LibrePatron without Docker (Ubuntu)

README.md

Warning: this is highly experimental

It assumes you're already running BTCPay Server somehwere.

Create a user and group:

sudo adduser patron --disabled-password

To login as this user:

sudo -s
su - patron

Clone the repo:

git clone https://github.com/JeffVandrewJr/patron.git

Create a data and config dir:

mkdir config
mkdir data

Create config/librepatron.env and symlink it:

cd patron
ln -s ~/config/librepatron.env librepatron.env

Install PyEnv using these instructions

Install Python 3.7.1: pyenv install 3.7.1

Install dependencies (see development docs).

Migrate the database (see development docs).

Move the database to ~/data and symlink it:

mv app.db ~/data
ln -s ~/data/app.db app.db

Try running server as the patron user (use start.sh from this gist):

./start.sh

It should show up on port 8006. If it works.

Setup https as root:

sudo certbot certonly -d patron.example.com

Populate /etc/nginx/sites-available/patron.example.com using this gist.

Start nginx:

sudo -s /etc/nginx/sites-available/patron.example.com /etc/nginx/sites-enabled/patron.example.com
sudo systemctl nginx restart

Populate /etc/systemd/system/patron.service from this gist.

Start it as a service as root:

systemd start patron
journalctl --follow -n 100 --unit patron 

patron.example.com

map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}

server {
  listen 80;
  listen [::]:80;
  server_name patron.example.com;
  # Useful for Let's Encrypt
  location /.well-known/acme-challenge/ { allow all; }
  location / { return 301 https://$host$request_uri; }
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name patron.example.com;

  ssl_protocols TLSv1.2;
  ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:10m;

  ssl_certificate     /etc/letsencrypt/live/patron.example.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/patron.example.com/privkey.pem;

  ssl_dhparam /etc/ssl/certs/dhparam.pem;

  keepalive_timeout    70;
  sendfile             on;
  client_max_body_size 8m;

 location / {
    proxy_pass http://127.0.0.1:8006;
    proxy_buffering on;
    proxy_buffers 12 12k;
    proxy_redirect off;

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Proto $scheme;
  }

  error_page 500 501 502 503 504 /500.html;
}

patron.service

[Unit]
Description=LibrePatron

[Service]
Type=simple
Restart=on-failure
User=patron
Group=patron
Environment="ISSO_CONFIG_PATH=/home/patron/config/isso.cfg"
Environment="COMMENTS_DB_PATH=/home/patron/data/comments.db"
WorkingDirectory=/home/patron
ExecStart=/home/patron/start.sh

StandardInput=null
StandardOutput=syslog
StandardError=syslog

[Install]
WantedBy=multi-user.target

start.sh

#!/bin/bash
cd patron
python docker_boot.py & /home/patron/.pyenv/shims/gunicorn patron:app --bind=0.0.0.0:8006 --workers=1  --graceful-timeout 15