Merge pull request #3815 from wiz/add-seednode-installer

Add seednode installation script
bisq-network · Dec 20, 2019 · 9a0a348 · 9a0a348
2 parents ab35dbc + 9d1b1d1
commit 9a0a348
Show file tree

Hide file tree

Showing 8 changed files with 290 additions and 18 deletions.
diff --git a/seednode/README.md b/seednode/README.md
@@ -1,23 +1,86 @@
 # Bisq Seed Node
 
-* Install bisq-seednode.service in /etc/systemd/system
-* Install bisq-seednode in /etc/default
-* Install blocknotify.sh in bitcoind's ~/.bitcoin/ folder and chmod 700 it
-* Modify the executable paths and configuration as necessary
-* Then you can do:
+## Hardware
 
+Highly recommended to use SSD! Minimum specs:
+
+* CPU: 4 cores
+* RAM: 8 GB
+* SSD: 512 GB (HDD is too slow)
+
+## Software
+
+The following OS are known to work well:
+
+* Ubuntu 18
+* FreeBSD 12
+
+### Installation
+
+Start with a clean Ubuntu 18.04 LTS server installation, and run the script
+```bash
+curl -s https://raw.githubusercontent.com/bisq-network/bisq/master/seednode/install_seednode_debian.sh | sudo bash
 ```
-systemctl start bisq-seednode.service
-systemctl stop bisq-seednode.service
+
+This will install and configure Tor, Bitcoin, and Bisq-Seednode services to start on boot.
+
+### Firewall
+
+Next, configure your OS firewall to only allow SSH and Bitcoin P2P
+```bash
+ufw allow 22/tcp
+ufw allow 8333/tcp
+ufw enable
 ```
-and
+
+### Syncing
+
+After installation, watch the Bitcoin blockchain sync progress
+```bash
+sudo tail -f /bitcoin/debug.log
 ```
-systemctl enable bisq-seednode.service
-systemctl disable bisq-seednode.service
+
+After Bitcoin is fully synced, start the bisq-seednode service
+```bash
+sudo systemctl start bisq-seednode
+sudo journalctl --unit bisq-seednode --follow
+```
+
+After Bisq is fully synced, check your Bitcoin and Bisq onion hostnames:
+```bash
+sudo -H -u bitcoin bitcoin-cli getnetworkinfo|grep address
+sudo cat /bisq/bisq-seednode/btc_mainnet/tor/hiddenservice/hostname
+```
+
+### Testing
+
+After your Bisq seednode is ready, test it by connecting to your new btcnode and bisq-seednode!
+
+macOS:
+```bash
+/Applications/Bisq.app/Contents/MacOS/Bisq --seedNodes=foo.onion:8000 --btcNodes=foo.onion:8333
 ```
 
-Follow the logs created by the service by inspecting
+### Upgrading
 
+To upgrade your seednode to a new tag, for example v1.2.5
+```bash
+sudo -u bisq -s
+cd bisq
+git fetch origin
+git checkout v1.2.5 # new tag
+./gradlew clean
+./gradlew build -x test
+exit
+sudo service bisq-seednode restart
+sudo journalctl --unit bisq-seednode --follow
 ```
-journalctl --unit bisq-seednode --follow
+
+### Uninstall
+
+If you need to start over, you can run the uninstall script in this repo
+```bash
+sudo ./delete_seednode_debian.sh
 ```
+WARNING: this script will delete all data!
+
diff --git a/seednode/bisq-seednode → seednode/bisq-seednode.env b/seednode/bisq-seednode → seednode/bisq-seednode.env
@@ -8,17 +8,20 @@ JAVA_HOME=/usr/lib/jvm/openjdk-10.0.2
 JAVA_OPTS="-Xms8192M -Xmx8192M -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.host=127.0.0.1 -Dcom.sun.management.jmxremote.port=6969 -Dcom.sun.management.jmxremote.rmi.port=6969 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false"
 
 # bitcoin rpc credentials
-BITCOIN_RPC_USERNAME=foo
-BITCOIN_RPC_PASSWORD=bar
+BITCOIN_RPC_USERNAME=__BITCOIN_RPC_USER__
+BITCOIN_RPC_PASSWORD=__BITCOIN_RPC_USER__
 
 # bitcoind rpc ports
 BITCOIN_RPC_PORT=8332
 BITCOIN_RPC_BLOCKNOTIFY_PORT=5120
 
 # bisq seednode settings
 BISQ_APP_NAME=bisq-seednode
-BISQ_DATA_DIR=/home/bisq/
+BISQ_DATA_DIR=__BISQ_HOME__
 BISQ_NODE_PORT=8000
 BISQ_MAX_CONNECTIONS=50
 BISQ_MAX_MEMORY=8000
 BISQ_BASE_CURRENCY=BTC_MAINNET
+
+# set to true for BSQ explorer
+BISQ_DUMP_BLOCKCHAIN=false
diff --git a/seednode/bisq-seednode.service b/seednode/bisq-seednode.service
@@ -5,8 +5,8 @@ Description=Bisq Seed Node
 After=network.target
 
 [Service]
-EnvironmentFile=/etc/default/bisq-seednode
-ExecStart=/home/bisq/bisq/bisq-seednode --appName=${BISQ_APP_NAME} --nodePort=${BISQ_NODE_PORT} --userDataDir=${BISQ_DATA_DIR} --maxConnections=${BISQ_MAX_CONNECTIONS} --maxMemory=${BISQ_MAX_MEMORY} --fullDaoNode=true --rpcUser=${BITCOIN_RPC_USERNAME} --rpcPassword=${BITCOIN_RPC_PASSWORD} --rpcPort=${BITCOIN_RPC_PORT} --rpcBlockNotificationPort=${BITCOIN_RPC_BLOCKNOTIFY_PORT} --baseCurrencyNetwork=${BISQ_BASE_CURRENCY}
+EnvironmentFile=/etc/default/bisq-seednode.env
+ExecStart=__BISQ_HOME__/__BISQ_REPO_NAME__/bisq-seednode --appName=${BISQ_APP_NAME} --nodePort=${BISQ_NODE_PORT} --userDataDir=${BISQ_DATA_DIR} --maxConnections=${BISQ_MAX_CONNECTIONS} --maxMemory=${BISQ_MAX_MEMORY} --fullDaoNode=true --rpcUser=${BITCOIN_RPC_USERNAME} --rpcPassword=${BITCOIN_RPC_PASSWORD} --rpcPort=${BITCOIN_RPC_PORT} --rpcBlockNotificationPort=${BITCOIN_RPC_BLOCKNOTIFY_PORT} --baseCurrencyNetwork=${BISQ_BASE_CURRENCY} --dumpBlockchainData=${BISQ_DUMP_BLOCKCHAIN}
 ExecStop=/bin/kill -TERM ${MAINPID}
 Restart=on-failure
 
@@ -17,7 +17,6 @@ PrivateTmp=true
 ProtectSystem=full
 NoNewPrivileges=true
 PrivateDevices=true
-MemoryDenyWriteExecute=false
 
 [Install]
 WantedBy=multi-user.target
diff --git a/seednode/bitcoin.conf b/seednode/bitcoin.conf
@@ -0,0 +1,13 @@
+server=1
+txindex=1
+dbcache=1337
+maxconnections=1337
+timeout=30000
+listen=1
+discover=1
+peerbloomfilters=1
+onion=127.0.0.1:9050
+rpcallowip=127.0.0.1
+rpcuser=__BITCOIN_RPC_USER__
+rpcpassword=__BITCOIN_RPC_PASS__
+blocknotify=/bitcoin/blocknotify.sh %s
diff --git a/seednode/bitcoin.service b/seednode/bitcoin.service
@@ -0,0 +1,22 @@
+[Unit]
+Description=Bitcoind
+After=network.target
+
+[Service]
+ExecStart=/usr/local/bin/bitcoind -daemon -printtoconsole -pid=/bitcoin/bitcoind.pid
+ExecStop=/usr/local/bin/bitcoin-cli stop
+
+Type=forking
+PIDFile=/bitcoin/bitcoind.pid
+Restart=on-failure
+
+User=bitcoin
+Group=bitcoin
+
+PrivateTmp=true
+ProtectSystem=full
+NoNewPrivileges=true
+PrivateDevices=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/seednode/install_seednode_debian.sh b/seednode/install_seednode_debian.sh
@@ -0,0 +1,152 @@
+#!/bin/sh
+set -e
+
+echo "[*] Bisq Seednode installation script"
+
+##### change paths if necessary for your system
+
+ROOT_USER=root
+ROOT_GROUP=root
+ROOT_PKG="build-essential libtool autotools-dev automake pkg-config bsdmainutils python3 git vim screen ufw"
+ROOT_HOME=/root
+
+SYSTEMD_SERVICE_HOME=/etc/systemd/system
+SYSTEMD_ENV_HOME=/etc/default
+
+BISQ_REPO_URL=https://github.com/bisq-network/bisq
+BISQ_REPO_NAME=bisq
+BISQ_REPO_TAG=v1.2.4
+BISQ_HOME=/bisq
+BISQ_USER=bisq
+
+BITCOIN_REPO_URL=https://github.com/bitcoin/bitcoin
+BITCOIN_REPO_NAME=bitcoin
+BITCOIN_REPO_TAG=v0.19.0.1
+BITCOIN_HOME=/bitcoin
+BITCOIN_USER=bitcoin
+BITCOIN_GROUP=bitcoin
+BITCOIN_PKG="libevent-dev libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev libdb-dev libssl-dev"
+
+TOR_PKG="tor"
+TOR_USER=debian-tor
+TOR_GROUP=debian-tor
+TOR_HOME=/etc/tor
+
+#####
+
+echo "[*] Updating apt repo sources"
+sudo -H -i -u "${ROOT_USER}" apt-get update -q
+
+echo "[*] Upgrading OS packages"
+sudo -H -i -u "${ROOT_USER}" apt-get upgrade -q -y
+
+echo "[*] Installing base packages"
+sudo -H -i -u "${ROOT_USER}" apt-get install -q -y ${ROOT_PKG}
+
+echo "[*] Cloning Bisq repo"
+sudo -H -i -u "${ROOT_USER}" git config --global advice.detachedHead false
+sudo -H -i -u "${ROOT_USER}" git clone --branch "${BISQ_REPO_TAG}" "${BISQ_REPO_URL}" "${ROOT_HOME}/${BISQ_REPO_NAME}"
+
+echo "[*] Installing Tor"
+sudo -H -i -u "${ROOT_USER}" apt-get install -q -y ${TOR_PKG}
+
+echo "[*] Installing Tor configuration"
+sudo -H -i -u "${ROOT_USER}" install -c -m 644 "${ROOT_HOME}/${BISQ_REPO_NAME}/seednode/torrc" "${TOR_HOME}/torrc"
+
+echo "[*] Creating Bitcoin user with Tor access"
+sudo -H -i -u "${ROOT_USER}" useradd -d "${BITCOIN_HOME}" -G "${TOR_GROUP}" "${BITCOIN_USER}"
+
+echo "[*] Installing Bitcoin build dependencies"
+sudo -H -i -u "${ROOT_USER}" apt-get install -q -y ${BITCOIN_PKG}
+
+echo "[*] Creating Bitcoin homedir"
+sudo -H -i -u "${ROOT_USER}" mkdir "${BITCOIN_HOME}"
+sudo -H -i -u "${ROOT_USER}" chown "${BITCOIN_USER}":"${BITCOIN_GROUP}" ${BITCOIN_HOME}
+sudo -H -i -u "${BITCOIN_USER}" ln -s . .bitcoin
+
+echo "[*] Cloning Bitcoin repo"
+sudo -H -i -u "${BITCOIN_USER}" git config --global advice.detachedHead false
+sudo -H -i -u "${BITCOIN_USER}" git clone --branch "${BITCOIN_REPO_TAG}" "${BITCOIN_REPO_URL}" "${BITCOIN_HOME}/${BITCOIN_REPO_NAME}"
+
+echo "[*] Building Bitcoin from source"
+sudo -H -i -u "${BITCOIN_USER}" sh -c "cd ${BITCOIN_REPO_NAME} && ./autogen.sh --quiet && ./configure --quiet --disable-wallet --with-incompatible-bdb && make -j9"
+
+echo "[*] Installing Bitcoin into OS"
+sudo -H -i -u "${ROOT_USER}" sh -c "cd ${BITCOIN_HOME}/${BITCOIN_REPO_NAME} && make install >/dev/null"
+
+echo "[*] Installing Bitcoin configuration"
+sudo -H -i -u "${ROOT_USER}" install -c -o "${BITCOIN_USER}" -g "${BITCOIN_GROUP}" -m 644 "${ROOT_HOME}/${BISQ_REPO_NAME}/seednode/bitcoin.conf" "${BITCOIN_HOME}/bitcoin.conf"
+sudo -H -i -u "${ROOT_USER}" install -c -o "${BITCOIN_USER}" -g "${BITCOIN_GROUP}" -m 755 "${ROOT_HOME}/${BISQ_REPO_NAME}/seednode/blocknotify.sh" "${BITCOIN_HOME}/blocknotify.sh"
+
+echo "[*] Generating Bitcoin RPC credentials"
+BITCOIN_RPC_USER=$(head -150 /dev/urandom | md5sum | awk '{print $1}')
+sudo sed -i -e "s/__BITCOIN_RPC_USER__/${BITCOIN_RPC_USER}/" "${BITCOIN_HOME}/bitcoin.conf"
+BITCOIN_RPC_PASS=$(head -150 /dev/urandom | md5sum | awk '{print $1}')
+sudo sed -i -e "s/__BITCOIN_RPC_PASS__/${BITCOIN_RPC_PASS}/" "${BITCOIN_HOME}/bitcoin.conf"
+
+echo "[*] Installing Bitcoin init scripts"
+sudo -H -i -u "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${ROOT_HOME}/${BISQ_REPO_NAME}/seednode/bitcoin.service" "${SYSTEMD_SERVICE_HOME}"
+
+echo "[*] Creating Bisq user with Tor access"
+sudo -H -i -u "${ROOT_USER}" useradd -d "${BISQ_HOME}" -G "${TOR_GROUP}" "${BISQ_USER}"
+
+echo "[*] Creating Bisq homedir"
+sudo -H -i -u "${ROOT_USER}" mkdir "${BISQ_HOME}"
+sudo -H -i -u "${ROOT_USER}" chown "${BISQ_USER}":"${BISQ_GROUP}" ${BISQ_HOME}
+
+echo "[*] Moving Bisq repo"
+sudo -H -i -u "${ROOT_USER}" mv "${ROOT_HOME}/${BISQ_REPO_NAME}" "${BISQ_HOME}/${BISQ_REPO_NAME}"
+sudo -H -i -u "${ROOT_USER}" chown -R "${BISQ_USER}:${BISQ_GROUP}" "${BISQ_HOME}/${BISQ_REPO_NAME}"
+
+echo "[*] Installing OpenJDK 10.0.2 from Bisq repo"
+sudo -H -i -u "${ROOT_USER}" "${BISQ_HOME}/${BISQ_REPO_NAME}/scripts/install_java.sh"
+
+echo "[*] Building Bisq from source"
+sudo -H -i -u "${BISQ_USER}" sh -c "cd ${BISQ_HOME}/${BISQ_REPO_NAME} && ./gradlew build -x test < /dev/null" # redirect from /dev/null is necessary to workaround gradlew non-interactive shell hanging issue
+
+echo "[*] Installing Bisq init script"
+sudo -H -i -u "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/bisq-seednode.service" "${SYSTEMD_SERVICE_HOME}/bisq-seednode.service"
+sudo sed -i -e "s/__BISQ_REPO_NAME__/${BISQ_REPO_NAME}/" "${SYSTEMD_SERVICE_HOME}/bisq-seednode.service"
+sudo sed -i -e "s!__BISQ_HOME__!${BISQ_HOME}!" "${SYSTEMD_SERVICE_HOME}/bisq-seednode.service"
+
+echo "[*] Installing Bisq environment file with Bitcoin RPC credentials"
+sudo -H -i -u "${ROOT_USER}" install -c -o "${ROOT_USER}" -g "${ROOT_GROUP}" -m 644 "${BISQ_HOME}/${BISQ_REPO_NAME}/seednode/bisq-seednode.env" "${SYSTEMD_ENV_HOME}/bisq-seednode.env"
+sudo sed -i -e "s/__BITCOIN_RPC_USER__/${BITCOIN_RPC_USER}/" "${SYSTEMD_ENV_HOME}/bisq-seednode.env"
+sudo sed -i -e "s/__BITCOIN_RPC_PASS__/${BITCOIN_RPC_PASS}/" "${SYSTEMD_ENV_HOME}/bisq-seednode.env"
+sudo sed -i -e "s!__BISQ_HOME__!${BISQ_HOME}!" "${SYSTEMD_ENV_HOME}/bisq-seednode.env"
+
+echo "[*] Updating systemd daemon configuration"
+sudo -H -i -u "${ROOT_USER}" systemctl daemon-reload
+sudo -H -i -u "${ROOT_USER}" systemctl enable tor.service
+sudo -H -i -u "${ROOT_USER}" systemctl enable bisq-seednode.service
+sudo -H -i -u "${ROOT_USER}" systemctl enable bitcoin.service
+
+echo "[*] Preparing firewall"
+sudo -H -i -u "${ROOT_USER}" ufw default deny incoming
+sudo -H -i -u "${ROOT_USER}" ufw default allow outgoing
+
+echo "[*] Starting Tor"
+sudo -H -i -u "${ROOT_USER}" systemctl start tor
+
+echo "[*] Starting Bitcoin"
+sudo -H -i -u "${ROOT_USER}" systemctl start bitcoin
+sudo -H -i -u "${ROOT_USER}" journalctl --no-pager --unit bitcoin
+sudo -H -i -u "${ROOT_USER}" tail "${BITCOIN_HOME}/debug.log"
+
+echo "[*] Adding notes to motd"
+sudo -H -i -u "${ROOT_USER}" sh -c 'echo " " >> /etc/motd'
+sudo -H -i -u "${ROOT_USER}" sh -c 'echo "Bisq Seednode instructions:" >> /etc/motd'
+sudo -H -i -u "${ROOT_USER}" sh -c 'echo "https://github.com/bisq-network/bisq/tree/master/seednode" >> /etc/motd'
+sudo -H -i -u "${ROOT_USER}" sh -c 'echo " " >> /etc/motd'
+sudo -H -i -u "${ROOT_USER}" sh -c 'echo "How to check logs for Bisq-Seednode service:" >> /etc/motd'
+sudo -H -i -u "${ROOT_USER}" sh -c 'echo "sudo journalctl --no-pager --unit bisq-seednode" >> /etc/motd'
+sudo -H -i -u "${ROOT_USER}" sh -c 'echo " " >> /etc/motd'
+sudo -H -i -u "${ROOT_USER}" sh -c 'echo "How to restart Bisq-Seednode service:" >> /etc/motd'
+sudo -H -i -u "${ROOT_USER}" sh -c 'echo "sudo service bisq-seednode restart" >> /etc/motd'
+
+echo '[*] Done!'
+
+echo '  '
+echo '[*] DONT FORGET TO ENABLE FIREWALL!!!11'
+echo '[*] Follow all the README instructions!'
+echo '  '
diff --git a/seednode/torrc b/seednode/torrc
@@ -0,0 +1,8 @@
+SOCKSPort 9050 # Default: Bind to localhost:9050 for local connections.
+Log notice syslog
+RunAsDaemon 1
+ControlPort 9051
+CookieAuthentication 1
+CookieAuthFileGroupReadable 1
+DataDirectoryGroupReadable 1
+KeepalivePeriod 42
diff --git a/seednode/uninstall_seednode_debian.sh b/seednode/uninstall_seednode_debian.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+echo "[*] Uninstalling Bitcoin and Bisq, will delete all data!!"
+sudo rm -rf /root/bisq
+sudo systemctl stop bitcoin
+sudo systemctl stop bisq
+sudo systemctl disable bitcoin
+sudo systemctl disable bisq
+sleep 10
+sudo userdel -f -r bisq
+sleep 10
+sudo userdel -f -r bitcoin
+echo "[*] Done!"