Author

Topic: [Guide] Futurebit Apollo BTC Custom Linux Install - Node - page 2. (Read 525 times)

n0nce

hero member

Activity: 882

Merit: 5834

not your keys, not your coins!

Quote from: n0nce on October 21, 2021, 08:13:17 AM

electrs
Since one of the main benefits of running a full node is privacy during transaction & address lookup, an Electrum server is needed. Otherwise you'd have to query using Bitcoin Core all the time and can't just use your mobile and desktop applications for that.

[1] Install dependencies; make sure you're logged into admin and not bitcoin.

Code:

sudo apt install clang cargo rustc tor

[2] Download and build electrs as bitcoin. This can take roughly half an hour (compared to ~10 minutes on a $50 'old laptop' node).

Code:

sudo service miner stop
su - bitcoin
git clone https://github.com/romanz/electrs
cd electrs
cargo build --locked --release --no-default-features
mkdir /media/nvme/database
ln -s /media/nvme/database database

[3] Create electrs config file

Code:

nano electrs.toml

[4] Enter the following:

Code:

cookie_file = "/media/nvme/Bitcoin/.cookie"

# The listening RPC address of bitcoind, port is usually 8332
daemon_rpc_addr = "127.0.0.1:8332"

# The listening P2P address of bitcoind, port is usually 8333
daemon_p2p_addr = "127.0.0.1:8333"

# Directory where the index should be stored. It should have at least 70GB of free space.
db_dir = "/home/bitcoin/electrs/database"

# bitcoin means mainnet. Don't set to anything else unless you're a developer.
network = "bitcoin"

# How much information about internal workings should electrs print. Increase before reporting a bug.
log_filters = "INFO"

[5] Log back out into your sudo account, and open the Tor config file.

Code:

exit
sudo nano /etc/tor/torrc

[6] Add the following contents, preferably in the right section (somewhere where there's HiddenServiceDir stuff commented out).

Code:

HiddenServiceDir /var/lib/tor/electrs_hidden_service/
HiddenServiceVersion 3
HiddenServicePort 50001 127.0.0.1:50001

ExitPolicy reject *:* # no exits allowed

[7] Start up Tor and fetch your electrs Tor hostname. The hostname can then be entered in wallets like Wasabi and BlueWallet settings.

Code:

sudo systemctl enable tor.service
sudo service tor restart
sudo cat /var/lib/tor/electrs_hidden_service/hostname

[8] Create a service so electrs starts on startup

Code:

sudo nano /usr/lib/systemd/system/electrs.service

[9] Enter this information

Code:

[Unit]
Description=Electrs
After=bitcoind.service

[Service]
WorkingDirectory=/home/bitcoin/electrs
ExecStart=/home/bitcoin/electrs/target/release/electrs
User=bitcoin
Group=bitcoin
Type=simple
KillMode=process
TimeoutSec=60
Restart=always
RestartSec=60

[Install]
WantedBy=multi-user.target

[10] Start the service

Code:

sudo systemctl enable electrs.service
sudo service electrs start

[11] Check that it's running. This should return the electrs version.

Code:

echo '{"jsonrpc": "2.0", "method": "server.version", "params": ["", "1.4"], "id": 0}' | netcat 127.0.0.1 50001

n0nce

hero member

Activity: 882

Merit: 5834

not your keys, not your coins!

Bitcoin Core

[1] Create unprivileged bitcoin user and set a password for it.

Code:

sudo useradd -m bitcoin
sudo passwd bitcoin

[2] To mount NVMe drive, edit /etc/rc.local and add the following.
Remove exit 0 if it exists.

Code:

#mount nvme drive
mount /dev/nvme0n1p1 /media/nvme
chown -R bitcoin:bitcoin /media/nvme

[2.1] Create mount point

Code:

sudo mkdir /media/nvme
sudo chown bitcoin:bitcoin /media/nvme
sudo /etc/rc.local

[3] Switch to unprivileged bitcoin user. Commands should output bitcoin (user) and /home/bitcoin (working directory).

Code:

su - bitcoin
whoami
pwd

[4] Download latest build (replace URL accordingly) and the rpcauth.py script.

Code:

cd /home/bitcoin
wget https://bitcoincore.org/bin/bitcoin-core-23.0/bitcoin-23.0-aarch64-linux-gnu.tar.gz
wget https://github.com/bitcoin/bitcoin/raw/master/share/rpcauth/rpcauth.py

[5] Unpack the binary folder.

Code:

tar xvf bitcoin-23.0-aarch64-linux-gnu.tar.gz

[6] Create random username and password to access core via RPC. Note down the rpcauth=xxx:yyy line somewhere.

Code:

python3 rpcauth.py the_username_of_the_user_you_want cleartext_password_unique_long

[6.1] Delete history, otherwise the password remains in history file in cleartext.

Code:

history -c

[7] Create Bitcoin config file

Code:

mkdir ~/.bitcoin
nano ~/.bitcoin/bitcoin.conf

[8] Fill it like follows:

Code:

daemon=1
server=1
maxmempool=50
mempoolexpiry=2
rpcauth=user_chose_in_step_4:hash_created_in_step_4
dbcache=2048
banscore=10
datadir=/media/nvme/Bitcoin

[9] Exit back to admin account

Code:

exit

[10] Install Bitcoin

Code:

cd /home/bitcoin/bitcoin-*/
sudo install -m 0755 -o root -g root -t /usr/local/bin bin/*
cd

[11] Still logged in as sudoer, create Bitcoin service:

Code:

sudo nano /usr/lib/systemd/system/bitcoind.service

[12] Contents should be like shown:

Code:

[Unit]
Description=Bitcoin daemon
After=network.target

[Service]
ExecStart=/usr/local/bin/bitcoind -daemon -conf=/home/bitcoin/.bitcoin/bitcoin.conf

# Make sure the config directory is readable by the service user
PermissionsStartOnly=true

# Process management
####################

Type=forking
Restart=on-failure

# Directory creation and permissions
####################################

# Run as bitcoin:bitcoin
User=bitcoin
Group=bitcoin

# Hardening measures
####################

# Provide a private /tmp and /var/tmp.
PrivateTmp=true

# Mount /usr, /boot/ and /etc read-only for the process.
ProtectSystem=full

# Disallow the process and all of its children to gain
# new privileges through execve().
NoNewPrivileges=true

# Use a new /dev namespace only populated with API pseudo devices
# such as /dev/null, /dev/zero and /dev/random.
PrivateDevices=true

# Deny the creation of writable and executable memory mappings.
MemoryDenyWriteExecute=true

[Install]
WantedBy=multi-user.target

[13] Enable & start service

Code:

sudo systemctl enable bitcoind.service
sudo service bitcoind start

[14] Check if running

Code:

sudo tail -f /media/nvme/Bitcoin/debug.log

[15] Exit with Ctrl+C. Your node should be picking up the already finished initial block download and connect to peers just as always.

n0nce

hero member

Activity: 882

Merit: 5834

not your keys, not your coins!

Node Install Guide

This is part of my Futurebit Apollo BTC Custom Linux install guide.
See here for the prerequisites.

I planned to just do a Debian version of my OpenSUSE Full Node install guide.
However, it takes an incredibly long time to build and I got build errors, to the point where I got frustrated and would recommend to fetch the binaries from https://bitcoincore.org/en/download/. You can verify your download through the instructions on that webpage.
More detailed instructions about PGP and signatures can be found on https://bitcoin.org/en/full-node#linux-instructions.

Keep in mind that I assume the node was already booted at least once off of the original microSD; hence, the NVMe and the Bitcoin data folder on it are already initialized. In case it's needed, I'll add instructions for how to work with a freshly initialized SSD in a later post in this thread.