Install API Server - Regular Installation
1 Install and Configure MySQL Server
Install MySQL 8.x Server: Please refer to online tutorials for this installation, as it will not be elaborated here.
Check if MySQL is installed and running properly.
sudo systemctl status mysql # ubuntu/debian
sudo systemctl status mysqld # for centos / rhelCheck open ports and connection status.
mysql -u root -p -h your.db.host -P 3306Create a database.
CREATE DATABASE IF NOT EXISTS `upay` /*!40100 DEFAULT CHARACTER SET utf8 */;Create a database user and grant permissions.
CREATE USER 'theusername'@'%' IDENTIFIED BY 'Your_Password_!';
GRANT SELECT, CREATE, DROP, INSERT, UPDATE, DELETE, INDEX, ALTER, REFERENCES ON upay.* TO '新用户名'@'主机'
FLUSH PRIVILEGES;Test the connection.
mysql -u theusername -p -h your.db.host -P 3306Install Redis Server
Install Redis Server without TLS support
dnf install -y redis6
# or yum instlal -y redis6Edit /etc/redis6/redis6.conf
vim /etc/redis6/redis6.confSet the password and bind
requirepass 123456
bind * -::*Start Redis server and check the status
systemctl restart redis6
telnet localhost 6379
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
^]Install Redis with TLS encryption - Self-signed certificates
Set hostname
hostnamectl set-hostname xcache #xcache is the name of your redis serverGenerate the server cert
touch redis-server.confCreate a redis-server.conf file in the current directory with the following content, adjusting dns and other fields as needed.
[ req ]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[ dn ]
C = CA
ST = BC
L = VAN
O = WRB
OU = WRB TECH
CN = xredis
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = xcache
DNS.2 = xcache1Use openssl and the above configuration file to generate the root certificate and server certificate.
# root ca
openssl genrsa -out ca.key 2048
openssl req -x509 -new -nodes -key ca.key -days 3650 -out ca.crt -config redis-server.conf
# server cert
openssl req -new -nodes -out redis.csr -newkey rsa:2048 -keyout redis.key -config redis-server.conf
# sign server cert
openssl x509 -req -in redis.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out redis.crt -days 3650 After completion, you will have the following files:
ca.key
ca.crt
redis.key
redis.crt
Copy cert
cp ca.crt /etc/redis6/ca.crt
cp redis.crt /etc/redis6/redis.crt
cp redis.key /etc/redis6/redis.key
sudo chown redis6:redis6 /etc/redis6/redis.crt /etc/redis6/redis.key /etc/redis6/ca.crt
sudo chmod 600 /etc/redis6/redis.key
sudo chmod 644 /etc/redis6/redis.crt /etc/redis6/ca.crtEdit /etc/redis6/redis6.conf
# enable tls and config the port
tls-port 6379
# disable other port
port 0
tls-cert-file /etc/redis6/redis.crt
tls-key-file /etc/redis6/redis.key
tls-ca-cert-file /etc/redis6/ca.crt
tls-auth-clients yes
# set connection pass
requirepass 123456
# bind port
bind * -::*
Start redis server
sudo systemctl restart redis6Generate Client Cert
Create client.conf
touch client.confThe content of client.conf
[ req ]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[ dn ]
C = CA
ST = BC
L = VAN
O = WRB
OU = WRB TECH
CN = *.xnode.host
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = *.yourhost.com
DNS.2 = exampleGenerate Client Cert
openssl req -new -nodes -out client.csr -newkey rsa:2048 -keyout client.key -config client.conf
openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 3650
# to p12 format
openssl pkcs12 -export -out client.p12 -inkey client.key -in client.crt -certfile ca.crtThen you'll get
client.p12
If Redis enables TLS connections, the following files will be used in step 3:
ca.crt
client.p12
Install Beaver Payment API Server
git clone [email protected]:WhiteRiverBay/beaver-payment-install.git(Optional) If Redis has TLS enabled, place the client certificate in the corresponding directory:
cp ca.crt .config/
cp client.p12 .config/Execute Install.sh
sh install.shYou'll see
Beaver Payment Configuration Initialization
1 - Generating RSA Key Pair
...+..+..........+..+++++++++++++++++++++++++++++++++++++++++++++*..+.+........+....+...+.....+++++++++++++++++++++++++++++++++++++++++++++*..........................+.+...+...........+......+.+............+..+..........+...+...+........+......+..........+...........+...+...........................+.........+......+.............+..+....+..............+........................+.+..+...+.......+..+.....................................+........+.......+..............+.......+........+.........+..........+...+.....+...+....+...+............+...+...+..+.........+...+..........+............+...............+......+.....+.........+.+..+.......+........................+.................+...+.......+........+.+...+.....+.+.....+.+..............+.......+........+....+.................+.+...+.................+..........+..+.......+..............+...............+.+.....+......+...............+...+......+.+.....+.......+..+....+.........+.....+.+............+..............+......+............+..........+......+.....+............+...............+....+...+...+.................+.+...........+......+.......+..+.+........+....+......+.....................+.....+....+..+...............+.......+..+...+................+..+.......+..................+............+.....+...+...............+...................+.....+....+..............+..........+...+..+.......+......+.....+.............+..+.............+.....+.........+.+..+...+......+.+.......................+.+......+............+...+.....+...+.........+......................+.........+...........+...+.............+..+.....................+.+.....+....+..+..........+..+..........+...............+...+..+...+.......+.................+.+...............+..................+..+.........+......+.......+......+..+....+........+.+..+...+.+...+..+...+......+.+.....+.+.......................+.......+........+..........+.........+........+...................+......+..+......+.+.........+.........+...........+......+.........+..........+..+.........+......+....+......+...+...........+....+....................+....+...........+....+..+.........+....+.....+.+..+....+..................+.....+......+++++
....+.+...+..+............+.+......+.....+...+.+..+...+.+...........+....+..............+.+......+.........+...+...+++++++++++++++++++++++++++++++++++++++++++++*...+++++++++++++++++++++++++++++++++++++++++++++*........+...+..+.........+.+..............+.......+.....+...+...............................+.....+...+.+......+......+..+.......+........+......+.+......+............+.....+...+.......+........+.........+.+...+.........+......+..+...+.+......+..+......+......+...+.......+........+...+...+.+......+.....+.........+.........+............+..................+............+..........+...+...............+......+...+...+........+.+.......................+.+....................+.........+...+.......+..+...+.+......+.........+.....+.+...........+.......+...+...............+.....+.......+..+......+.......+...........+....+....................+..........+..+.........+.......+.....+...........................+...+...+............+..........+..+......+.+......+..+.+..+...+....+...+.........+.........+.........+..+.+..+...+.......+......+.....+..........+..+...+.+......+..............+....+.........+.....+...+.............+.........+++++
writing RSA key
Please keep the private.pem file safe and secure
public.pem saved in .config successful
Generating Google Authenticator Secret:
Google Authenticator Secret: E4RU2ZJEOAGTCKRA
Generate Notify Secret:
Generating .env file
Please enter the database host:
127.0.0.1
Please enter the database port:
3306
Please enter the database name:
upay
Please enter the database username:
root
Please enter the database password:
root123321
Testing database connection
mysql: [Warning] Using a password on the command line interface can be insecure.
+---+
| 1 |
+---+
| 1 |
+---+
Database connection successful
Creating database if it does not exist
mysql: [Warning] Using a password on the command line interface can be insecure.
Please enter the redis host:
xcache
Please enter the redis port:
6379
Is redis password required? (true/false):
true
Please enter whether redis ssl is enabled (true/false):
false
Please enter the redis password (if it is no password, keep it empty):
123456
Do you want to set telegram bot? (true/false):
false
Do you want to set default callback url now? (true/false):
false
Configuration Initialization Successful
Please run the server now
docker-compose -f docker-compose-prod.yml up -d
After the installation, a private.pem file will be generated in the same directory. This is the private key for the administrator to collect funds. You can store it on a separate USB drive or encrypt it and save it to Google Drive.
Restart Service
docker-compose -f docker-compose-prod.yml up -d
#logs
docker logs -f upayapiCheck service status
curl -vX GET http://localhost:8080
Note: Unnecessary use of -X or --request, GET is already inferred.
* Host localhost:8080 was resolved.
* IPv6: ::1
* IPv4: 127.0.0.1
* Trying [::1]:8080...
* Connected to localhost (::1) port 8080
> GET / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/8.5.0
> Accept: */*
>
< HTTP/1.1 200
< Vary: Origin
< Vary: Access-Control-Request-Method
< Vary: Access-Control-Request-Headers
< Content-Type: text/plain;charset=ISO-8859-1
< Content-Length: 2
< Date: Fri, 03 Jan 2025 22:33:06 GMT
<
* Connection #0 to host localhost left intact
okLast updated