Created
June 21, 2024 00:48
-
-
Save echennells/ed9c1edcc05256627ac0d58c730ac0da to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### WARNING ### | |
Mutiny stores your channel state in your browser cache as well as in a postgres database on your server. If you lose the state in one of the two locations it will resync, for example if you lose your browser | |
cache the next time you access mutiny it will sync from the postgres server. The opposite is also true. One issue with the self hosted mutiny is there isn't an easy way to handle the postgres backup, this is because | |
every time you do a lightning transaction the channel state is updated, and there isn't a way that I know of to trigger a postgres backup on each update to the database. If you accidently restore a previous version | |
of the channel state you will be in a bad place and possibly (almost certinaly, lose funds). | |
# update the machine (if you get an error about a lock just wait a few minutes and try again) | |
sudo apt update | |
sudo apt upgrade | |
# install docker following these three steps | |
https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository | |
sudo usermod -aG docker ubuntu | |
# logout and log back in in order for usermod to take effect | |
# install git and clone mutiny-deploy repo | |
sudo apt install git | |
git clone https://github.com/MutinyWallet/mutiny-deploy.git | |
# start mutiny containers | |
cd mutiny-deploy | |
docker compose up -d | |
# install and configure nginx | |
sudo apt install nginx | |
sudo nano /etc/nginx/sites-available/mutiny | |
sudo ln -s /etc/nginx/sites-available/mutiny /etc/nginx/sites-enabled/mutiny | |
sudo rm /etc/nginx/sites-enabled/default | |
sudo systemctl enable --now nginx | |
# install wireguard VPN | |
sudo apt install wireguard | |
# configure wireguard | |
umask 077 | |
wg genkey > privatekey-server ; | |
wg pubkey < privatekey-server > publickey-server ; | |
wg genkey | tee privatekey-server | wg pubkey > publickey-server | |
wg genkey > privatekey-client ; | |
wg pubkey < privatekey-client > publickey-client ; | |
wg genkey | tee privatekey-client | wg pubkey > publickey-client | |
curl ifconfig.co (find your own ip for the client config) | |
ip addr show ens3 ( found out your local private ip) | |
sudo nano /etc/wireguard/mutiny.conf | |
sudo wg-quick up mutiny | |
# create QR code with client settings | |
sudo apt install qrencode | |
qrencode -t ansiutf8 < wg-client.conf | |
Install wireguard app on your phone and scan the qr code. | |
Browse to http://public-ip | |
## wireguard server config | |
[Interface] | |
PrivateKey = privatekey-server | |
Address = 10.0.0.5/32 | |
ListenPort = 33333 | |
[Peer] | |
PublicKey = publickey-client | |
AllowedIPs = 10.0.0.10/32 | |
## wireguard client config | |
[Interface] | |
PrivateKey = privatekey-client | |
Address = 10.0.0.10/32 | |
[Peer] | |
PublicKey = publickey-server | |
Endpoint = 170.75.168.21:33333 | |
AllowedIPs = 172.16.0.15/32 | |
## nmap config | |
map $http_upgrade $connection_upgrade { | |
default upgrade; | |
'' close; | |
} | |
server { | |
listen 80; | |
location / { | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection $connection_upgrade; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_pass http://localhost:14499; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment