Using Electrum via Proxy

[mocacinno]

For my use case, I am trying to determine the level of privacy that is actually necessary.

FYI, I am building a website and would like to have the capacity to accept BTC and lightning network payments. Not sure if that changes anything, but the main factors I am looking for are safety, privacy, and efficiency. With that in mind, do you think going through the extra hurdles to get electrum up and running is worth it? Or is it just not worth the extra effort? I plan on moving the coins to a hardware wallet most of the time anyways, so this would just be for sending/receiving and temporary short-term storage. I thought that having electrum available on multiple devices might prove beneficial, but maybe I am mistaken or overvaluing the utility it provides? I already have Wasabi downloaded, and am very close to just using that and calling it a day.

As for Discord, yes I am aware it is not the most privacy savvy. However, I do have 2fa enable and take the necessary precautions that are available to protect myself. I have no problems hanging out on this Bitcoin talk forum, however, I assume I will be much less active on here and check it much less frequently than I would a discord server.

Well, this might change things a little bit... Yes..
A couple follow up questions:

• Is it a clearnet website
• Will you be using a shopping script (woocommerce, opencart, prestashop,...)
• What will be the level of automation (will you be generating addresses/ln invoices manually, or will your shop be handling all this accouting?)
• What level of anonimity are you requiring: protection against a $5 wrench attack, protecting yourself from the IRS (or any other tax authority) or selling bitcoins in a country where owning cryptocurrencys is so illegal you'll end up in jail

If it's a clearnet site with shopping script and automatic accounting, i'd probably go for bitcoind + c-lightning + nbxplore + btcpayserver.

You'll need to think the anonimity aspect completely trough tough... I mean, if it's a clearnet site, you're already pretty exposed as it is... You have a host that can keep logs (or you've rented a dedicated box/vps), you have purchased a domain name,...
People will be able to link deposit addresses to your domain/ip/..., they'll need to be able to open channels to your lightning wallet aswell.
If you want automatic accounting, you'll need to derive addresses from an xpub (btcpayserver does this for you), if a hacker gets his hands on this xpub, he'll be able to derive all past and future deposit addresses presented to all your clients (he won't be able to rob them tough).

Without knowing the full picture, it's hard to give advice, but if you're running a clearnet shop, and you want a reasonable amount of privacy, i guess you might be best off creating 2 wasabi wallets, you export the xpub from the first one and import it into btcpayserver, after a couple ln channels have closed you move funds to this wallet aswell. After a while you move your funds from the first wallet to the second one and then do a coinjoin, or you use a mixer between the first and the second wallet... This *should* be enough to protect you from a $5 wrench attack.

Other setups are possible too, but the flow, the level of expertise and the amount of time required to setup/maintain setups will increase almost exponentially if you start messing around with bulletproof hosting, hidden services, i2p, lightningd over tor, bitcoind over tor,... In case you need these kinds of setups, i'd probably tell you to hire a security expert and let him/her help you set things up, and teach you how to maintain everything...

[Corayee]

Well when you put it like that... everything becomes much more clear.

It is going to be a clearnet site, and it is a combination of WooCommere + Wordpress. I will have to manually generate some invoices, but majority of the time, the prices will be set and I would like the shop to handle the accounting logistics (and if I could figure out a way for people to place bids, that would be super cool). Not trying to evade taxes or hide from the IRS, and I am already doxed, so realistically I just want the ability to accept crypto payments the right way.  

I have bitcoind and lnd already installed. Just need to figure out the wallet situation and download a block explorer; I already planned on using btcpayserver .

And by no means am I an expert,  quite the opposite actually. Would rather start with a beginner setup that I can handle and if anything progress towards the more technical, complex setups further down the line once I have a better handle on things.

[mocacinno]

--snip--
I have bitcoind and lnd already installed. Just need to figure out the wallet situation and download a block explorer; I already planned on using btcpayserver .
--snip--

nbxplore is a prereq for btcpayserver, otherwise you don't need your own block explorer (and, eventough the name contains the word xplore, it's not a real block explorer, merely an utxo tracker)
But for the rest it looks like you're on the right track!

bitcoind + lnd (or c-lightning) + nbxplore + btcpayserver

This setup will allow you to create custom invoices, and do automatic billing aswell... And, there's a free plugin for wordpress+woocommerce

If you use the xpub generated by wasabi, you can directly coinjoin from wasabi's gui and have a reasonable amount of privacy (meaning: it'll be very, very, very hard for anybody to detect how much btc you're actually holding, and it'll be very, very, very hard for anybody to link the coinjoined btc in your wallet to your identity). If you're afraid a hacker will get his/her hands on your xpub and nullify your coinjoins, you could always opt for 2 wallets (like i said in my previous post): one for receiving funds, then move your funds to a second wallet and coinjoin over there. If a hacker ever gets his hands on your xpub, it'll be the xpub from your first (receiving) wallet, and not the xpub from the wallet where your funds were coinjoined.
Instead of coinjoining, you could also send funds from the first wallet to a mixer, and chose an address generated by the second wallet as the mixer's output.

Good luck! If you have specific questions about the bitcoind + lnd + nbxplore + btcpayserver + apache/nginx/... + wordpress + woocommerce + ... setup => don't hesitate to ask! I'm a c-lightning fan myself, but i've recently done the rest of the setup.

[Corayee]

I downloaded .NET Core 3.1.8 (ARM32) and installed it using the following commands:

sudo mkdir -p $HOME/dotnet
sudo tar zxf ~/Downloads/dotnet-sdk-3.1.402-linux-arm.tar.gz -C $HOME/dotnet
export DOTNET_ROOT=$HOME/dotnet
export PATH=$PATH:$HOME/dotnet

Then ran

sudo nano .profile

and added the path commands to the end of the file to permanently link them to the command line to call the dotnet list of commands.

Then I installed NBXplorer following a YouTube guide and entered the following commands:

git clone https://github.com/dgarage/NBXplorer
cd NBXplorer/NBxplorer
dotnet run -- --help

Finally, tried to enter the command

dotnet run --

and was met with this RPC server error:
https://i.imgur.com/3ZxFsUa.jpg

Not sure why the RPC server is unable to connect. Hoping that I can get some clarity on this so I can proceed, it looks like the YouTube video I watched referenced a cookie file on their computer but since I am trying to do this over the Pi I cannot find the right file and it seems like the rpccookiefile command does not work (if I even need it, not sure).

[HCP]

What arguments are you using to start up bitcoind/Bitcoin Core? What options do you have set in your bitcoin.conf?

[mocacinno]

A couple of potential issues:

• bitcoind, is it running, can you execute "lsof -i :8332"
• I've listed my bitcoin.conf and  nbxplore config's underneath

Do notice the rpcuser/rpcpassword from bitcoin.conf match the user and pass in settings.config

bitcoind: ~/.bitcoin/bitcoin.conf

Code:

daemon=1
server=1
rpcuser=[rpc user]
rpcpassword=[rpc pass]
maxmempool=50
mempoolexpiry=2
rpcauth=[user]:[pass]
dbcache=1024
zmqpubrawblock=tcp://127.0.0.1:28332
zmqpubrawtx=tcp://127.0.0.1:28332
whitelist=127.0.0.1

nbxplore: ~/.nbxplorer/Main/settings.config

Code:

btc.rpc.auth=[rpc user]:[rpc pass]
port=24445
mainnet=1

[Corayee]

A couple of potential issues:

• bitcoind, is it running, can you execute "lsof -i :8332"
• I've listed my bitcoin.conf and  nbxplore config's underneath

Do notice the rpcuser/rpcpassword from bitcoin.conf match the user and pass in settings.config

bitcoind: ~/.bitcoin/bitcoin.conf

Code:

daemon=1
server=1
rpcuser=[rpc user]
rpcpassword=[rpc pass]
maxmempool=50
mempoolexpiry=2
rpcauth=[user]:[pass]
dbcache=1024
zmqpubrawblock=tcp://127.0.0.1:28332
zmqpubrawtx=tcp://127.0.0.1:28332
whitelist=127.0.0.1

nbxplore: ~/.nbxplorer/Main/settings.config

Code:

btc.rpc.auth=[rpc user]:[rpc pass]
port=24445
mainnet=1

Hi mocacinno,

- Bitcoind does appear to be running on the bitcoin user on the pi, can execute "lsof -i :8332" on the bitcoin user and get some feedback but on any other user the command does not return any information.
- I opened the bitcoin.conf file and was able to find the information you supplied in your post.

It seems like NBXplorer does not have a config file as entering that code results in an error stating the file can't be found, and one command led to a "Permission denied" error.

Not sure if I installed Dotnet or NBXplorer incorrectly. I would appreciate some further guidance in this. Thank you so much for all your help so far, you've been a big help. Looking forward to a reply, cheers.

[mocacinno]

--snip--


Hi mocacinno,

- Bitcoind does appear to be running on the bitcoin user on the pi, can execute "lsof -i :8332" on the bitcoin user and get some feedback but on any other user the command does not return any information.
- I opened the bitcoin.conf file and was able to find the information you supplied in your post.

It seems like NBXplorer does not have a config file as entering that code results in an error stating the file can't be found, and one command led to a "Permission denied" error.

Not sure if I installed Dotnet or NBXplorer incorrectly. I would appreciate some further guidance in this. Thank you so much for all your help so far, you've been a big help. Looking forward to a reply, cheers.

Well, if i understand correctly, you're saying that nbxplorer did not have the necessary config file, and once you generated said file there was a "permission denied"-error...

I think it's a safe bet your problem is probably related to this config file... It's settings are necessary, it's not optional.

I start my nbxplorer as a service with following parameters:
/usr/bin/dotnet "/[path to nbxplorer]/NBXplorer/bin/Release/netcoreapp2.1/NBXplorer.dll" -c /[path to config]/.nbxplorer/Main/settings.config

So, you have to make sure the user/pass in settings.config match the ones in bitcoin.conf, you have to start nbxplorer with the -c parameter pointing to the settings.config AND you have to make sure there are no "permission denied" messages by changing the permissions or running as the correct user.

[Corayee]

So after lots of troubleshooting and internet searching, I've made some progress!

I found the folder ~/.nbxplorer/Main/settings.config and had to uncomment the following code snippets:

#btc.rpc.auth=walletuser:password
#port=24444 (Changed to port=24445)
#mainnet=1

I saved this and found the bitcoin.conf file by entering the following command:

sudo nano ~/.bitcoin/bitcoin.conf

and edited the file to add these missing lines:

daemon=1
maxmempool=50
mempoolexpiry=2
rpcauth=[user]:[pass]
dbcache=1024 (Changed from #dbcache=2000)
whitelist=127.0.0.1

Finally, and this is weird, to run NBXplorer I had to go to the directory:

cd ~/NBXplorer/NBXplorer

and enter the command:

dotnet run --

It seems like NBXplorer actually ran successfully: https://i.imgur.com/U2aXSxR.jpg

I have three questions stemming from this:

• Why did I need to use the dotnet run -- command through a different directory, and is this okay?
• How do I know NBXplorer is running? How do I use it?
• Is the next step to set up btcpayserver?

[mocacinno]

--snip--

• Why did I need to use the dotnet run -- command through a different directory, and is this okay?
• How do I know NBXplorer is running? How do I use it?
• Is the next step to set up btcpayserver?

I'm happy to hear you finally got it working
As for your questions:

• Well, your screenshot shows it's running, so it should be fine.. You did terminate the application before it started syncing...
• You don't use it... Btcpayserver uses nbxplorer. Nbxplorer isn't a block explorer in the classical sense, it's just an utxo tracker... It's not usefull for you, but super-usefull for btcpayserver
• yup

Ideally, you should be creating 3 services:
1) a service to start bitcoind
2) a service to start nbxplorer, depending on the first service
3) a service to start btcpayserver, depending on the second service

But for now, you could start bitcoind manually as a daemon, and start nbxplorer (and btcpayserver) in a screen session. However, as soon as you have everything running in a screen session, create those service files!!! screen is great for debugging, not for production.

[HCP]

...
Finally, and this is weird, to run NBXplorer I had to go to the directory:

cd ~/NBXplorer/NBXplorer

and enter the command:

dotnet run --

It seems like NBXplorer actually ran successfully: https://talkimg.com/images/2023/11/15/zvbGC.jpeg

Why did I need to use the dotnet run -- command through a different directory, and is this okay?

Why do you think it is weird? It seems like you're going into the local NBXplorer github repo directory that you created and then running NBXplorer from there. Why is that weird?

And what do you mean by "running the command through a different directory"? Do you mean different to how mocacinno is using NBXplorer? or different to something else you were expecting??!?

[Corayee]

@HCP, as a noob, just confused that I had to run it through a directory as there have been other things I've run that did not need to go through a directory.

@Mocacinno, thanks for the advice. Once everything is set up, I will create a set of services that runs these things as soon as I turn on the raspberry pi, but I'm not sure how to do that.

I managed to download BTCPayServer-Docker on the pi and got it to run successfully. I set up a host A record on my website that is supposed to use BTCPayServer (btcpay.website.com) but it's not working and I'm not sure how to proceed (maybe it's related to the ports or something, I can't find where to change those). Maybe you can provide some insight? Thanks for sticking around in the thread!

[mocacinno]

Personally, i'm not a big fan of fetching and running docker containers from some repo... I know btcpayserver actually advises you to run a docker container instead of doing a manual setup, but how do you know what you're doing and how are you sure everything is configured as you want it to be if you only fetch and run a container somebody else prepared for you?

I do run docker containers @ work from time to time, but those containers were prepared by collegues of mine and kept in an internal repo. Since the management told us it's ok if we use these containers, i see little harm in this... But i do see harm in running containers prepared by somebody you don't know.

Source: https://xkcd.com/1988/

Source: https://xkcd.com/1988/

Needless to say, i did a manual setup, so i can share what i did..

I configured btcpayserver:
/[~]/.btcpayserver/Main/settings.config

Code:

network=mainnet
port=23001
bind=0.0.0.0
chains=btc
BTC.explorer.url=http://127.0.0.1:24445
BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=~/.lnd/data/chain/bitcoin/mainnet/admin.macaroon;certthumbprint=[nope]
postgres=User ID=[nope];Password=[nope];Host=localhost;Port=5432;Database=[nope];
debuglog=/var/log/btcpayserver

so, basically, my btcpayserver listens on port 23001 and listens on all interfaces, I added the nbxplorer uri (http://127.0.0.1:24445), the lightning config (which isn't needed if you don't plan on accepting lightning payments) and info about my db/

After this, i added following to my apache virtual hosts:

Code:

<IfModule mod_ssl.c>
<VirtualHost *:443>
	ServerAdmin webmaster@localhost
	ServerName btcpay.mocacinno.com
	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined
	ProxyPass "/"  "http://127.0.0.1:23001/"
	ProxyPassReverse / "http://127.0.0.1:23001/"
	RequestHeader set X-Forwarded-Proto "https"
        ProxyPreserveHost on

        SSLCertificateFile /etc/letsencrypt/live/btcpay.mocacinno.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/btcpay.mocacinno.com/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

This way, apache proxys requests on port 443 to my btcpayserver (port 23001 as configured above).

My a-record btcpay.mocacinno.com points towards the ip of the host where i did this setup. Also: the SSLCertifate* lines were added by certbot

About the services: don't worry about them untill you have everything up and running withing a screen session.

[Corayee]

You have a valid point @mocacinno ...

With this in mind I decided to delete the docker files and try to reinstall BTCPayServer using a manual setup following the guide here:

https://freedomnode.com/blog/how-to-setup-btc-and-lightning-payment-gateway-with-btcpayserver-on-linux-manual-install/

I hadn't installed PostGreSQL on my Pi yet so I followed this guide to try and set it up. Created a username and password and copied my lightning fingerprint into the settings.config and ran into an issue on...

Step 4: Install BTCPayServer

I ran into a problem verifying the install worked correctly using dotnet. I tried running the command:

dotnet run -p ~/source/btcpayserver/BTCPayServer/BTCPayServer.csproj -c ~/.btcpayserver/Main/settings.config --network=mainnet

and was met with this big wall of warnings and errors: https://i.imgur.com/zEqDtjf.jpg

More confusion...  looking for some guidance. Thanks!

[mocacinno]

I start mine using a service, but the service does not execute either of these bash scripts:

/usr/bin/dotnet run --no-launch-profile --no-build -c Release -p "/[~]/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- $@


I've stopped my service and ran above command in the shell so i could capture the output:

Code:

[myuser]@node:~# /usr/bin/dotnet run --no-launch-profile --no-build -c Release -p "/[~]/btcpayserver/BTCPayServer/BTCPayServer.csproj" -- $@
info: Configuration:  Data Directory: /[~]/.btcpayserver/Main
info: Configuration:  Configuration File: /[~]/.btcpayserver/Main/settings.config
info: Configuration:  Network: Mainnet
info: Configuration:  Supported chains: BTC
info: Configuration:  LogFile: /var/log/btcpayserver
info: Configuration:  Log Level: Debug
info: Configuration:  Network: Mainnet
info: Configuration:  Supported chains: BTC
info: Configuration:  LogFile: /var/log/btcpayserver
info: Configuration:  Log Level: Debug
info: Configuration:  Postgres DB used (User ID=[nope];Password=[nope];Host=localhost;Port=5432;Database=[nope];)
info: Configuration:  Root Path: /
info: Configuration:  BTC: Explorer url is http://127.0.0.1:24445/
info: Configuration:  BTC: Cookie file is /[~]/.nbxplorer/Main/.cookie
info: PayServer:      Starting listening NBXplorer (BTC)
info: PayServer:      Start watching invoices
info: PayServer:      Starting payment request expiration watcher
info: Events:         NBXplorer BTC: NotConnected => Ready
info: Configuration:  Listening on http://0.0.0.0:23001
info: PayServer:      1 pending payment requests being checked since last run
info: PayServer:      BTC: Checking if any pending invoice got paid while offline...
info: PayServer:      BTC: 0 payments happened while offline
info: PayServer:      Connected to WebSocket of NBXplorer (BTC)

EDIT: i suddenly remember why i start btcpayserver with these parameters
if you cat run.sh you'll see the following:

Code:

#!/bin/bash

dotnet run --no-launch-profile --no-build -c Release -p "BTCPayServer/BTCPayServer.csproj" -- $@

So, i basically opened run.sh, copyd the command into a service file and ran it from there...

Could you try starting btcpayserver with the command i posted above (change the path to the correct one instead)

[Corayee]

Hi Mocacinno, below I've included a snippet of code detailing what happens when I try to run the service how you've explained to do:

[myuser]@rpi:~ $ dotnet run --no-launch-profile --no-build -c Release -p ~/source/btcpayserver/BTCPayServer/BTCPayServer.csproj --
info: Configuration:  Data Directory: /home/admin/.btcpayserver/Main
info: Configuration:  Configuration File: /home/admin/.btcpayserver/Main/settings.config
info: Configuration:  Network: Mainnet
info: Configuration:  Supported chains: BTC
info: BTCPayServer.Plugins.PluginManager: Loading plugins from /home/admin/.btcpayserver/Extensions
info: Configuration:  Network: Mainnet
info: Configuration:  Supported chains: BTC
info: Configuration:  Postgres DB used
info: Configuration:  Root Path: /
info: Configuration:  BTC: Explorer url is http://127.0.0.1:24445/
info: Configuration:  BTC: Cookie file is /home/admin/.nbxplorer/Main/.cookie
info: PayServer:      Starting listening NBXplorer (BTC)
info: PayServer:      Start watching invoices
fail: PayServer:      BTC: NBXplorer error `Connection refused`
info: PayServer:      Starting payment request expiration watcher
info: PayServer:      0 pending payment requests being checked since last run
info: Configuration:  Listening on http://0.0.0.0:23001

It seems like the NBXplorer service is failing for some reason. However, when I go into the NBXplorer directory and try to run the dotnet run -- command it seems fine:

myuser@rpi:~ $ cd ~/NBXplorer/NBXplorer
myuser@rpi:~/NBXplorer/NBXplorer $ dotnet run --
info: Configuration:  Data Directory: /home/admin/.nbxplorer/Main
info: Configuration:  Configuration File: /home/admin/.nbxplorer/Main/settings.config
info: Configuration:  Network: Mainnet
info: Configuration:  Supported chains: BTC
info: Configuration:  DBCache: 50 MB
info: Configuration:  Network: Mainnet
info: Configuration:  Supported chains: BTC
info: Configuration:  DBCache: 50 MB
info: Explorer:       Defragmenting transaction tables...
info: Explorer:       Defragmentation succeed, 0 bytes saved
info: Explorer:       Applying migration if needed, do not close NBXplorer...
info: Configuration:  BTC: Testing RPC connection to http://localhost:8332/
Hosting environment: Development
Content root path: /home/admin/NBXplorer/NBXplorer/bin/Debug/netcoreapp3.1/
Now listening on: http://127.0.0.1:24445
Application started. Press Ctrl+C to shut down.
info: Configuration:  BTC: RPC connection successful
info: Configuration:  BTC: Full node version detected: 200100
info: Configuration:  BTC: Node banlist loaded
info: Events:         BTC: Node state changed: NotStarted => CoreSynching

Do I need to change something about how NBXplorer is running? If I have a service that starts NBXplorer when the raspberry pi turns on, will that solve my issue?

One more note, I'm confused on how/where to use the run.sh command, and if necessary, how to copy the command into a service file to run it.

[mocacinno]

The correct sequence is:
start bitcoind as a daemon:

Code:

bitcoind -daemon

Wait untill it's running, if you're unsure wait 5 minutes then look at the debug.log

Code:

tail -f ~/.bitcoin/debug.log

press ctrl+c if you're sure bitcoind is running

nbxplorer connects to bitcoind. It builds a database of unspent outputs and lets other services query this database.
nbxlorer needs to be running so btcpayserver can use it's services!

in order to do this, you'll eventually make a service, but for now, open a screen session (it's possible you'll need to install screen first)

Code:

screen

within this screen session, start nbxplorer... Without killing nbxplorer, leave your screen session by pressing cltr-a, release ctrl-a, then press the letter d

now, wait another 5 minutes to make sure nbxplorer is properly running, then check if it's listening on port 24445 like we configured

Code:

lsof -i :24445

here's what i see when looking at my server:

Code:

lsof -i :24445
COMMAND     PID USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
BTCPaySer  5092 root  278u  IPv4   18588382      0t0  TCP localhost:41210->localhost:24445 (ESTABLISHED)
BTCPaySer  5092 root  282u  IPv4   18587254      0t0  TCP localhost:41220->localhost:24445 (ESTABLISHED)
dotnet    11889 root  156u  IPv4 1753666419      0t0  TCP localhost:24445 (LISTEN)
dotnet    11889 root  188u  IPv4   18590828      0t0  TCP localhost:24445->localhost:41210 (ESTABLISHED)
dotnet    11889 root  191u  IPv4   18587256      0t0  TCP localhost:24445->localhost:41220 (ESTABLISHED)

without starting btcpayserver you won't see these connections, but you should see some output... If you don't get any return, nbxplorer is not listening on the correct port

now, open a second screen session

Code:

screen

and run btcpayserver in this screen session

you don't need to do anything with the run.sh bash script. The only thing this script contains is the command you're running right now:
dotnet run --no-launch-profile --no-build -c Release -p ~/source/btcpayserver/BTCPayServer/BTCPayServer.csproj --@

for shutting down, it's exactly the opposite order:
take over the btcpayserver screen by finding out the pid of the 2 screen sessions:

Code:

screen -r 

then take over the screen session of btcpayserver

Code:

screen -r [pid from previous command]

ctrl-c
you can stop this screen session by giving the following command withing the screen session

Code:

exit

then stop the nbxplorer in the same way as you stopped btcpayserver

then stop bitcoin daemon by entering

Code:

bitcoin-cli stop

[Corayee]

The correct sequence is:
start bitcoind as a daemon:

Code:

bitcoind -daemon

Wait untill it's running, if you're unsure wait 5 minutes then look at the debug.log

Code:

tail -f ~/.bitcoin/debug.log

press ctrl+c if you're sure bitcoind is running

nbxplorer connects to bitcoind. It builds a database of unspent outputs and lets other services query this database.
nbxlorer needs to be running so btcpayserver can use it's services!

in order to do this, you'll eventually make a service, but for now, open a screen session (it's possible you'll need to install screen first)

Code:

screen

within this screen session, start nbxplorer... Without killing nbxplorer, leave your screen session by pressing cltr-a, release ctrl-a, then press the letter d

now, wait another 5 minutes to make sure nbxplorer is properly running, then check if it's listening on port 24445 like we configured

Code:

lsof -i :24445

here's what i see when looking at my server:

Code:

lsof -i :24445
COMMAND     PID USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
BTCPaySer  5092 root  278u  IPv4   18588382      0t0  TCP localhost:41210->localhost:24445 (ESTABLISHED)
BTCPaySer  5092 root  282u  IPv4   18587254      0t0  TCP localhost:41220->localhost:24445 (ESTABLISHED)
dotnet    11889 root  156u  IPv4 1753666419      0t0  TCP localhost:24445 (LISTEN)
dotnet    11889 root  188u  IPv4   18590828      0t0  TCP localhost:24445->localhost:41210 (ESTABLISHED)
dotnet    11889 root  191u  IPv4   18587256      0t0  TCP localhost:24445->localhost:41220 (ESTABLISHED)

without starting btcpayserver you won't see these connections, but you should see some output... If you don't get any return, nbxplorer is not listening on the correct port

now, open a second screen session

Code:

screen

and run btcpayserver in this screen session

you don't need to do anything with the run.sh bash script. The only thing this script contains is the command you're running right now:
dotnet run --no-launch-profile --no-build -c Release -p ~/source/btcpayserver/BTCPayServer/BTCPayServer.csproj --@

for shutting down, it's exactly the opposite order:
take over the btcpayserver screen by finding out the pid of the 2 screen sessions:

Code:

screen -r 

then take over the screen session of btcpayserver

Code:

screen -r [pid from previous command]

ctrl-c
you can stop this screen session by giving the following command withing the screen session

Code:

exit

then stop the nbxplorer in the same way as you stopped btcpayserver

then stop bitcoin daemon by entering

Code:

bitcoin-cli stop

Hi Mocacinno,

I followed your sequence and got everything to run correctly from bitcoind to NBXplorer and BTCPayServer. From there I figured that I needed to continue the setup of BTCPayServer to run on my site so I followed the guide here to do it manually: [quotehttps://docs.btcpayserver.org/ManualDeploymentExtended/[/quote]

I skipped ahead to the nginx Let's Encrypt section and attempted to use certbot to get my TLS certificate and get everything set up. I think I'm running into yet another problem with setting up certificates here.

I followed the first two commands and restarted nginx, then tried to check Let's Encrypt and when I typed the command:

sudo certbot certificates

I got the following prompt:

myuser@rpi:~ $ sudo certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
No certs found.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Now I think this is happening because I input some code snippet incorrectly, perhaps something to do with writing down the SSL certificate URLs on the configuration file for nginx, but I'm not sure. Some guidance would be appreciated if possible  Thanks!

[mocacinno]

i think you do need a tld (domainname) if you want to use certbot... IIRC, you'd have to execute following command after nginx is running correctly:

Code:

certbot --nginx -d yourdomain.com -d www.yourdomain.com

There's always the option of creating a self signed certificate, but you'll probably be confronted with warning messages later on if you do so...

[Corayee]

i think you do need a tld (domainname) if you want to use certbot... IIRC, you'd have to execute following command after nginx is running correctly:

Code:

certbot --nginx -d yourdomain.com -d www.yourdomain.com

There's always the option of creating a self signed certificate, but you'll probably be confronted with warning messages later on if you do so...

After some tinkering around in nginx and certbot, I realized that I never actually created server blocks for Let's Encrypt to verify, LOL

I created the server block for my domain and tried to run certbot to obtain my SSL certificates, and ran into a weird error... not sure if you might know what's going on:

https://i.imgur.com/RyWDyzW.jpg

After doing this, I checked the DNS Zone Editor of my site and the DNS records list a bunch of TXT records that I haven't seen before