Setup an EOS Test Node (Block Producer) with SSL + Testnet
Intro
As we are preparing our Block Producer candidacy submission, we have been testing various aspects of the EOS Dawn Alpha's and an obvious place to start is to spin up a test node so that you can sync with the network and join a testnet to start to produce blocks.
We've always found that the best way to get to know a new technology is to just dive in with a practical test to see how it works. This guide will take you through setting up a simple single node cloud setup, hooking in SSL and joining an active testnet. This is not a guide on how to prepare a production grade system, but it will get you up and running with a functional node in under an hour. The more people that can get involved with the EOS project the better, we hope this guide helps get you started!
Step 1: Create a fresh Ubuntu 16.04 instance
For this tutorial, we are going to use Digital Ocean, but you can use any cloud provider or any spare machine you have lying around.
To run a node, we need at least 4GB of physical memory, so we need to setup a suitable instance. In the Create Droplet settings use the following settings:
- Ubuntu 16.04
- Any droplet with at least 8GB RAM
- Pick a region you like, think of it like a virtual holiday
- Add your SSH key
- Give it a fancy name
- Hit "Create"
Once its built you should see the server details:
Step 2: Installing the EOS project
Now we have our server, we need to install the EOS project. Thankfully, in the newest Alpha this is much easier than before. SSH onto your freshly baked server, and follow these steps:
- We are going to use
screen
here to protect against losing a connection to the server, nothing more upsetting than breaking a long install half way through due to a dodgy wifi connection!
screen -S install
- Pull in the EOS project and all sub modules
git clone https://github.com/eosio/eos --recursive /opt/eos
- Move into the cloned directory
cd /opt/eos
- Fetch the latest version
git checkout DAWN-2018-04-27-ALPHA
- Fetch the latest submodules
git submodule update --init --recursive
- Run the installer, thankfully this will take care of installing all dependancies for us
/bin/bash eosio_build.sh
- It will ask you a few questions:
Do you wish to install these packages?
1) Yes
2) No
#?
Answer with: 1
- The install takes some time, anyone thats compiled large C++ projects before will know the pain - so go grab a drink and put your feet up whilst all the hard work is done for you. It can take up to an hour for this install to finish depending on the environment, but when its done you should see the following message:
_______ _______ _______ _________ _______
( ____ \( ___ )( ____ \\__ __/( ___ )
| ( \/| ( ) || ( \/ ) ( | ( ) |
| (__ | | | || (_____ | | | | | |
| __) | | | |(_____ ) | | | | | |
| ( | | | | ) | | | | | | |
| (____/\| (___) |/\____) |___) (___| (___) |
(_______/(_______)\_______)\_______/(_______)
EOS.IO has been successfully built. 0:48:34
To verify your installation run the following commands:
/root/opt/mongodb/bin/mongod -f /root/opt/mongodb/mongod.conf &
export PATH=${HOME}/opt/mongodb/bin:$PATH
cd /root/eos/build; make test
For more information:
EOS.IO website: https://eos.io
EOS.IO Telegram channel @ https://t.me/EOSProject
EOS.IO resources: https://eos.io/resources/
EOS.IO wiki: https://github.com/EOSIO/eos/wiki
Step 3: SSL
First thing we need for this is a domain name under our control. It can be an existing domain name that you already have, for this example we're going to use a subdomain of our company URL blockmatrix.network
.
We have our DNS pointed at Digital Ocean, which makes things nice and easy for us, but this is not essential.
Choose a subdomain that you want to use for pointing at the EOS node. We know far too well, naming things is hard... after a lot of deliberation, we've chosen
node
for this example, original eh?Point your subdomain to the server IP, this can be done in Digital Ocean through the networking section. We want to create an
A
record:
- Ok, now head back to the SSH session, we are going to install and use a handy CLI took from the Let's Encrypt team to get a working SSL cert for this subdomain:
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install certbot -y
- Now we can fetch a cert for our chosen domain name, remember to swap out
node.blockmatrix.network
for your own subdomain:
sudo certbot certonly --standalone --preferred-challenges http -d node.blockmatrix.network
- Note: You might see an error like this:
- The following errors were reported by the server:
Domain: node.blockmatrix.network
Type: None
Detail: DNS problem: NXDOMAIN looking up A for
node.blockmatrix.network
This means that the DNS hasn't propagated fully for the new subdomain that you've setup. It might be time for another drink, give it a try in 5-10 minutes. If this persists, check your configuration is correct within the networking tab of Digital Ocean.
If all goes well, you should see something like:
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/node.blockmatrix.network/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/node.blockmatrix.network/privkey.pem
Your cert will expire on 2018-07-30. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- Lets copy to a safe config directory, then we are ready for the next stage (again swap out our domain for yours):
mkdir -p /etc/eos
cp /etc/letsencrypt/live/node.blockmatrix.network/fullchain.pem /etc/eos/
cp /etc/letsencrypt/live/node.blockmatrix.network/privkey.pem /etc/eos/
Stage 4: Setting up the testnet
Ok, great effort for getting this far! We are onto the final boss stage. Once we get through this section we will have a shiny SSL testnode that is syncing with the network and producing blocks.
For this example, we are going to reference the awesome Jungle testnet by CryptoLions. They've done a really great job with the setup and are super responsive on their Telegram channel - a perfect example of a great community team.
Github: https://github.com/CryptoLions/EOS-Jungle-Testnet
You can follow the instructions on their readme, but to keep this tutorial 100% complete, we will paraphrase here.
- Clone the repo:
git clone https://github.com/CryptoLions/EOS-Jungle-Testnet.git /opt/JungleTestnet
- Set permissions, update the install directory and create a public/private key pair:
cd /opt/JungleTestnet/ && chmod -R +x *.sh Wallet/*.sh
sed -i "s/\/home\/eos-dawn-v3.0.0/\/opt/" *.sh Wallet/*.sh
/bin/bash cleos.sh create key
Now we need to pick another name! This time, a jungle animal - we'll go for
spidermonkey
, register yours at http://jungle.cryptolions.io:9898/monitor/#account referencing the Public key you just createdNow we can setup the config file to configure our node, hook into the testnet and to setup SSL access (
nano
ftw):
nano config.ini
- Now replace the following lines (this is taken direct from the CryptoLions github):
server address: p2p-server-address = YOUR_NODE_IP_ADDRESS:9876
your producer name: producer-name = YOUR_BP_NAME
created producer keypair: private-key = ["YOUR_PUBKEY","YOUR_PRIVKEY"]
- Now lets update the SSL config:
http-server-address = 0.0.0.0:8888
https-server-address = 0.0.0.0:443
https-certificate-chain-file = /etc/eos/fullchain.pem
https-private-key-file = /etc/eos/privkey.pem
- Here is an example of a completed base
config.ini
file (we changed our private key for this example):
# Limits the maximum time (in milliseconds) processing a single get_transactions call. (eosio::account_history_plugin)
get-transactions-time-limit = 3
genesis-json = "/opt/JungleTestnet/genesis.json"
block-log-dir = "blocks"
# Pairs of [BLOCK_NUM,BLOCK_ID] that should be enforced as checkpoints. (eosio::chain_plugin)
# checkpoint =
#max-reversible-block-time = -1
#max-pending-transaction-time = -1
http-server-address = 0.0.0.0:8888
p2p-listen-endpoint = 0.0.0.0:9876
p2p-server-address = node.blockmatrix.network:9876
access-control-allow-origin = *
p2p-peer-address = jungle.cryptolions.io:9876
p2p-peer-address = dev.cryptolions.io:9876
p2p-peer-address = 193.93.219.219:9876
p2p-peer-address = mowgli.jungle3.eos.roelandp.nl:9876
p2p-peer-address = mosquito.prometeos.io:9877
p2p-peer-address = eosrio.entropia.in:9876
p2p-peer-address = Jungle.eosuk.io:9927
p2p-peer-address = eosgreen.uk.to:9543
p2p-peer-address = bpseoul.eosnodeone.io:9876
p2p-peer-address = whale.eoscalgary.com:9876
p2p-peer-address = bp4-d3.eos42.io:9876
p2p-peer-address = 95.216.20.181:7015
p2p-peer-address = testnet01.eoseoul.io:9901
p2p-peer-address = 46.101.95.5:9876
p2p-peer-address = alessia.hkeos.com:9876
p2p-peer-address = cheetah.jungle3.bptn.eosamsterdam.net:9876
p2p-peer-address = robotikalis.ddns.net:9876
p2p-peer-address = 138.68.238.129:9876
p2p-peer-address = 54.200.153.106:9876
p2p-peer-address = 39.108.231.157:9876
p2p-peer-address = 139.198.3.99:9876
p2p-peer-address = testchain.jscut.org:9876
p2p-peer-address = testnet.eosdublin.io:9878
p2p-peer-address = eosslc.com:9877
p2p-peer-address = jungle.worbli.io:9876
p2p-peer-address = 47.52.18.70:3389
p2p-peer-address = 128.1.133.206:9876
p2p-peer-address = jungle.bpnode.com:6879
p2p-peer-address = 52.58.245.131:9876
p2p-peer-address = 198.58.114.211:9876
p2p-peer-address = 217.115.85.26:9876
p2p-peer-address = 188.117.144.164:9877
p2p-peer-address = quokka.eosreal.io:9886
p2p-peer-address = 5280.duckdns.org:9876
p2p-peer-address = eos-bp.bitfinex.com:9876
p2p-peer-address = 34.251.121.82:9876
p2p-peer-address = 173.212.227.190:9876
p2p-peer-address = avocado-toast.sandwich.farm:9876
p2p-peer-address = 18.219.28.205:9876
p2p-peer-address = test.eosys.io:9874
p2p-peer-address = n2.eosargentina.io:9876
p2p-peer-address = jungle.eossv.org:9876
p2p-peer-address = 13.209.32.21:9876
p2p-peer-address = eos.blockmatrix.network:9876
p2p-peer-address = 159.89.124.54:9876
p2p-peer-address = 174.87.244.128:9876
p2p-peer-address = jungle.eosnation.io:9876
p2p-peer-address = 211.222.107.234:9876
#p2p-peer-address =
#p2p-peer-address =
# SSL
# Filename with https private key in PEM format. Required for https (eosio::http_plugin)
https-server-address = 0.0.0.0:443
# Filename with the certificate chain to present on https connections. PEM format. Required for https. (eosio::http_plugin)
https-certificate-chain-file = /etc/eos/fullchain.pem
# Filename with https private key in PEM format. Required for https (eosio::http_plugin)
https-private-key-file = /etc/eos/privkey.pem
# access-control-allow-headers =
#access-control-allow-credentials = false
mongodb-queue-size = 256
# mongodb-uri =
agent-name = "AgentName"
allowed-connection = any
# peer-key =
# peer-private-key =
log-level-net-plugin = info
max-clients = 120
connection-cleanup-period = 30
network-version-match = 0
sync-fetch-span = 1000
enable-stale-production = false
required-participation = 33
private-key = ["EOS64xfe6AbKUtawiVNiimQ5nqiqTjxx9ttbKjx6aa9NNLvrEcm2t","5P32wKPDwACZxmgAiHk9wE9Y9xMJCfnzGSDXEAU2oSCLoRS4vkB"]
producer-name = spidermonkey
plugin = eosio::producer_plugin
plugin = eosio::chain_api_plugin
plugin = eosio::account_history_plugin
plugin = eosio::account_history_api_plugin
- Ok, save the file and we are ready to go! Lets fire up the node!
/bin/bash start.sh
We should now be able to access the server over SSL at your domain, here is ours: https://node.blockmatrix.network/v1/chain/get_info
It will take some time for the node to fully sync with the network, pay close attention to the
head_block_time
in the JSON output. Once synced, head over to CryptoLions telegram https://t.me/jungletestnet and send them the following info (replace with your own credentials!):
1. Server geographic location: UK, London
2. Organisation/Website: Block Matrix
3. node ip/domain: node.blockmatrix.network
4. http port: 443
5. p2p port: 9876
6. producer name: spidermonkey
7. public key: EOS64xfe6AbKUtawiVNiimQ5nqiqTjxx9ttbKjx6aa9NNLvrEcm2t
- We can now set up a wallet:
cd Wallet
/bin/bash start_wallet.sh
cd ..
/bin/bash cleos.sh wallet create
/bin/bash cleos.sh wallet import YOUR_PRIVKEY
- You can check that your wallet keys are successfully registered with:
/bin/bash cleos.sh wallet keys
- You can now fetch some juicy tokens via the faucet: http://jungle.cryptolions.io:9898/monitor/#faucet
Stage 5: Congratulations
Once hooked in, you are now a proud Block Producer for an EOS testnet, hopefully this is just the start of your journey into the awesome project of EOS!
Any questions or feedback, just let us know.
✅ @blockmatrix, congratulations on making your first post! I gave you a $.05 vote!
Will you give me a follow? I'll follow you back in return!
hi
to run a block producer, connect it to the mainnet, is it a requirement to do it over ssl? (so to have ssl configured on the BP and domain. etc)