Enki/vpn-btcpay-provisioner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit: Basic project structure

Browse Source
This commit is contained in:
root 2024-12-11 07:26:18 +00:00
parent 3e095f155f
commit 75bade64bd
4 changed files with 142 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.env.example Normal file
View File

@ -0,0 +1,16 @@
# Ansible Configuration
ANSIBLE_VAULT_PASSWORD=your_vault_password_here
# BTCPay Server Configuration
BTCPAY_BASE_URL=https://your-btcpay-server.com
BTCPAY_STORE_ID=your_store_id
BTCPAY_WEBHOOK_SECRET=your_webhook_secret
# Flask Configuration
FLASK_ENV=development
FLASK_APP=app/handlers/webhook_handler.py
FLASK_DEBUG=1
# Server Configuration
VPN_SERVER_IP=your_server_ip
WIREGUARD_PORT=51820

51
.gitignore vendored Normal file
View File

@ -0,0 +1,51 @@
# Python
__pycache__/
*.py[cod]
*$py.class
*.so
.Python
env/
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
*.egg-info/
.installed.cfg
*.egg
# Environment variables
.env
.venv
.env.*
!.env.example
# Ansible
*.retry
vault.yml
vault.yaml
# Operating System
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db
# IDE
.idea/
.vscode/
*.swp
*.swo
# Logs
*.log

69
README.md
View File

@ -1,3 +1,72 @@
# vpn-btcpay-provisioner # vpn-btcpay-provisioner
Automatically provision WireGuard VPN configurations upon successful BTCPay Server payments. Automatically provision WireGuard VPN configurations upon successful BTCPay Server payments.
=======
# VPN BTCPay Provisioner
Automatically provision WireGuard VPN configurations upon successful BTCPay Server payments.
## Features
- Automated WireGuard VPN configuration generation
- BTCPay Server integration via webhooks
- Secure key management with Ansible vault
- Automated IP allocation for new clients
## Prerequisites
- Python 3.x
- Ansible
- WireGuard
- BTCPay Server instance
## Installation
1. Clone the repository:
```bash
git clone https://git.sovbit.dev/your-username/vpn-btcpay-provisioner.git
cd vpn-btcpay-provisioner
```
2. Install dependencies:
```bash
python -m venv venv
source venv/bin/activate # On Windows: .\venv\Scripts\activate
pip install -r requirements.txt
```
3. Copy example environment file and edit with your values:
```bash
cp .env.example .env
```
4. Set up Ansible vault:
```bash
ansible-vault create ansible/group_vars/vpn_servers/vault.yml
```
## Configuration
1. Update `.env` with your environment-specific values
2. Configure BTCPay Server webhook to point to your webhook endpoint
3. Update inventory.ini with your VPN server details
## Usage
1. Start the webhook handler:
```bash
flask run
```
2. Test the setup with BTCPay Server's test webhook feature
## Security Notes
- Keep your `.env` file secure and never commit it to version control
- Regularly rotate webhook secrets and access tokens
- Monitor logs for unauthorized access attempts
- Keep system dependencies updated
## License
MIT

5
requirements.txt Normal file
View File

@ -0,0 +1,5 @@
flask==3.0.0
pyyaml==6.0.1
python-dotenv==1.0.0
cryptography==41.0.7 # For ansible-vault operations
ansible==9.1.0