HOW TO SETUP ZENCASH SECURE/SUPER NODE ON UBUNTU 16.04 SERVER

in #zencash6 years ago (edited)

########################################

DOMAIN CONFIG

########################################

Set your domain with A records on ipv4 and with AAAA records on ipv6


########################################

WALLET

########################################


I use swing wallet

Create new transparent address and send 42 zen for secure node or 500 for supernode


########################################

SECURE THE SERVER

########################################


- Change ssh port


vim /etc/ssh/sshd_config

change 22 with another port like 32

/etc/init.d/ssh restart


- Config Firewall


ufw default allow outgoing
ufw default deny incoming
ufw allow 32/tcp
ufw limit 32/tcp
ufw allow http/tcp
ufw allow https/tcp
ufw allow 9033/tcp
ufw logging on
ufw enable


- Disable ping


vim /etc/sysctl.conf


#####################

net.ipv4.icmp_echo_ignore_all =1 

#####################


sysctl -p


vim /etc/rc.local


##########################################

#Load kernel variables from /etc/sysctl.d

/etc/init.d/procps restart

exit 0

##########################################


- Install Denyhost


apt install denyhosts
vim /etc/denyhosts.conf

insert on the top

#############################

BLOCKPORT = 32

#############################


and change this to 3 failed login


#############################

DENY_THRESHOLD_ROOT = 3

DENY_THRESHOLD_RESTRICTED = 3

#############################


systemctl restart denyhosts.service
systemctl enable denyhosts.service


- Create swap if necessary (ram+swap 6gb total for secure node, 8gb for supernode)


fallocate -l 2G /swapfile

chmod 600 /swapfile

mkswap /swapfile

swapon /swapfile

cat <<EOF >> /etc/fstab

/swapfile none swap sw 0 0

EOF

cat <<EOF >> /etc/sysctl.conf

vm.swappiness=10

EOF


#########################################

INSTALL ZEN

#########################################


apt-get update

apt-get install apt-transport-https lsb-release

echo 'deb https://zencashofficial.github.io/repo/ '$(lsb_release -cs)' main' | sudo tee --append /etc/apt/sources.list.d/zen.list

gpg --keyserver ha.pool.sks-keyservers.net --recv 219F55740BBF7A1CE368BA45FB7053CE4991B669

gpg --export 219F55740BBF7A1CE368BA45FB7053CE4991B669 | sudo apt-key add -

apt-get update

apt-get install zen # to install Zen

zen-fetch-params

zend

vim .zen/zen.conf

#################################

rpcuser=youruser

rpcpassword=yourpw

rpcport=18231

rpcallowip=127.0.0.1

server=1

daemon=1

listen=1

txindex=1

logtimestamps=1

#tlscertpath=/root/.acme.sh/yourdomain.com/yourdomain.com.cer

#tlskeypath=/root/.acme.sh/yourdomain.com/yourdomain.com.key

externalip=your ipv4

externalip=your ipv6

port=9033

###################################


zend

zen-cli getinfo

apt install socat

mkdir acme

cd acme

apt-get install git

git clone https://github.com/Neilpang/acme.sh.git

cd acme.sh

./acme.sh --install

FQDN=yourdomain.com

echo $FQDN

./acme.sh --issue --standalone -d $FQDN 

cp /root/.acme.sh/yourdomain.com/ca.cer /usr/share/ca-certificates/ca.crt

dpkg-reconfigure ca-certificates  (select new ca the first in list and then ok)


enable your ca link in zen.conf


vim /root/.zen/zen.conf

############################################################

tlscertpath=/root/.acme.sh/yourdomain.com/yourdomain.com.cer

tlskeypath=/root/.acme.sh/yourdomain.com/yourdomain.com.key

############################################################


zen-cli stop

zend

zen-cli getnetworkinfo


#######################################

CREATE WALLET FOR NODE

#######################################

zen-cli z_listaddresses

zen-cli z_getnewaddress


send 0.05 zen from wallet to the z_address server for challange


###########################################

wait blockchain sync and check your balance 

###########################################


zen-cli z_gettotalbalance


###########################################

AFTER SYNC BLOCK INSTALL AND CONFIG TRACKER

###########################################


apt -y install npm
npm install -g n
n latest

mkdir ~/zencash
cd ~/zencash
git clone https://github.com/ZencashOfficial/secnodetracker.git
cd secnodetracker
npm install

node setup.js (insert all information)

node app.js


stop with ctrl-c


cd ~/zencash/secnodetracker/
npm install pm2@2.4.0 -g
pm2 start app.js --name securenodetracker
pm2 startup
pm2 save

apt install monit

vim ~/zen_node.sh


##################################################################

#!/bin/bash


PID_FILE='/root/.zen/zen_node.pid'


start() {

       touch $PID_FILE

       eval "/bin/su root -c '/usr/bin/zend 2>&1 >> /dev/null'"

       PID=$(ps aux | grep zend | grep -v grep | awk '{print $2}')

       echo "Starting zend with PID $PID"

       echo $PID > $PID_FILE

}

stop () {

       pkill zend

       rm $PID_FILE

       echo "Stopping zend"

}


case $1 in

    start)

       start

       ;;

    stop)  

       stop

       ;;

     *)  

       echo "usage: zend {start|stop}" ;;

 esac

 exit 0

###########################################################################


chmod u+x ~/zen_node.sh

vim /etc/monit/monitrc


#############################################################################

#added on setup for zend

set httpd port 2812

use address localhost # only accept connection from localhost 

allow localhost # allow localhost to connect to the server

#zend process control

check process zend with pidfile /root/.zen/zen_node.pid

start program = "/root/zen_node.sh start" with timeout 60 seconds

stop program = "/root/zen_node.sh stop"

#############################################################################


monit reload

monit start zend

monit status

monit stop zend

monit status

pm2 status

pm2 logs

zen-cli getinfo

zen-cli getnetworkinfo


#######################################

FOR RESTART ZEN AND TRACKER

#######################################


monit restart zend
pm2 restart 0


NOTE:

Backup this files for reinstall or transfer your node

/root/.zen/zen.conf

/root/.zen/wallet.dat

/root/zencash/secnodetracker/config/config.json



If you want to give me a beer or a coffee... Thank you for reading!

zen: znXX7K2T2TFgkPqgw3Tbq3vvgzHUQnkLKWF 

Sort:  

Congratulations @mccrypto! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 1 year!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Vote for @Steemitboard as a witness to get one more award and increased upvotes!