
693 lines
27 KiB
Raw Normal View History

2018-07-22 18:38:14 +09:00
using BTCPayServer.Configuration;
using Microsoft.Extensions.Logging;
2018-07-22 18:38:14 +09:00
using BTCPayServer.HostedServices;
using BTCPayServer.Models;
using BTCPayServer.Models.ServerViewModels;
2018-07-22 18:38:14 +09:00
using BTCPayServer.Payments.Lightning;
2017-09-27 14:18:09 +09:00
using BTCPayServer.Services;
using BTCPayServer.Services.Mails;
using BTCPayServer.Services.Rates;
using BTCPayServer.Services.Stores;
2018-11-06 15:38:07 +09:00
using BTCPayServer.Validation;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using NBitcoin;
2018-07-22 18:38:14 +09:00
using NBitcoin.DataEncoders;
using System;
using System.Collections.Generic;
2017-09-27 14:18:09 +09:00
using System.ComponentModel.DataAnnotations;
using System.IO;
using System.Linq;
2017-09-27 14:18:09 +09:00
using System.Net;
using System.Net.Http;
2017-09-27 14:18:09 +09:00
using System.Net.Mail;
using System.Threading.Tasks;
using Renci.SshNet;
using BTCPayServer.Logging;
using BTCPayServer.Lightning;
using BTCPayServer.Configuration.External;
namespace BTCPayServer.Controllers
2018-04-30 02:33:42 +09:00
[Authorize(Policy = BTCPayServer.Security.Policies.CanModifyServerSettings.Key)]
public class ServerController : Controller
private UserManager<ApplicationUser> _UserManager;
SettingsRepository _SettingsRepository;
private readonly NBXplorerDashboard _dashBoard;
private RateFetcher _RateProviderFactory;
private StoreRepository _StoreRepository;
2018-07-22 18:38:14 +09:00
LightningConfigurationProvider _LnConfigProvider;
BTCPayServerOptions _Options;
public ServerController(UserManager<ApplicationUser> userManager,
2018-07-22 18:38:14 +09:00
Configuration.BTCPayServerOptions options,
RateFetcher rateProviderFactory,
SettingsRepository settingsRepository,
NBXplorerDashboard dashBoard,
2018-07-22 18:38:14 +09:00
LightningConfigurationProvider lnConfigProvider,
Services.Stores.StoreRepository storeRepository)
2018-07-22 18:38:14 +09:00
_Options = options;
_UserManager = userManager;
_SettingsRepository = settingsRepository;
_dashBoard = dashBoard;
_RateProviderFactory = rateProviderFactory;
_StoreRepository = storeRepository;
2018-07-22 18:38:14 +09:00
_LnConfigProvider = lnConfigProvider;
public async Task<IActionResult> Rates()
var rates = (await _SettingsRepository.GetSettingAsync<RatesSetting>()) ?? new RatesSetting();
2018-04-18 18:23:39 +09:00
var vm = new RatesViewModel()
CacheMinutes = rates.CacheInMinutes,
PrivateKey = rates.PrivateKey,
PublicKey = rates.PublicKey
2018-04-18 18:23:39 +09:00
await FetchRateLimits(vm);
return View(vm);
2018-04-18 18:23:39 +09:00
private static async Task FetchRateLimits(RatesViewModel vm)
2018-04-18 18:23:39 +09:00
var coinAverage = GetCoinaverageService(vm, false);
if (coinAverage != null)
2018-04-18 18:23:39 +09:00
vm.RateLimits = await coinAverage.GetRateLimitsAsync();
catch { }
public async Task<IActionResult> Rates(RatesViewModel vm)
var rates = (await _SettingsRepository.GetSettingAsync<RatesSetting>()) ?? new RatesSetting();
rates.PrivateKey = vm.PrivateKey;
rates.PublicKey = vm.PublicKey;
rates.CacheInMinutes = vm.CacheMinutes;
2018-04-18 18:23:39 +09:00
var service = GetCoinaverageService(vm, true);
2018-07-22 18:38:14 +09:00
if (service != null)
2018-04-18 18:23:39 +09:00
await service.TestAuthAsync();
ModelState.AddModelError(nameof(vm.PrivateKey), "Invalid API key pair");
if (!ModelState.IsValid)
2018-04-18 18:23:39 +09:00
await FetchRateLimits(vm);
return View(vm);
2018-04-18 18:23:39 +09:00
await _SettingsRepository.UpdateSetting(rates);
StatusMessage = "Rate settings successfully updated";
return RedirectToAction(nameof(Rates));
2018-04-18 18:23:39 +09:00
private static CoinAverageRateProvider GetCoinaverageService(RatesViewModel vm, bool withAuth)
var settings = new CoinAverageSettings()
KeyPair = (vm.PublicKey, vm.PrivateKey)
if (!withAuth || settings.GetCoinAverageSignature() != null)
2018-05-03 03:32:42 +09:00
return new CoinAverageRateProvider()
2018-04-18 18:23:39 +09:00
{ Authenticator = settings };
return null;
public IActionResult ListUsers()
var users = new UsersViewModel();
2017-12-04 14:39:02 +09:00
users.StatusMessage = StatusMessage;
= _UserManager.Users.Select(u => new UsersViewModel.UserViewModel()
Name = u.UserName,
2017-12-04 14:39:02 +09:00
Email = u.Email,
Id = u.Id
return View(users);
2017-09-27 14:18:09 +09:00
2018-03-22 19:55:14 +09:00
public new async Task<IActionResult> User(string userId)
var user = await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
var roles = await _UserManager.GetRolesAsync(user);
var userVM = new UserViewModel();
userVM.Id = user.Id;
2018-04-19 11:44:24 -05:00
userVM.Email = user.Email;
2018-03-22 19:55:14 +09:00
userVM.IsAdmin = IsAdmin(roles);
return View(userVM);
public IActionResult Maintenance()
MaintenanceViewModel vm = new MaintenanceViewModel();
vm.UserName = "btcpayserver";
vm.DNSDomain = this.Request.Host.Host;
if (IPAddress.TryParse(vm.DNSDomain, out var unused))
vm.DNSDomain = null;
return View(vm);
public async Task<IActionResult> Maintenance(MaintenanceViewModel vm, string command)
if (!ModelState.IsValid)
return View(vm);
if (command == "changedomain")
if (string.IsNullOrWhiteSpace(vm.DNSDomain))
ModelState.AddModelError(nameof(vm.DNSDomain), $"Required field");
return View(vm);
vm.DNSDomain = vm.DNSDomain.Trim().ToLowerInvariant();
2018-08-13 16:48:10 +09:00
if (vm.DNSDomain.Equals(this.Request.Host.Host, StringComparison.OrdinalIgnoreCase))
return View(vm);
if (IPAddress.TryParse(vm.DNSDomain, out var unused))
ModelState.AddModelError(nameof(vm.DNSDomain), $"This should be a domain name");
return View(vm);
if (vm.DNSDomain.Equals(this.Request.Host.Host, StringComparison.InvariantCultureIgnoreCase))
ModelState.AddModelError(nameof(vm.DNSDomain), $"The server is already set to use this domain");
return View(vm);
var builder = new UriBuilder();
using (var client = new HttpClient(new HttpClientHandler()
ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
2018-08-13 17:04:37 +09:00
builder.Scheme = this.Request.Scheme;
builder.Host = vm.DNSDomain;
2018-08-13 16:48:10 +09:00
var addresses1 = Dns.GetHostAddressesAsync(this.Request.Host.Host);
var addresses2 = Dns.GetHostAddressesAsync(vm.DNSDomain);
await Task.WhenAll(addresses1, addresses2);
var addressesSet = addresses1.GetAwaiter().GetResult().Select(c => c.ToString()).ToHashSet();
var hasCommonAddress = addresses2.GetAwaiter().GetResult().Select(c => c.ToString()).Any(s => addressesSet.Contains(s));
if (!hasCommonAddress)
ModelState.AddModelError(nameof(vm.DNSDomain), $"Invalid host ({vm.DNSDomain} is not pointing to this BTCPay instance)");
return View(vm);
catch (Exception ex)
var messages = new List<object>();
if (ex.InnerException != null)
ModelState.AddModelError(nameof(vm.DNSDomain), $"Invalid domain ({string.Join(", ", messages.ToArray())})");
return View(vm);
2018-07-25 00:51:45 +09:00
var error = RunSSH(vm, $" {vm.DNSDomain}");
if (error != null)
return error;
builder.Path = null;
builder.Query = null;
StatusMessage = $"Domain name changing... the server will restart, please use \"{builder.Uri.AbsoluteUri}\"";
2018-07-24 22:10:37 +09:00
else if (command == "update")
2018-07-25 01:01:05 +09:00
var error = RunSSH(vm, $"");
2018-07-24 22:10:37 +09:00
if (error != null)
return error;
StatusMessage = $"The server might restart soon if an update is available...";
return NotFound();
return RedirectToAction(nameof(Maintenance));
public static string RunId = Encoders.Hex.EncodeData(NBitcoin.RandomUtils.GetBytes(32));
public IActionResult SeeRunId(string expected = null)
if (expected == RunId)
return Ok();
return BadRequest();
2018-07-25 00:51:45 +09:00
private IActionResult RunSSH(MaintenanceViewModel vm, string ssh)
2018-07-25 00:51:45 +09:00
ssh = $"sudo bash -c '. /etc/profile.d/ && nohup {ssh} > /dev/null 2>&1 & disown'";
var sshClient = _Options.SSHSettings == null ? vm.CreateSSHClient(this.Request.Host.Host)
: new SshClient(_Options.SSHSettings.CreateConnectionInfo());
2018-08-12 23:23:26 +09:00
if (_Options.TrustedFingerprints.Count != 0)
sshClient.HostKeyReceived += (object sender, Renci.SshNet.Common.HostKeyEventArgs e) =>
if (_Options.TrustedFingerprints.Count == 0)
2018-08-13 09:43:59 +09:00
Logs.Configuration.LogWarning($"SSH host fingerprint for {e.HostKeyName} is untrusted, start BTCPay with -sshtrustedfingerprints \"{Encoders.Hex.EncodeData(e.FingerPrint)}\"");
2018-08-12 23:23:26 +09:00
e.CanTrust = true; // Not a typo, we want the connection to succeed with a warning
2018-08-13 09:43:59 +09:00
e.CanTrust = _Options.IsTrustedFingerprint(e.FingerPrint, e.HostKey);
if (!e.CanTrust)
2018-08-13 09:43:59 +09:00
Logs.Configuration.LogError($"SSH host fingerprint for {e.HostKeyName} is untrusted, start BTCPay with -sshtrustedfingerprints \"{Encoders.Hex.EncodeData(e.FingerPrint)}\"");
2018-08-12 23:23:26 +09:00
catch (Renci.SshNet.Common.SshAuthenticationException)
ModelState.AddModelError(nameof(vm.Password), "Invalid credentials");
return View(vm);
catch (Exception ex)
var message = ex.Message;
if (ex is AggregateException aggrEx && aggrEx.InnerException?.Message != null)
message = aggrEx.InnerException.Message;
ModelState.AddModelError(nameof(vm.UserName), $"Connection problem ({message})");
return View(vm);
var sshCommand = sshClient.CreateCommand(ssh);
sshCommand.CommandTimeout = TimeSpan.FromMinutes(1.0);
sshCommand.BeginExecute(ar =>
2018-07-25 00:51:45 +09:00
Logs.PayServer.LogInformation("Running SSH command: " + ssh);
var result = sshCommand.EndExecute(ar);
Logs.PayServer.LogInformation("SSH command executed: " + result);
catch (Exception ex)
Logs.PayServer.LogWarning("Error while executing SSH command: " + ex.Message);
return null;
2018-03-22 19:55:14 +09:00
private static bool IsAdmin(IList<string> roles)
return roles.Contains(Roles.ServerAdmin, StringComparer.Ordinal);
public new async Task<IActionResult> User(string userId, UserViewModel viewModel)
var user = await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
var roles = await _UserManager.GetRolesAsync(user);
var isAdmin = IsAdmin(roles);
bool updated = false;
if (isAdmin != viewModel.IsAdmin)
2018-03-22 19:55:14 +09:00
if (viewModel.IsAdmin)
await _UserManager.AddToRoleAsync(user, Roles.ServerAdmin);
await _UserManager.RemoveFromRoleAsync(user, Roles.ServerAdmin);
updated = true;
if (updated)
2018-03-22 19:55:14 +09:00
viewModel.StatusMessage = "User successfully updated";
return View(viewModel);
2017-12-04 14:39:02 +09:00
public async Task<IActionResult> DeleteUser(string userId)
var user = userId == null ? null : await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
return View("Confirm", new ConfirmModel()
Title = "Delete user " + user.Email,
Description = "This user will be permanently deleted",
Action = "Delete"
public async Task<IActionResult> DeleteUserPost(string userId)
var user = userId == null ? null : await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
await _UserManager.DeleteAsync(user);
await _StoreRepository.CleanUnreachableStores();
2017-12-04 14:39:02 +09:00
StatusMessage = "User deleted";
return RedirectToAction(nameof(ListUsers));
public string StatusMessage
get; set;
public async Task<IActionResult> Emails()
var data = (await _SettingsRepository.GetSettingAsync<EmailSettings>()) ?? new EmailSettings();
return View(new EmailsViewModel() { Settings = data });
2017-09-27 14:18:09 +09:00
public async Task<IActionResult> Policies()
var data = (await _SettingsRepository.GetSettingAsync<PoliciesSettings>()) ?? new PoliciesSettings();
return View(data);
public async Task<IActionResult> Policies(PoliciesSettings settings)
2018-04-19 11:39:51 -05:00
await _SettingsRepository.UpdateSetting(settings);
TempData["StatusMessage"] = "Policies updated successfully";
return View(settings);
2018-07-22 18:38:14 +09:00
public IActionResult Services()
var result = new ServicesViewModel();
foreach (var cryptoCode in _Options.ExternalServicesByCryptoCode.Keys)
2018-07-22 18:38:14 +09:00
int i = 0;
foreach (var grpcService in _Options.ExternalServicesByCryptoCode.GetServices<ExternalLnd>(cryptoCode))
2018-07-22 18:38:14 +09:00
result.LNDServices.Add(new ServicesViewModel.LNDServiceViewModel()
2018-07-22 18:38:14 +09:00
Crypto = cryptoCode,
Type = grpcService.Type,
Index = i++,
2018-07-22 18:38:14 +09:00
result.HasSSH = _Options.SSHSettings != null;
2018-07-22 18:38:14 +09:00
return View(result);
public IActionResult LndGrpcServices(string cryptoCode, int index, uint? nonce)
2018-07-22 18:38:14 +09:00
if (!_dashBoard.IsFullySynched(cryptoCode, out var unusud))
StatusMessage = $"Error: {cryptoCode} is not fully synched";
return RedirectToAction(nameof(Services));
var external = GetExternalLndConnectionString(cryptoCode, index);
if (external == null)
2018-07-22 18:38:14 +09:00
return NotFound();
var model = new LndGrpcServicesViewModel();
2018-07-22 18:38:14 +09:00
2018-07-22 21:28:21 +09:00
model.Host = $"{external.BaseUri.DnsSafeHost}:{external.BaseUri.Port}";
2018-07-22 18:38:14 +09:00
model.SSL = external.BaseUri.Scheme == "https";
if (external.CertificateThumbprint != null)
model.CertificateThumbprint = Encoders.Hex.EncodeData(external.CertificateThumbprint);
if (external.Macaroon != null)
model.Macaroon = Encoders.Hex.EncodeData(external.Macaroon);
if (nonce != null)
2018-07-22 18:38:14 +09:00
var configKey = GetConfigKey("lnd-grpc", cryptoCode, index, nonce.Value);
var lnConfig = _LnConfigProvider.GetConfig(configKey);
2018-07-22 18:38:14 +09:00
if (lnConfig != null)
model.QRCodeLink = $"{this.Request.GetAbsoluteRoot().WithTrailingSlash()}lnd-config/{configKey}/lnd.config";
2018-07-22 21:28:21 +09:00
model.QRCode = $"config={model.QRCodeLink}";
2018-07-22 18:38:14 +09:00
2018-07-22 18:38:14 +09:00
return View(model);
private static uint GetConfigKey(string type, string cryptoCode, int index, uint nonce)
return (uint)HashCode.Combine(type, cryptoCode, index, nonce);
public IActionResult GetLNDConfig(uint configKey)
2018-07-22 18:38:14 +09:00
var conf = _LnConfigProvider.GetConfig(configKey);
2018-07-22 18:38:14 +09:00
if (conf == null)
return NotFound();
return Json(conf);
2018-07-22 18:38:14 +09:00
public IActionResult LndGrpcServicesPost(string cryptoCode, int index)
2018-07-22 18:38:14 +09:00
var external = GetExternalLndConnectionString(cryptoCode, index);
if (external == null)
2018-07-22 18:38:14 +09:00
return NotFound();
LightningConfigurations confs = new LightningConfigurations();
LightningConfiguration conf = new LightningConfiguration();
conf.Type = "grpc";
conf.ChainType = _Options.NetworkType.ToString();
2018-07-22 18:38:14 +09:00
conf.CryptoCode = cryptoCode;
conf.Host = external.BaseUri.DnsSafeHost;
conf.Port = external.BaseUri.Port;
conf.SSL = external.BaseUri.Scheme == "https";
conf.Macaroon = external.Macaroon == null ? null : Encoders.Hex.EncodeData(external.Macaroon);
conf.CertificateThumbprint = external.CertificateThumbprint == null ? null : Encoders.Hex.EncodeData(external.CertificateThumbprint);
var nonce = RandomUtils.GetUInt32();
var configKey = GetConfigKey("lnd-grpc", cryptoCode, index, nonce);
_LnConfigProvider.KeepConfig(configKey, confs);
return RedirectToAction(nameof(LndGrpcServices), new { cryptoCode = cryptoCode, nonce = nonce });
private LightningConnectionString GetExternalLndConnectionString(string cryptoCode, int index)
var connectionString = _Options.ExternalServicesByCryptoCode.GetServices<ExternalLnd>(cryptoCode).Skip(index).Select(c => c.ConnectionString).FirstOrDefault();
if (connectionString == null)
return null;
connectionString = connectionString.Clone();
if (connectionString.MacaroonFilePath != null)
connectionString.Macaroon = System.IO.File.ReadAllBytes(connectionString.MacaroonFilePath);
connectionString.MacaroonFilePath = null;
Logs.Configuration.LogWarning($"{cryptoCode}: The macaroon file path of the external LND grpc config was not found ({connectionString.MacaroonFilePath})");
return null;
return connectionString;
2018-07-22 18:38:14 +09:00
public IActionResult LndRestServices(string cryptoCode, int index, uint? nonce)
if (!_dashBoard.IsFullySynched(cryptoCode, out var unusud))
StatusMessage = $"Error: {cryptoCode} is not fully synched";
return RedirectToAction(nameof(Services));
var external = GetExternalLndConnectionString(cryptoCode, index);
if (external == null)
return NotFound();
var model = new LndRestServicesViewModel();
model.BaseApiUrl = external.BaseUri.ToString();
if (external.CertificateThumbprint != null)
model.CertificateThumbprint = Encoders.Hex.EncodeData(external.CertificateThumbprint);
if (external.Macaroon != null)
model.Macaroon = Encoders.Hex.EncodeData(external.Macaroon);
return View(model);
public IActionResult SSHService(bool downloadKeyFile = false)
var settings = _Options.SSHSettings;
if (settings == null)
return NotFound();
if (downloadKeyFile)
if (!System.IO.File.Exists(settings.KeyFile))
return NotFound();
return File(System.IO.File.ReadAllBytes(settings.KeyFile), "application/octet-stream", "id_rsa");
SSHServiceViewModel vm = new SSHServiceViewModel();
string port = settings.Port == 22 ? "" : $" -p {settings.Port}";
vm.CommandLine = $"ssh {settings.Username}@{settings.Server}{port}";
vm.Password = settings.Password;
vm.KeyFilePassword = settings.KeyFilePassword;
vm.HasKeyFile = !string.IsNullOrEmpty(settings.KeyFile);
return View(vm);
2018-04-19 11:39:51 -05:00
public async Task<IActionResult> Theme()
var data = (await _SettingsRepository.GetSettingAsync<ThemeSettings>()) ?? new ThemeSettings();
return View(data);
public async Task<IActionResult> Theme(ThemeSettings settings)
await _SettingsRepository.UpdateSetting(settings);
2018-04-19 11:39:51 -05:00
TempData["StatusMessage"] = "Theme settings updated successfully";
return View(settings);
2017-09-27 14:18:09 +09:00
public async Task<IActionResult> Emails(EmailsViewModel model, string command)
if (command == "Test")
2018-07-22 18:38:14 +09:00
if (!model.Settings.IsComplete())
2018-05-04 15:54:12 +09:00
model.StatusMessage = "Error: Required fields missing";
return View(model);
var client = model.Settings.CreateSmtpClient();
await client.SendMailAsync(model.Settings.From, model.TestEmail, "BTCPay test", "BTCPay test");
model.StatusMessage = "Email sent to " + model.TestEmail + ", please, verify you received it";
catch (Exception ex)
model.StatusMessage = "Error: " + ex.Message;
return View(model);
2018-05-04 15:54:12 +09:00
else // if(command == "Save")
await _SettingsRepository.UpdateSetting(model.Settings);
model.StatusMessage = "Email settings saved";
return View(model);
public async Task<IActionResult> LogsView(string file = null, int offset = 0)
if (offset < 0)
offset = 0;
var vm = new LogsViewModel();
if (string.IsNullOrEmpty(_Options.LogFile))
vm.StatusMessage = "Error: File Logging Option not specified. " +
"You need to set debuglog and optionally " +
"debugloglevel in the configuration or through runtime arguments";
var di = Directory.GetParent(_Options.LogFile);
if (di == null)
vm.StatusMessage = "Error: Could not load log files";
var fileNameWithoutExtension = Path.GetFileNameWithoutExtension(_Options.LogFile);
var fileExtension = Path.GetExtension(_Options.LogFile) ?? string.Empty;
var logFiles = di.GetFiles($"{fileNameWithoutExtension}*{fileExtension}");
vm.LogFileCount = logFiles.Length;
vm.LogFiles = logFiles
.OrderBy(info => info.LastWriteTime)
vm.LogFileOffset = offset;
if (string.IsNullOrEmpty(file)) return View("Logs", vm);
vm.Log = "";
var path = Path.Combine(di.FullName, file);
using (var fileStream = new FileStream(
using (var reader = new StreamReader(fileStream))
vm.Log = await reader.ReadToEndAsync();
return NotFound();
return View("Logs", vm);