Skip to content

Instantly share code, notes, and snippets.

@normandmickey
Last active January 18, 2020 22:06
Show Gist options
  • Save normandmickey/6d6e74ebb6b3ddbd317bc1450f48f08e to your computer and use it in GitHub Desktop.
Save normandmickey/6d6e74ebb6b3ddbd317bc1450f48f08e to your computer and use it in GitHub Desktop.
Install BTCPayServer on RaspiBlitz
#Install Dot-Net for ARM
cd /home/admin
sudo apt-get -y install libunwind8 gettext
wget https://download.visualstudio.microsoft.com/download/pr/9650e3a6-0399-4330-a363-1add761127f9/14d80726c16d0e3d36db2ee5c11928e4/dotnet-sdk-2.2.102-linux-arm.tar.gz
wget https://download.visualstudio.microsoft.com/download/pr/9d049226-1f28-4d3d-a4ff-314e56b223c5/f67ab05a3d70b2bff46ff25e2b3acd2a/aspnetcore-runtime-2.2.1-linux-arm.tar.gz
sudo mkdir /opt/dotnet
sudo tar -xvf dotnet-sdk-2.2.102-linux-arm.tar.gz -C /opt/dotnet/
sudo tar -xvf aspnetcore-runtime-2.2.1-linux-arm.tar.gz -C /opt/dotnet/
sudo ln -s /opt/dotnet/dotnet /usr/local/bin
dotnet --info
#Install Nginx & Certbot
sudo apt-get install nginx-full certbot -y
#Install NBXplorer
cd /home/admin
git clone https://github.com/dgarage/NBXplorer.git
cd NBXplorer
./build.sh
#Create the NBXplorer system unit file
sudo nano /etc/systemd/system/nbxplorer.service
#copy and past the following code
## Start of nbxplorer service file ##
[Unit]
Description=NBXplorer daemon
Requires=bitcoind.service
After=bitcoind.service
[Service]
ExecStart=/usr/local/bin/dotnet "/home/admin/NBXplorer/NBXplorer/bin/Release/netcoreapp2.1/NBXplorer.dll" -c /home/admin/.nbxplorer/Main/settings.config
User=admin
Group=admin
Type=simple
PIDFile=/run/nbxplorer/nbxplorer.pid
Restart=on-failure
PrivateTmp=true
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
## end of nbxplorer service file ##
#reload the systemd daemon
sudo systemctl daemon-reload
#enable nbxplorer service
sudo systemctl enable nbxplorer
#start nbxplorer service
sudo systemctl start nbxplorer
#check to see if nbxplorer is running
sudo systemctl status nbxplorer
#add your Raspiblitz RPC credentials to the nbxplorer configuration settings
nano /home/admin/.nbxplorer/Main/settings.config
#Locate the "#By user name and password" section and uncomment these two lines and change the username and password.
#the username is raspibolt and the password is what you set while installing raspiblitz
btc.rpc.user=raspibolt
btc.rpc.password=yourVerySecretPassword
#restart nbxplorer
sudo systemctl restart nbxplorer
#Install BTCPayServer
cd /home/admin
git clone https://github.com/btcpayserver/btcpayserver.git
cd btcpayserver
./build.sh
#create the BTCPayServer system unit fil
sudo nano /etc/systemd/system/btcpayserver.service
#copy and past the following code
## Start of btcpayserver service file ##
[Unit]
Description=BtcPayServer daemon
Requires=btcpayserver.service
After=nbxplorer.service
[Service]
ExecStart=/usr/local/bin/dotnet run --no-launch-profile --no-build -c Release -p "/home/admin/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- $@
User=admin
Group=admin
Type=simple
PIDFile=/run/btcpayserver/btcpayserver.pid
Restart=on-failure
[Install]
WantedBy=multi-user.target
## End of BTCPayServer service file ##
#reload the systemd daemon
sudo systemctl daemon-reload
#enable btcpayserver service
sudo systemctl enable btcpayserver
#start btcpayserver
sudo systemctl start btcpayserver
#check to see if btcpayserver is running
sudo systemctl status btcpayserver
#enable the LND rest interface on port 8080
cd /home/bitcoin/.lnd
sudo nano lnd.conf
#add the following line to the [Application Options] section
restlisten=127.0.0.1:8080
tlsextraip=0.0.0.0
#backup existing TLS cert and key files
sudo mv tls.cert tls.cert.backup
sudo mv tls.key tls.key.backup
#restarting lnd will generate new tls files
sudo systemctl restart lnd
#copy new tls.cert file to admin folder
sudo cp tls.cert /home/admin/.lnd
#update your btcpayserver settings
nano /home/admin/.btcpayserver/Main/settings.config
#make sure the following items are uncommented and correct. Replace example.com with your domain name
### Global settings ###
network=mainnet
### Server settings ###
port=23000
bind=127.0.0.1
externalurl=https://btcpay.example.com
### NBXplorer settings ###
BTC.explorer.url=http://127.0.0.1:24444/
BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=/home/admin/.lnd/data/chain/bitcoin/mainnet/admin.macaroon;certthumbprint=<paste your thumbprint here>
#save file we will get the cert thumbprint next
#get your cert thumbprint for BTCPayServer Lightning configuration
cd /home/admin
openssl x509 -noout -fingerprint -sha256 -inform pem -in ~/.lnd/tls.cert
#copy thumbprint output to clipboard
#replace thumbprint for lightning configuration
sudo nano /home/admin/.btcpayserver/Main/settings.config
#paste thumbprint at the end of this line
BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=/home/admin/.lnd/data/chain/bitcoin/mainnet/admin.macaroon;certthumbprint=<paste your thumbprint here>
#restart btcpayserver
sudo systemctl restart btcpayserver
#Get your SSL certification using certbot
sudo certbot certonly --authenticator standalone -d btcpay.example.com --pre-hook "service nginx stop" --post-hook "service nginx start"
#Open Port 80
sudo ufw allow 80, 443
#add reverse proxy for btcpayserver
#remove default nginx configuration
sudo rm /etc/nginx/sites-enabled/default
#create the btcpayserver configuration
sudo nano /etc/nginx/sites-available/btcpayserver
#Paste the following, make sure you change the domain name to yours
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name btcpay.example.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/btcpay.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/btcpay.example.com/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/btcpay.example.com/chain.pem;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:23000;
}
}
#remove default nginx configuration
sudo rm /etc/nginx/sites-enabled/default
#add symlink for btcpayserver site
sudo ln -s /etc/nginx/sites-available/btcpayserver /etc/nginx/sites-enabled/
#restart nginx
sudo systemctl restart nginx
@bereska
Copy link

bereska commented May 5, 2019

@normandmickey, I understand it must be a silly and simple question for you. But it would be great if you could guide beginners like me how to update this great Raspiblitz+BTCPay setup without messing things up. I take it we can git pull latest for nbxplorer and btcpayserver. What about lnd and bitcoind which are part of Raspiblitz? Can these be updated manually? I sort of fear the standard Raspiblitz update when you have to re-flash SD whicn means re-configuring everything else from scratch. For example, how to I update lnd to 0.6? and I know bitcoin 0.18 is coming soon. Thank you

@bereska
Copy link

bereska commented May 13, 2019

never mind, sorry for wasting your time if any, i figured it all out. lnd 0.6 is indeed more optimized and so it btcpayserver 0.1.3.99.

@normandmickey
Copy link
Author

It's ok. For some reason I don't get notifications for comments on this gist and I don't check it very often. I've been meaning to put this in a script so Raspiblitz users can easily add it from the menu. Updating without starting over would be awesome too.

@bereska
Copy link

bereska commented May 14, 2019

same here, but I got this one though ... anyways your radio silence motivated me to explore it further and now I have manually upgraded my setup to:
bitcoin 0.18
lnd 0.6.1
btcpayserver 1.0.3.99
nbxplorer latest
rtl 0.3.2
also I created backup-channels.service to back up channel.backup to two remote servers
everything is running ok except RTL which webpage is super slow
FYI: @rootzoll actually implemented graceful raspiblitz update from v1.2
my concern is whether rpi will pull it off with bitcoind, lnd, dotnet, btcpayserver, etc onboard once the network grows
what do you think?

@Markalot787
Copy link

Hi all, I want to attempt this without breaking my pi, is this still up to date? this needs to be included into Blitz by default :)

@bereska
Copy link

bereska commented Aug 19, 2019

go for it, mate. Mine is still running

@Markalot787
Copy link

Hey @bereska Thanks for responding, im also setting up a site to sell photos for sats. Make any sells? What else you have on your Pi?

@Markalot787
Copy link

@bereska
Copy link

bereska commented Aug 19, 2019

no problem, mate. my pi3 is pulling it all so far (bitcoind,lnd, btcpayserver, nbxplorer, rtl, .NET), but, yes, pi4 with 4gb will handle it much better. My wife is a photographer so I just used her site for btcpay server and ln payments testing. No sales yet. LOL) i bought a few pictures myself)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment