SilverLABS/littleshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6cd8e7255d
littleshop/Hostinger/MATTERMOST_LOCAL_SETUP.md
SysAdmin e1b377a042 Initial commit of LittleShop project (excluding large archives) 
- BTCPay Server integration
- TeleBot Telegram bot
- Review system
- Admin area
- Docker deployment configuration

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-17 15:07:38 +01:00

6.6 KiB
Raw Blame History

MATTERMOST LOCAL API SETUP

SSH-based BTCPay Onion Address Retrieval

Purpose: Run a local web API on your Mattermost server that executes SSH commands to retrieve BTCPay onion addresses
Method: Mattermost Slash Command → Local API → SSH to VPS → Return Results
Security: No external ports exposed on VPS, SSH key authentication only

🚀 SETUP ON YOUR MATTERMOST SERVER

Step 1: Install Dependencies

# On your Mattermost server
mkdir ~/btcpay-api
cd ~/btcpay-api

# Copy the local API script
# (Copy mattermost_local_api.js to this directory)

# Install Node.js if not installed
curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo bash -
sudo apt-get install -y nodejs npm

# Install Express
npm init -y
npm install express

Step 2: Configure SSH Access

# Copy your VPS SSH key to Mattermost server
# (Copy vps_hardening_key to your Mattermost server)

# Set correct permissions
chmod 600 ~/btcpay-api/vps_hardening_key

# Test SSH access to VPS
ssh -i ~/btcpay-api/vps_hardening_key -p 2255 sysadmin@thebankofdebbie.giize.com "echo 'SSH test successful'"

Step 3: Update Configuration

// Edit mattermost_local_api.js
const config = {
    vps_domain: 'thebankofdebbie.giize.com',
    vps_port: 2255,
    vps_user: 'sysadmin',
    ssh_key_path: '/home/your-user/btcpay-api/vps_hardening_key', // UPDATE THIS
    mattermost_token: 'dr7gz6xwmt8qjg71wxcqjwqz1r',
    allowed_users: ['bankofdebbie', 'admin', 'sysadmin'] // ADD YOUR USERS
};

Step 4: Start the Local API

cd ~/btcpay-api
node mattermost_local_api.js

# Or run as service
nohup node mattermost_local_api.js > api.log 2>&1 &

Expected Output:

🚀 Mattermost BTCPay Local API running on localhost:3333
🎯 Target VPS: thebankofdebbie.giize.com:2255
🔑 Method: SSH-based command execution
💡 Endpoints:
   POST /btcpay - Mattermost slash command handler
   GET  /test - Test SSH connectivity
   GET  /health - Health check

🔧 Mattermost Slash Command Setup:
   Command: /btcpay
   URL: http://localhost:3333/btcpay
   Token: dr7gz6xwmt8qjg71wxcqjwqz1r
   Method: POST

📱 MATTERMOST SLASH COMMAND CONFIGURATION

Create Slash Command in Mattermost:

  1. Go to: System Console → Integrations → Slash Commands
  2. Click: Add Slash Command
  3. Configure:
    • Title: BTCPay Server Info
    • Command Trigger Word: btcpay
    • Request URL: http://localhost:3333/btcpay
    • Request Method: POST
    • Response Username: BTCPay Bot
    • Response Icon: 🧅 (optional)
    • Autocomplete: Yes
    • Autocomplete Description: Get BTCPay Server onion addresses

Usage in Mattermost:

/btcpay                    - Get onion addresses
/btcpay onion             - Get onion addresses  
/btcpay status            - Get full system status
/btcpay help              - Show available commands

🧅 EXAMPLE RESPONSES

/btcpay or /btcpay onion:

## 🧅 BTCPay Tor Onion Addresses

🌐 Domain: https://thebankofdebbie.giize.com

🧅 Tor Hidden Services:
• BTCPay Server: gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion
• Bitcoin P2P: p4gve626jjn73ia35ikr7zhnmwknokrzv2eb2gfbqlytlgbckhaeibyd.onion

🔐 Access Methods:
• Clearnet: https://thebankofdebbie.giize.com
• Tor Browser: http://gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion

⚡ API Endpoints:
• REST API: https://thebankofdebbie.giize.com/api
• Tor API: http://gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion/api

📅 Retrieved: 2025-09-10 17:20:15
👤 Requested by: bankofdebbie

/btcpay status:

## 📊 BTCPay Server Status Report

🌐 Domain: https://thebankofdebbie.giize.com

🧅 Tor Onion Services:
• BTCPay: gs76yqhlb4oysidnnswfoigxtwz3kmlmz4ekp2r6knmerpvsjdtbpxyd.onion
• Bitcoin P2P: p4gve626jjn73ia35ikr7zhnmwknokrzv2eb2gfbqlytlgbckhaeibyd.onion

📊 System Health:
• Containers: 8 containers running
• Storage: 4.5G used / 394G total
• Bitcoin: 10000 MiB max storage

🔒 Security: Tor-only Bitcoin, Hardened Debian 13
📅 Retrieved: 2025-09-10 17:20:15
👤 Requested by: bankofdebbie

🔧 SYSTEMD SERVICE (OPTIONAL)

Create Service File:

sudo tee /etc/systemd/system/btcpay-api.service << 'EOF'
[Unit]
Description=BTCPay Mattermost Local API
After=network.target

[Service]
Type=simple
User=your-username
WorkingDirectory=/home/your-username/btcpay-api
ExecStart=/usr/bin/node mattermost_local_api.js
Restart=always
RestartSec=10
Environment=NODE_ENV=production

[Install]
WantedBy=multi-user.target
EOF

# Enable and start
sudo systemctl enable btcpay-api
sudo systemctl start btcpay-api
sudo systemctl status btcpay-api

🔍 TESTING

Test SSH Connectivity:

curl http://localhost:3333/test

Test Health Check:

curl http://localhost:3333/health

Test Mattermost Webhook:

curl -X POST http://localhost:3333/btcpay \
  -H "Content-Type: application/json" \
  -d '{
    "token": "dr7gz6xwmt8qjg71wxcqjwqz1r",
    "user_name": "bankofdebbie", 
    "text": "onion"
  }'

🚨 TROUBLESHOOTING

Common Issues:

1. SSH Connection Failed:

  • Check SSH key path in config
  • Verify SSH key permissions (600)
  • Test manual SSH: ssh -i path/to/key -p 2255 sysadmin@thebankofdebbie.giize.com

2. "Permission Denied" for sudo:

  • VPS sysadmin user needs passwordless sudo for reading onion files
  • Or modify commands to not use sudo

3. "Command Timeout":

  • VPS might be under load
  • Increase timeout in executeSSHCommand function

4. "Invalid Token":

  • Check Mattermost slash command token matches config

🔒 SECURITY NOTES

Secure Design:

  • API runs on localhost only (127.0.0.1)
  • Uses SSH key authentication to VPS
  • No persistent connections
  • Token-based Mattermost authentication
  • User authorization checks

📝 Security Checklist:

  • SSH key has correct permissions (600)
  • API runs on localhost only
  • Authorized users configured in config
  • VPS SSH key access tested
  • Mattermost token configured correctly

📋 SETUP SUMMARY

🏗️ Architecture:

Mattermost → Slash Command → Local API (localhost:3333) → SSH → VPS → Return Data

🔐 Security:

  • No external VPS ports exposed for webhook
  • SSH key authentication only
  • Localhost API binding
  • Token validation
  • User authorization

Usage:

  • Simple /btcpay command in Mattermost
  • Instant onion address retrieval
  • Full system status on demand
  • No persistent connections needed

🎯 Ready to deploy on your Mattermost server!