Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 28 Next »

Installing your own CAS is fairly simple, but it’s discouraged for novices. The possibility of losing your funds is real, if the server should inadvertently be setup incorrectly.

Installation requires some knowledge of:

  • Ubuntu (Linux)

  • SSH

  • File Permissions & Security

  • VPN Communications

CAS installation takes about 20 minutes. Hire a professional to help you if you are uncertain of how to proceed, or don’t feel comfortable with the command line.

You’ll need a server with a publicly exposed IP to host your CAS.

Minimum requirements:

  • 1 CPU

  • 8 GB RAM

  • 20 GB HDD (150GB+ recommended)

  • Ubuntu 22.04 LTS Server

  • 1 publicly accessible IP address

  • A valid CAS license key from General Bytes (order here)

RAM is a critical part of seamless operation in this application – “the more, the merrier” when it comes to that component.

We ask you to use Ubuntu 22.04 LTS for the sake of support ease and consistency. Other flavors of Linux may work, but General bytes' products and this guide are focused around known quantities.

Ubuntu LTS versions 20.04 and 22.04 are currently supported.

These installation instructions are based on the images available on Digital Ocean. Images sourced from ISO’s (or other VPS providers) may not work as expected.

 If you choose an alternate OS, you may find yourself handling your own problems without much guidance (if you can even get the software installed & operating)! 

This guide presumes you've installed a bare Ubuntu 22.04 LTS OS, without any additional software aside from perhaps a distribution upgrade. This guide further presumes root access, and sudo may be required (yet omitted) in some examples supplied below. This guide assumes root for all commands. Security is also assumed. You are running a currency exchange and hackers would love to gain access to your funds. Make it hard for them! Spend some time learning the best practices for your digital security, and implement those practices! So, let's get going. 

First: Login to your server.

You must access your “headless” Linux server using SSH.

Using Linux or Mac, this is rather straightforward. Open a terminal window and SSH into your server:

ssh root@yourserverip

On a Windows machine, you have a couple choices - but none are built-in.

  1. Windows Subsystem for Linux offered by Microsoft for Windows 10 & Windows 11.

  2. PuTTY is a little dated, but still used by millions.

Regardless of what you use, implement SSH keys (on your server) and disable passwords – remember: people want to steal your money! Password authentication usually makes that easier.

You should be looking at a CLI logged in as root on your web server before you proceed further.

  • “sudo” may be required for some commands below (if you’re not logged in as “root”).


Prepare your server

Update your Ubuntu:

Your Ubuntu software is obsolete out-of-the-box. You’ll need to update your installation immediately before proceeding further (and weekly thereafter).

sudo apt update && sudo apt dist-upgrade
  • when asked, “Do you want to continue? [Y/n] y" reply “y”.

  • if asked, “keep the local version currently installed” is safe (at this point).

  • press Enter (when requested) to accept the default answers to any queries (allow the update process to do whatever it suggests). There may be several of these messages.

Adjust your timezone:

Your reports and logs will be based on the current timezone, which is typically UTC (by default). Set your server to the correct timezone to enable accurate reporting.

sudo dpkg-reconfigure tzdata

Enable the UFW Firewall

A firewall should be enabled and active before installing CAS. Malicious actors may setup a bot to watch certain IP ranges. During your installation, that bot may manage to infiltrate your system in the few seconds it is unexposed - so lock it up before you go any further installing CAS.

Here’s how:

https://generalbytes.atlassian.net/wiki/spaces/ESD/pages/954728558/Configuring+Server+Firewalls#Option-1%3A-Configure-UFW

Reboot your server:

sudo reboot now

Install the GB APT repository.

APT Repository Configuration

Install the CAS installer.

Download and install the CAS installation script to your server:

sudo apt update && sudo apt install batm

Add execute permission to the script file:

sudo chmod +x /opt/batm/batm-install

Start the installation script:

sudo /opt/batm/batm-install init

You will be now be asked for your license key again. You cannot proceed without it.

  • Installation will only begin if the key is valid, and

  • your key will only be valid after your (Operator) KYC approval by GB, and

  • any outstanding invoices are satisfied.

  • If you don’t already have a license (signatures are required), order it from: https://www.generalbytes.com/en/products/cas-server

Enter the key provided by General Bytes and press ENTER.

  • The Ubuntu environment will ALSO be updated in this step.

  • The script will finish after a few minutes and report:

Proceed with:

sudo /opt/batm/batm-install download
  • Installation will resume, downloading the requisite software components and report:

Continue:

sudo /opt/batm/batm-install configure

If you already have SQL installed & configured, use the skip-mysql parameter to proceed without the standard scripted mySQL configuration (e.g. sudo /opt/batm/batm-install configure skip-mysql).

Do not include the skip-mysql parameter unless you have already configured mySQL.

Immediately the script will ask you to create some database credentials.
  • You'll probably be safe using these defaults for these questions, but to avoid being predictable - pick something unique (yet simple).

  • The answers are case-sensitive.

  • These fields must not contain spaces (e.g. “mycas” is permitted, but “my cas” will fail).

  • DO NOT use special characters in the credentials.

IF YOU ARE PERFORMING A SERVER MIGRATION:

Make sure that the database name, username, and password are identical to the source server, or the restore will fail!

The script will then ask you to confirm your public IP address.
  • Typically, you are safe to enter the address that was "auto-detected".

    • In this example, the correct IP address is already listed (138.197.114.157).

  • Verify that YOUR correct public IP address is actually listed (it will be different than this example).

  • If in doubt, use this easy command to identify your public IP: wget -qO - ipv4.icanhazip.com

Finally, complete the last step of CAS software installation:

sudo /opt/batm/batm-install finish
  • You’ll be asked to enable “telemetry”. In this context, you’re being asked to permit BATM error logs to be automatically sent to the GB servers. “Telemetry” does not imply that GB can access your BATMs remotely to collect this data - this is not (currently) the case. Do not be alarmed.

After answering the “telemetry” question, the version installed will be displayed.

  • This version may not be the current version.

  • The “latest version” - may not be. In this example, the installed version IS NOT the latest version.


Update your CAS

The version installed may not be the latest stable version.

Follow this guide to install the latest version and/or patch:

https://generalbytes.atlassian.net/l/cp/SnEYggbQ

Start CAS

The CAS server is now installed, but it must be started. Type:

sudo /batm/batm-manage start all
  • Once all services (Master, Gate & Admin) have started, you’ll be returned to a command prompt.

  • Answer “Y” or “YES” (as appropriate) to create the default configuration files.

Typical startup screen:


Implement the integrated VPN:

Activate the integrated VPN to enable access to CAS. You cannot access CAS unless a VPN is configured and active. Only OpenVPN is supported at this time.

Instructions: VPN Access for CAS Administration

  • The integrated method is recommended as the bare minimum.

  • Server security is your responsibility and any lapse may result in a substantial loss of funds.


The first half of installation (CLI) is now complete.

Refer to this article for more information about batm-manage: the CAS CLI Toolkit

You’re done with the CLI after the upgrade - and you may exit the terminal (CLI).

https://generalbytes.atlassian.net/l/cp/4i7euQtC

You're still not done, though.

You'll need to configure your settings to do sales & purchases.

 Move on to part 2/2 for "first time" instructions setting up the CAS front end.


Having trouble?

Be patient. Initial startup may take 15-20 minutes.

Make sure you have enough RAM. During startup, the initialization routine will max out your CPUs and insufficient RAM will result in a bottleneck. Your system may terminate one (or both) of your services - and your server won’t serve.

See these troubleshooting articles:

NEXT >>

  • No labels