From 75bade64bd7dbb2c5bac49138a00bddb39b053b1 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 11 Dec 2024 07:26:18 +0000 Subject: [PATCH] Initial commit: Basic project structure --- .env.example | 16 +++++++++++ .gitignore | 51 ++++++++++++++++++++++++++++++++++ README.md | 71 +++++++++++++++++++++++++++++++++++++++++++++++- requirements.txt | 5 ++++ 4 files changed, 142 insertions(+), 1 deletion(-) create mode 100644 .env.example create mode 100644 .gitignore create mode 100644 requirements.txt diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..5773a12 --- /dev/null +++ b/.env.example @@ -0,0 +1,16 @@ +# Ansible Configuration +ANSIBLE_VAULT_PASSWORD=your_vault_password_here + +# BTCPay Server Configuration +BTCPAY_BASE_URL=https://your-btcpay-server.com +BTCPAY_STORE_ID=your_store_id +BTCPAY_WEBHOOK_SECRET=your_webhook_secret + +# Flask Configuration +FLASK_ENV=development +FLASK_APP=app/handlers/webhook_handler.py +FLASK_DEBUG=1 + +# Server Configuration +VPN_SERVER_IP=your_server_ip +WIREGUARD_PORT=51820 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2442913 --- /dev/null +++ b/.gitignore @@ -0,0 +1,51 @@ +# Python +__pycache__/ +*.py[cod] +*$py.class +*.so +.Python +env/ +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +*.egg-info/ +.installed.cfg +*.egg + +# Environment variables +.env +.venv +.env.* +!.env.example + +# Ansible +*.retry +vault.yml +vault.yaml + +# Operating System +.DS_Store +.DS_Store? +._* +.Spotlight-V100 +.Trashes +ehthumbs.db +Thumbs.db + +# IDE +.idea/ +.vscode/ +*.swp +*.swo + +# Logs +*.log diff --git a/README.md b/README.md index 393c747..cc7e798 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,72 @@ # vpn-btcpay-provisioner -Automatically provision WireGuard VPN configurations upon successful BTCPay Server payments. \ No newline at end of file +Automatically provision WireGuard VPN configurations upon successful BTCPay Server payments. +======= +# VPN BTCPay Provisioner + +Automatically provision WireGuard VPN configurations upon successful BTCPay Server payments. + +## Features + +- Automated WireGuard VPN configuration generation +- BTCPay Server integration via webhooks +- Secure key management with Ansible vault +- Automated IP allocation for new clients + +## Prerequisites + +- Python 3.x +- Ansible +- WireGuard +- BTCPay Server instance + +## Installation + +1. Clone the repository: +```bash +git clone https://git.sovbit.dev/your-username/vpn-btcpay-provisioner.git +cd vpn-btcpay-provisioner +``` + +2. Install dependencies: +```bash +python -m venv venv +source venv/bin/activate # On Windows: .\venv\Scripts\activate +pip install -r requirements.txt +``` + +3. Copy example environment file and edit with your values: +```bash +cp .env.example .env +``` + +4. Set up Ansible vault: +```bash +ansible-vault create ansible/group_vars/vpn_servers/vault.yml +``` + +## Configuration + +1. Update `.env` with your environment-specific values +2. Configure BTCPay Server webhook to point to your webhook endpoint +3. Update inventory.ini with your VPN server details + +## Usage + +1. Start the webhook handler: +```bash +flask run +``` + +2. Test the setup with BTCPay Server's test webhook feature + +## Security Notes + +- Keep your `.env` file secure and never commit it to version control +- Regularly rotate webhook secrets and access tokens +- Monitor logs for unauthorized access attempts +- Keep system dependencies updated + +## License + +MIT \ No newline at end of file diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..10403b8 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,5 @@ +flask==3.0.0 +pyyaml==6.0.1 +python-dotenv==1.0.0 +cryptography==41.0.7 # For ansible-vault operations +ansible==9.1.0