From 4e78884f4c38ce0318aef0d66b312596bc1ee28c Mon Sep 17 00:00:00 2001 From: jahway603 Date: Mon, 15 Nov 2021 12:15:58 -0500 Subject: [PATCH] example configs --- doc/examples/README.md | 21 ++++++++++++++++++++ doc/examples/run_lightwalletd_nginx.sh | 19 ++++++++++++++++++ doc/examples/run_lightwalletd_no-web.sh | 26 +++++++++++++++++++++++++ 3 files changed, 66 insertions(+) create mode 100644 doc/examples/README.md create mode 100644 doc/examples/run_lightwalletd_nginx.sh create mode 100644 doc/examples/run_lightwalletd_no-web.sh diff --git a/doc/examples/README.md b/doc/examples/README.md new file mode 100644 index 0000000..b8ca9ee --- /dev/null +++ b/doc/examples/README.md @@ -0,0 +1,21 @@ +# Example lightwalletd configurations + +# Table of contents +1. [Why](#why) +2. [With Nginx](#with-nginx) +3. [No Web](#no-web) +4. [Apache](#apache) + +## Why +The [Hush Lightwalletd](https://git.hush.is/hush/lightwalletd/) can be configured in numerous different ways depending upon your specific setup. Here I will cover some example configurations and include shell scripts you can modify for your needs once you decide how you want to configure it. + +## With Nginx +For Nginx specifics, refer to the [lightwalletd README](https://git.hush.is/hush/lightwalletd/src/branch/master/README.md) to setup your SSL cert config. + +Then you can use this [example shell script](run_lightwalletd_nginx.sh) to run lightwalletd with an nginx reverse proxy frontend. In the script you have to change the hostname and username before running it. + +## No Web +Here we run lightwalletd without any web servers (no nginx) and as a stand-alone service managing the SSL cert config internally. Use this [example shell script](run_lightwalletd_no-web.sh) to run lightwalletd stand-alone. + +## Apache +I do not know Apache, but you are welcome to contribute your example configuration if you are using it as a reverse proxy. diff --git a/doc/examples/run_lightwalletd_nginx.sh b/doc/examples/run_lightwalletd_nginx.sh new file mode 100644 index 0000000..ecf693b --- /dev/null +++ b/doc/examples/run_lightwalletd_nginx.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash +# Purpose: simple run script for Hush lightwalletd with an nginx reverse proxy frontend + +# Setup: Change host, change username, and then run this to start lightwalletd + +### Change below to your lightwalletd public server name ### +host=your.server.name.com +# port 9067 is the default lightwalletd port +port=9067 +host_and_port="${host}:${port}" + +### Change below to the username running lightwalletd ### +# this user account must have access to the HUSH3.conf +username=jahway603 +hush_conf="/home/${username}/.hush/HUSH3/HUSH3.conf" + +echo "starting lightwalletd on port $port..." +lightwalletd -bind-addr "$host_and_port" -conf-file "$hush_conf" -no-tls +# let's go brandon diff --git a/doc/examples/run_lightwalletd_no-web.sh b/doc/examples/run_lightwalletd_no-web.sh new file mode 100644 index 0000000..0701637 --- /dev/null +++ b/doc/examples/run_lightwalletd_no-web.sh @@ -0,0 +1,26 @@ +#!/usr/bin/env bash +# Purpose: simple run script for Hush lightwalletd with NO web frontend + +# Setup: Change username, setup your SSL cert config, and then run this to start lightwalletd + +# had to use this IP when using acme.sh instead of certbot +ip=0.0.0.0 +# port 9067 is the default lightwalletd port +port=9067 +ip_and_port="${ip}:${port}" + +### Change below to the username running lightwalletd ### +# this user account must have access to the HUSH3.conf +username=jahway603 +hush_conf="/home/${username}/.hush/HUSH3/HUSH3.conf" + +### Setup SSL cert config below ### +# Change below to your lightwalletd public server name +host=your.server.name.com +# Change to your SSL cert, certbot does one thing, acme.sh does another, YMMV +ssl_cert="/etc/nginx/ssl/${host}/fullchain/${host}.pem" +ssl_key="/etc/nginx/ssl/${host}/key/${host}.key.pem" + +echo "starting lightwalletd on port $port..." +lightwalletd -bind-addr "$ip_and_port" -conf-file "$hush_conf" -tls-cert "$ssl_cert" --tls-key "$ssl_key" +# let's go brandon