... | @@ -232,7 +232,14 @@ TODO <!-- this describes an acceptable level of service for this service --> |
... | @@ -232,7 +232,14 @@ TODO <!-- this describes an acceptable level of service for this service --> |
|
|
|
|
|
According to the upstream website, "BTCPay Server is a self-hosted,
|
|
According to the upstream website, "BTCPay Server is a self-hosted,
|
|
open-source cryptocurrency payment processor. It's secure, private,
|
|
open-source cryptocurrency payment processor. It's secure, private,
|
|
censorship-resistant and free.
|
|
censorship-resistant and free."
|
|
|
|
|
|
|
|
In practice, BTCpay is a rather complicated stack made of Docker,
|
|
|
|
Docker Compose, C# .net, bitcoin, PostgreSQL, Nginx, lots of shell
|
|
|
|
scripts and more, through plugins. It's actually pretty hard to
|
|
|
|
understand how all those pieces fit together.
|
|
|
|
|
|
|
|
This audit was performed by anarcat in the beginning of 2022.
|
|
|
|
|
|
### Docker containers
|
|
### Docker containers
|
|
|
|
|
... | @@ -259,8 +266,7 @@ On the previous server, this also included: |
... | @@ -259,8 +266,7 @@ On the previous server, this also included: |
|
* lnd_bitcoin (for the "lighting network", based on [their image](https://hub.docker.com/r/btcpayserver/lnd))
|
|
* lnd_bitcoin (for the "lighting network", based on [their image](https://hub.docker.com/r/btcpayserver/lnd))
|
|
* bitcoin_rtl (based on [shahanafarooqui/rtl](https://hub.docker.com/r/shahanafarooqui/rtl), a webapp for the
|
|
* bitcoin_rtl (based on [shahanafarooqui/rtl](https://hub.docker.com/r/shahanafarooqui/rtl), a webapp for the
|
|
lightning network)
|
|
lightning network)
|
|
* postgresql 9.6.20 (!? based on the official image
|
|
* postgresql 9.6.20 (severely out of date!)
|
|
[btcpayserver/letsencrypt-nginx-proxy-companion](https://hub.docker.com/r/btcpayserver/letsencrypt-nginx-proxy-companion)
|
|
|
|
|
|
|
|
In theory, it should be possible to operate this using standard Docker
|
|
In theory, it should be possible to operate this using standard Docker
|
|
(or `docker-compose` to be more precise) commands. In practice,
|
|
(or `docker-compose` to be more precise) commands. In practice,
|
... | | ... | |