About Sovereign Stack
Sovereign Stack is a complete network solution enabling you to deploy Bitcoin-only website infrastructure. It consists of this website which documents the project, and the Sovereign Stack code. Together these contain all the information you might need to create and operate your own Value4Value websites based on Bitcoin/Lightning.
To run Sovereign Stack as intended, you will need to consider the requirements and recommendations explained throughout this website. When you have your network properly configured, you can deploy the Sovereign Stack code to one or more Incus clusters. This is where your websites and Bitcoin-native payment infrastructure and website components run.
Requirements
There are several requirements to run Sovereign Stack:
- a modern firewall, preferably one based on pfSense
- a VLAN capable managed switch
- one or more x64 computing devices (e.g., Librem Mini, Intel NUC, etc.)
- a fast and reliable Internet connection
- and a (preferably dedicated) management machine
The system diagram above shows clusterhost-01
attached to the SERVERS
VLAN/DMZ. This is where you place one or more commodity x86_64 computing devices. These commodity machines are where you can deploy the Sovereign Stack software. All software that gets deployed executes in isolated Virtual Machines which attach to the network underlay using Macvlan.
Sovereign Stack is designed to operate on a home or small office Internet connection. Typically this means there exists ONE and ONLY ONE public IP address which is provided by your ISP. In many cases, you will want to deploy more than one website under different DNS domains. Sovereign Stack allows you to host and expose all those websites to the public, all on your residential internet connection. All deployed websites, however, use one instance of BTCPayServer which provides the Lightning liquidity pool.
Website Features
Each website that gets deployed is based on Ghost and BTCPay Server at a minimum. You can also deploy other Open Source Software (OSS) projects such as Nextcloud and Gitea, and a Nostr relay. All depends on your requirements and what applications are supported.
The goal is to deploy whatever apps which allow you to create the desired effect. More FOSS projects will be added time progresses.
Bitcoin / Lightning Nodes
BTCPay Server
You can deploy a BTCPay Server VM using Sovereign Stack btcpayserver
). This VM provides all the Bitcoin related functionality including a pruning Bitcoin full node (keeping ~six months of block data). Each deployment includes a core lightning node for all lightning functionality. Website creators are expected to know how to use BTCPay server to implement the various payment workflows that might exist, e.g., tipping, store/order menu, crowdfunds, etc..
LNPlay
A new addition to the Sovereign Stack code base is called lnplayserver
, since I deploy the submodule LNPlay. LNPlay deploys a bitcoind
instance and one or more core lightning instances all of which are able to communicate with each other using an overlay network. Each CLN node is configured to listen for command (using Commando) using Core Lightning's websocket interface.
When you're operating Lightning node, you will need a modern and convenient Lightning wallet. Sovereign Stack allows you to self-host Clams Remote which can be used to connect to any of the core lightning daemons deployed by Sovereign Stack. Clams Remote is an innovative web-app for remotely controlling these nodes.
Website Components
You can build websites using the following tools, each of which reside at a different host name under your domain, e.g., nextcloud.domain.tld
.
Ghost
Ghost is an excellent syndication-based web front end. It has a great user interface for users to create their content. Sovereign Stack is there to deploy Ghost and situate it behind a domain name, and to perform backup/restoration activities for all the ghost instances you deploy.
Nostr
Each domain that gets deployed has a Nostr relay deployed by default. It is expected that multiple relay processes will get deployed to address various use cases, e.g., [free] application logging, [expensive] public relay. But at the moment, if you specify a nostr pubkey, Sovereign Stack instance will make that pubkey NIP-05 compliant and deploy a nostr relay at wss://relay.domain.tld
whitelisted for that pubkey.
In accordance with NIP-05, nostr clients are directed to the deployed nostr relay at wss://relay.domain.tld
.
Together, this means remote nostr clients can quickly and reliably find your nostr pubkey when searching your domain name in a nostr client. This feature direct nostr clients to the relay hosting all your nostr messages. Great!
Nextcloud
Sovereign Stack can deploy Nextcloud under each domain in a deployment. Nextcloud makes a great front-end for calendars and webcal service endpoints and other cool features.
Gitea
Gitea is a self-hosted github alternative. Sovereign-stack.org uses gitea to host the git repo as well as aid in documentation/understanding of the codebase. Gitea also exposes an RSS feed, making it easy to inform users of changes the Sovereign Stack codebase.
At the end of each section, you will see a tip button. It is a common practice for Value4Value websites to solicit bitcoin if the reader values the project. All contributions apply to the monthly crowdfund.