NGinx acts as a reverse proxy, and takes care of renewing HTTPS certificates for you. BTCPay Server deployment using NGinx are typically composed of:
- One full node per supported cryptocurrency (bitcoind/litecoind)
- A lightweight block explorer (NBxplorer)
- A BTCPay Server
- A database (Postgres)
- A reverse proxy (NGINX)
- Two containers configuring NGINX as a reverse proxy and renewing SSL certificates.
The Deploy on Azure Button is using this docker-compose
under the hood on an Ubuntu machine. You can use it on any docker supporting host.
The relevant environment variables are:
NBITCOIN_NETWORK
: The blockchain identifier used by NBitcoin (eg.,regtest
,testnet
,mainnet
)BTCPAY_HOST
: The external url used to access the NGINX server from internet. This domain name must point to this machine for Let's Encrypt to create your certificate. (typically with a CNAME or A record)BTCPAY_ROOTPATH
: The root path directory where BTCPay is accessed, more information below. (default: /)LETSENCRYPT_EMAIL
: The email Let's Encrypt will use to notify you about certificate expiration.ACME_CA_URI
: Let's encrypt API endpoint (staging
for a staging certificate,production
for a production one)LIGHTNING_ALIAS
: Optional, if using the integrated lightning feature, customize the alias of your nodesBTCPAY_SSHKEYFILE
: Optional, SSH private key that BTCPay can use to connect to this VM's SSH server (You need to copy the key file on BTCPay's datadir volume)BTCPAY_SSHTRUSTEDFINGERPRINTS
: Optional, BTCPay will ensure that it is connecting to the expected SSH server by checking the host public's key against those fingerprints
If BTCPAY_HOST
is btcpay.example.com
and BTCPAY_ROOTPATH
is /btcpay
, then you can access the site via https://btcpay.example.com/btcpay
Any unset or empty environment variable will be set for a regtest
deployment.
The ports mapped on the host are:
80
for Let's encrypt443
for the website9735
for the bitcoin lightning network node (if used)9736
for the litecoin lightning network node (if used)
Example for running on mainnet
:
For linux:
docker-compose up \
-e "NBITCOIN_NETWORK=mainnet" \
-e "BTCPAY_HOST=btcpay.example.com" \
-e "LETSENCRYPT_EMAIL=me@example.com" \
-e "ACME_CA_URI=production"
For powershell:
docker-compose up `
-e "NBITCOIN_NETWORK=mainnet" `
-e "BTCPAY_HOST=btcpay.example.com" `
-e "LETSENCRYPT_EMAIL=me@example.com" `
-e "ACME_CA_URI=production"
See also The guide for docker noobs.
Make sure the domain btcpay.example.com
point to your server and that port 80
and 443
are open.