** BTCPay Server Info
- **Command Trigger Word:** `btcpay`
- **Request URL:** `http://localhost:3333/btcpay`
- **Request Method:** POST
- **Response Username:** BTCPay Bot
- **Response Icon:** 🧅 (optional)
- **Autocomplete:** Yes
- **Autocomplete Description:** Get BTCPay Server onion addresses
### **Usage in Mattermost:**
```
/btcpay - Get onion addresses
/btcpay onion - Get onion addresses
/btcpay status - Get full system status
/btcpay help - Show available commands
```
---
## 🧅 **EXAMPLE RESPONSES**
### **`/btcpay` or `/btcpay onion`:**
```
## 🧅 BTCPay Tor Onion Addresses
🌐 Domain: https://thebankofdebbie.giize.com
🧅 Tor Hidden Services:
• BTCPay Server: gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion
• Bitcoin P2P: p4gve626jjn73ia35ikr7zhnmwknokrzv2eb2gfbqlytlgbckhaeibyd.onion
🔐 Access Methods:
• Clearnet: https://thebankofdebbie.giize.com
• Tor Browser: http://gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion
⚡ API Endpoints:
• REST API: https://thebankofdebbie.giize.com/api
• Tor API: http://gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion/api
📅 Retrieved: 2025-09-10 17:20:15
👤 Requested by: bankofdebbie
```
### **`/btcpay status`:**
```
## 📊 BTCPay Server Status Report
🌐 Domain: https://thebankofdebbie.giize.com
🧅 Tor Onion Services:
• BTCPay: gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion
• Bitcoin P2P: p4gve626jjn73ia35ikr7zhnmwknokrzv2eb2gfbqlytlgbckhaeibyd.onion
📊 System Health:
• Containers: 8 containers running
• Storage: 4.5G used / 394G total
• Bitcoin: 10000 MiB max storage
🔒 Security: Tor-only Bitcoin, Hardened Debian 13
📅 Retrieved: 2025-09-10 17:20:15
👤 Requested by: bankofdebbie
```
---
## 🔧 **SYSTEMD SERVICE (OPTIONAL)**
### **Create Service File:**
```bash
sudo tee /etc/systemd/system/btcpay-api.service << 'EOF'
[Unit]
Description=BTCPay Mattermost Local API
After=network.target
[Service]
Type=simple
User=your-username
WorkingDirectory=/home/your-username/btcpay-api
ExecStart=/usr/bin/node mattermost_local_api.js
Restart=always
RestartSec=10
Environment=NODE_ENV=production
[Install]
WantedBy=multi-user.target
EOF
# Enable and start
sudo systemctl enable btcpay-api
sudo systemctl start btcpay-api
sudo systemctl status btcpay-api
```
---
## 🔍 **TESTING**
### **Test SSH Connectivity:**
```bash
curl http://localhost:3333/test
```
### **Test Health Check:**
```bash
curl http://localhost:3333/health
```
### **Test Mattermost Webhook:**
```bash
curl -X POST http://localhost:3333/btcpay \
-H "Content-Type: application/json" \
-d '{
"token": "dr7gz6xwmt8qjg71wxcqjwqz1r",
"user_name": "bankofdebbie",
"text": "onion"
}'
```
---
## 🚨 **TROUBLESHOOTING**
### **Common Issues:**
**1. SSH Connection Failed:**
- Check SSH key path in config
- Verify SSH key permissions (600)
- Test manual SSH: `ssh -i path/to/key -p 2255 sysadmin@thebankofdebbie.giize.com`
**2. "Permission Denied" for sudo:**
- VPS sysadmin user needs passwordless sudo for reading onion files
- Or modify commands to not use sudo
**3. "Command Timeout":**
- VPS might be under load
- Increase timeout in executeSSHCommand function
**4. "Invalid Token":**
- Check Mattermost slash command token matches config
---
## 🔒 **SECURITY NOTES**
**✅ Secure Design:**
- API runs on localhost only (127.0.0.1)
- Uses SSH key authentication to VPS
- No persistent connections
- Token-based Mattermost authentication
- User authorization checks
**📝 Security Checklist:**
- [ ] SSH key has correct permissions (600)
- [ ] API runs on localhost only
- [ ] Authorized users configured in config
- [ ] VPS SSH key access tested
- [ ] Mattermost token configured correctly
---
## 📋 **SETUP SUMMARY**
**🏗️ Architecture:**
```
Mattermost → Slash Command → Local API (localhost:3333) → SSH → VPS → Return Data
```
**🔐 Security:**
- No external VPS ports exposed for webhook
- SSH key authentication only
- Localhost API binding
- Token validation
- User authorization
**⚡ Usage:**
- Simple `/btcpay` command in Mattermost
- Instant onion address retrieval
- Full system status on demand
- No persistent connections needed
**🎯 Ready to deploy on your Mattermost server!**
Reference in New Issue View Git Blame Copy Permalink