SysAdmin
e1b377a042
- BTCPay Server integration - TeleBot Telegram bot - Review system - Admin area - Docker deployment configuration 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
4.0 KiB
4.0 KiB
BTCPay Server with Nginx Proxy Manager - Final Configuration
Date: September 16, 2025
✅ Successfully Migrated from BTCPay nginx to NPM
Current Architecture
Internet → NPM (80/443) → BTCPay (49392)
↓
SSL Termination
Server Access
- SSH:
ssh -p 2255 -i vps_hardening_key sysadmin@thebankofdebbie.giize.com - Password: Phenom12#. (note the period)
- Sudo: Same password
Service URLs
- BTCPay Direct: http://thebankofdebbie.giize.com:8080
- NPM Admin: http://thebankofdebbie.giize.com:81
- BTCPay via NPM: https://thebankofdebbie.giize.com (after proxy configuration)
NPM Configuration Required
1. Access NPM Admin Panel
- URL: http://thebankofdebbie.giize.com:81
- Default Login: admin@example.com / changeme
- CHANGE PASSWORD IMMEDIATELY
2. Create Proxy Host
Navigate to Proxy Hosts → Add Proxy Host
Details Tab:
- Domain Names: thebankofdebbie.giize.com
- Scheme: http
- Forward IP: 172.20.0.4
- Forward Port: 49392
- Cache Assets: OFF
- Block Common Exploits: ON
- Websockets Support: ON ✅ (Critical for BTCPay)
SSL Tab:
- SSL Certificate: Request Let's Encrypt
- Force SSL: ON
- HTTP/2 Support: ON
- HSTS Enabled: ON
- Email: admin@thebankofdebbie.giize.com
Advanced Tab (if needed):
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 100M;
Docker Container Status
# Check all services
sudo docker ps
# Current containers:
- nginx-proxy-manager (ports 80,443,81)
- generated_btcpayserver_1 (port 8080→49392)
- generated_nbxplorer_1 (blockchain explorer)
- generated_postgres_1 (database)
- tor (privacy network)
- portainer (management)
BTCPay Environment Configuration
# /opt/.env
BTCPAY_HOST=thebankofdebbie.giize.com
BTCPAY_CRYPTOS=btc
NBITCOIN_NETWORK=mainnet
BTCPAYGEN_CRYPTO1=btc
BTCPAYGEN_REVERSEPROXY=none # Changed from nginx
BTCPAY_PROTOCOL=http # NPM handles SSL
NOREVERSEPROXY_HTTP_PORT=8080 # Avoid conflict with NPM
Network Configuration
- NPM connected to btcpayserver-docker_default network
- BTCPay IP: 172.20.0.4
- All containers can communicate internally
Backup Locations
- Configuration backup:
~/btcpay-backup-20250916/ - Original .env:
/opt/.env.backup - Docker compose files:
~/btcpay-backup-20250916/
Troubleshooting Commands
Check BTCPay Logs
sudo docker logs generated_btcpayserver_1 --tail 50
Check NPM Logs
sudo docker logs nginx-proxy-manager --tail 50
Restart Services
# BTCPay
cd /opt/btcpayserver-docker
sudo docker-compose restart
# NPM
sudo docker restart nginx-proxy-manager
Test Connectivity
# From server
curl -I http://172.20.0.4:49392
curl -I http://localhost:8080
# From outside
curl -I https://thebankofdebbie.giize.com
Monero Integration (TODO)
- Monero plugin needs to be installed in BTCPay
- Wallet already created: 49TnBo2VHbncxvrMFbX5uMS9mtAGkiG1L4N6i7MMz4MhA9AXfyRqBdmf1XrFtGXq2v2G72TNtiVFo2kot5SHnBBz3gwoMj9
- RPC Password: password
Benefits of NPM over BTCPay nginx
✅ Web-based management interface ✅ Easy SSL certificate management ✅ Multiple domain support ✅ Better logging and monitoring ✅ Access lists and IP filtering ✅ Custom error pages ✅ Stream (TCP/UDP) proxy support
Next Steps
- Login to NPM admin panel
- Change default admin password
- Create proxy host for thebankofdebbie.giize.com
- Test BTCPay access through HTTPS
- Install Monero plugin in BTCPay
- Configure additional security in NPM (access lists, etc.)
Security Notes
⚠️ Change NPM admin password immediately ⚠️ Consider IP whitelisting for admin panels ⚠️ Regular backup of NPM configuration ⚠️ Monitor logs for suspicious activity
Recovery
If issues arise:
- Backup available at ~/btcpay-backup-20250916/
- Can restore original nginx setup:
sudo cp /opt/.env.backup /opt/.env cd /opt/btcpayserver-docker . /opt/.env && ./btcpay-setup.sh -i