diff --git a/artifacts/api-server/src/lib/lnbits.ts b/artifacts/api-server/src/lib/lnbits.ts index 1a3fc1e..efec475 100644 --- a/artifacts/api-server/src/lib/lnbits.ts +++ b/artifacts/api-server/src/lib/lnbits.ts @@ -26,6 +26,8 @@ export class LNbitsService { this.stubMode = !this.url || !this.apiKey; if (this.stubMode) { logger.warn("no LNBITS_URL/LNBITS_API_KEY — running in STUB mode", { stub: true }); + } else { + logger.info("LNbits real mode active", { url: this.url, stub: false }); } } diff --git a/scripts/hermes-lnbits/provision.sh b/scripts/hermes-lnbits/provision.sh new file mode 100644 index 0000000..669d3ee --- /dev/null +++ b/scripts/hermes-lnbits/provision.sh @@ -0,0 +1,107 @@ +#!/usr/bin/env bash +# ============================================================================= +# Hermes VPS — LNbits provisioning script +# Target: Ubuntu 24.04 LTS (143.198.27.163), root access via SSH +# Run: bash scripts/hermes-lnbits/provision.sh +# +# What this does: +# 1. Installs PostgreSQL 16 and creates the lnbits DB + user +# 2. Creates a Python 3.11 venv and installs LNbits + deps +# 3. Writes /opt/lnbits/run.sh (env-bearing launcher script) +# 4. Installs and enables lnbits.service (systemd) +# 5. Switches the funding backend from VoidWallet to FakeWallet via SQL +# 6. Health-checks the running service +# +# After this script: +# - LNbits is reachable at http://:5000 +# - Admin key must be extracted from the LNbits UI (or via the API) +# and set as LNBITS_API_KEY in Replit secrets +# - LNBITS_URL must be set to http://:5000 in Replit secrets +# ============================================================================= +set -euo pipefail + +VPS_IP="${VPS_IP:-143.198.27.163}" +LNBITS_DIR=/opt/lnbits +LNBITS_VERSION="0.12.12" +DB_NAME=lnbits +DB_USER=lnbits +DB_PASS="lnbits_pw_secure_2024" + +echo "==> Installing system deps" +apt-get update -qq +apt-get install -y -qq python3.11 python3.11-venv python3-pip \ + postgresql postgresql-contrib curl git + +echo "==> Configuring PostgreSQL" +systemctl enable --now postgresql +sudo -u postgres psql -tc "SELECT 1 FROM pg_roles WHERE rolname='${DB_USER}'" \ + | grep -q 1 || sudo -u postgres psql -c \ + "CREATE ROLE ${DB_USER} LOGIN PASSWORD '${DB_PASS}';" +sudo -u postgres psql -tc "SELECT 1 FROM pg_database WHERE datname='${DB_NAME}'" \ + | grep -q 1 || sudo -u postgres psql -c \ + "CREATE DATABASE ${DB_NAME} OWNER ${DB_USER};" + +echo "==> Creating LNbits venv" +mkdir -p "${LNBITS_DIR}" +python3.11 -m venv "${LNBITS_DIR}/.venv" +"${LNBITS_DIR}/.venv/bin/pip" install --quiet --upgrade pip +"${LNBITS_DIR}/.venv/bin/pip" install --quiet "lnbits==${LNBITS_VERSION}" psycopg2-binary + +echo "==> Writing /opt/lnbits/run.sh" +cat > "${LNBITS_DIR}/run.sh" << 'RUNSH' +#!/usr/bin/env bash +export LNBITS_BACKEND_WALLET_CLASS=FakeWallet +export HOST=0.0.0.0 +export PORT=5000 +export LNBITS_DATA_FOLDER=/opt/lnbits/data +export LNBITS_DATABASE_URL="postgres://lnbits:lnbits_pw_secure_2024@localhost:5432/lnbits" +export LNBITS_SITE_TITLE="Timmy Tower LNbits" +cd /opt/lnbits +exec /opt/lnbits/.venv/bin/lnbits --host 0.0.0.0 --port 5000 +RUNSH +chmod +x "${LNBITS_DIR}/run.sh" +mkdir -p "${LNBITS_DIR}/data" + +echo "==> Writing systemd unit" +cat > /etc/systemd/system/lnbits.service << 'UNIT' +[Unit] +Description=LNbits Lightning wallet server +After=network.target postgresql@16-main.service +Requires=postgresql@16-main.service + +[Service] +User=root +WorkingDirectory=/opt/lnbits +ExecStart=/opt/lnbits/run.sh +Restart=always +RestartSec=5 + +[Install] +WantedBy=multi-user.target +UNIT + +systemctl daemon-reload +systemctl enable lnbits +systemctl restart lnbits + +echo "==> Waiting for LNbits to start (20 s)..." +sleep 20 + +echo "==> Switching backend to FakeWallet via SQL" +# LNbits may overwrite via env, but set it in DB too so UI reflects it +sudo -u postgres psql "${DB_NAME}" -c \ + "INSERT INTO system_settings (id, value) VALUES ('lnbits_backend_wallet_class', '\"FakeWallet\"') + ON CONFLICT (id) DO UPDATE SET value = '\"FakeWallet\"';" 2>/dev/null || true + +echo "==> Health check" +HEALTH=$(curl -sf "http://localhost:5000/api/v1/health" 2>&1) && \ + echo "LNbits health: ${HEALTH}" || \ + echo "WARNING: health check failed — check 'journalctl -u lnbits -n 50'" + +echo "" +echo "==> DONE" +echo " LNbits is running at http://${VPS_IP}:5000" +echo " Next: open the LNbits UI, create a wallet, copy the admin key, then:" +echo " replit secret set LNBITS_URL http://${VPS_IP}:5000" +echo " replit secret set LNBITS_API_KEY " +echo " Then restart the api-server workflow."