About Sovereign Stack

Sovereign Stack is a complete network solution enabling you to deploy Bitcoin-centric website infrastructure among one or more of your home or office locations. It consists of this website which documents the project, and the Sovereign Stack code. Together these contain all the information you might need to create and operate your own Value4Value websites based on Bitcoin/Lightning.

To run Sovereign Stack as intended, you will need to consider the requirements and recommendations explained throughout this website. When you have your network properly configured, you can deploy the Sovereign Stack code to a compute node. This is where your websites and Bitcoin-native payment infrastructure and website components run.

Check out the Examples section to get an idea for the types of bitcoin-native websites you can create.


There are several requirements to run Sovereign Stack:

  • a modern firewall, preferably one based on pfSense
  • a VLAN capable managed switch
  • one or more x64 computing devices (e.g., Librem Mini, Intel NUC, etc.)
  • a fast and reliable Internet connection
  • and a (preferably dedicated) management machine
A competent network technician or Uncle Jim may also required to read and understand the documentation on this website and apply the concepts to your particular network!

The system diagram above shows clusterhost-01 attached to the SERVERS VLAN/DMZ. This is where you place one or more commodity x86_64 computing devices. These commodity machines are where you can deploy the Sovereign Stack software. All software that gets deployed executes in isolated Virtual Machines which attach to the network underlay using Macvlan.

Sovereign Stack is designed to operate on a home or small office Internet connection. Typically this means there exists ONE and ONLY ONE public IP address which is provided by your ISP. In many cases, you will want to deploy more than one website under different DNS domains. Sovereign Stack allows you to host and expose all those websites to the public, all on your residential internet connection. All deployed websites, however, use one instance of BTCPayServer which provides the Lightning liquidity pool.

Website Features

Each website that gets deployed is based on Ghost and BTCPay Server at a minimum. You can also deploy other Open Source Software (OSS) projects such as Nextcloud and Gitea, and a Nostr relay. All depends on your requirements and what applications are supported.

The goal is to deploy whatever apps which allow you to create the desired effect. More FOSS projects will be added time progresses.

BTCPay Server

BTCPay Server is a required component of a Sovereign Stack deployment. It provides all the Bitcoin related functionality including a pruning Bitcoin full node (keeping ~six months of block data). Each deployment includes a core lightning node for all lightning functionality. Website creators are expected to know how to use BTCPay server to implement the various payment workflows that might exist, e.g., tipping, store/order menu, crowdfunds, etc..

This is Sovereign Stack! That means you SHOULD AVOID becoming a custodian for anyone other than yourself! It's probably OK to hand out on-chain addresses for others (if they trust you), but LIGHTNING is inherently custodial!


Ghost is an excellent syndication-based web front end. It has a great user interface for users to create their content. Sovereign Stack is there to deploy Ghost and situate it behind a domain name, and to perform backup/restoration activities for all the ghost instances you deploy.

Clams Wallet

When you're operating Lightning node, you will need a modern and convenient Lightning wallet. That's why the Clams browser app included included in every Sovereign Stack deployment. Clams is an innovative wallet for managing your core lightning node.


Sovereign Stack can deploy Nextcloud under each domain in a deployment. Nextcloud makes a great front-end for calendars and webcal service endpoints and other cool features.


Gitea is a self-hosted github alternative. sovereign-stack.org uses gitea to host the git repo as well as aid in documentation/understanding of the codebase. Gitea also exposes as RSS feed on on each repository making it easy to inform users of changes the Sovereign Stack codebase.


Each domain that gets deployed can optionally have a Nostr relay deployed. It is expected that multiple relay processes will get deployed to address various use cases, e.g., [free] application logging, [expensive] public relay. But at the moment, IF you specify a nostr pubkey, Sovereign Stack instance will make that pubkey NIP-05 compliant and deploy a nostr relay at wss://relay.domain.tld whitelisted for that pubkey. In addition, in accordance with NIP-05, nostr clients are directed to the deployed nostr relay at wss://relay.domain.tld.

Sovereign Stack websites can make an nostr pubkey NIP-05 compliant. All this means is you have some service endpoint under a domain name that is attesting to your pubkey. It's useful for search functionsl on nostr, e.g., a client can search for 'sovereign-stack.org' and be directed to a specific nostr pubkey.

At the end of each section, you will see a tip button. It is a common practice for Value4Value websites to solicit bitcoin if the reader values the project. All contributions apply to the monthly crowdfund.