The New Boston : Spin up validator guide

Mohit Rakhade
7 min readJan 23, 2022
  1. Create a digital ocean ubuntu server with a minimum of 2 CPU

2. generate key to access :

a. Clone the repo in your local machine

b. Install required packages:

pip3 install -r requirements.txt

c. run the python file and you will get the keys pairs

Account Number Signing Key:
482028209af7ccdc1d1ff3fe29d33a34704f5ea16cc921f4342e0edd21253467

Account Number:
bcea9bd50bb478269666b808a249f445b61aa21216f216720373eb028d17da8c

NID Signing Key:
1e79eb494c68e0465752fb11be120edfa0a5b4220b91dead5669c18f9b55bb6a

NID:
c75520c2171780fa6fb74d4845c209df62bb901cedb99d4691c828e0ebfa62fb

SECRET_KEY:
ib1tbmzy51gbe*ibvip54jxar2(jvq-ok*k3x6h*vj4ul3c38p

NID key prove you identity on network. SECRET_KEY has nothing to do with network protocol or digital currency.

Install Dependencies

Update and install packages:

sudo add-apt-repository universesudo apt -y update && sudo apt -y upgradesudo apt -y install build-essential libpq-dev nginx postgresql postgresql-contrib python3-pip redis-server

Firewall

Enable firewall:

sudo ufw app listsudo ufw allow 'Nginx Full' && sudo ufw allow OpenSSH && sudo ufw enable

Verify that firewall is active and nginx is running:

sudo ufw status && systemctl status nginx

Do check ip of your server in browser that will show screen like this that means your nginx is working properly

You should now be able to visit your server’s public IP address and see the welcome page.

Create a new user:

sudo adduser deploy

Fill the form and set a password:

> enter a secure password

Allow this user to use sudo:

sudo visudo

Add following line into the opened file:

deploy ALL=(ALL) NOPASSWD:ALL

Switch to that new user:

su - deploy

Project Setup

Update /var/www/ permissions:

sudo chmod go+w /var/www

Clone project to server and install dependencies:

git clone https://github.com/thenewboston-developers/Validator.git /var/www/Validator
cd /var/www/Validator/
sudo pip3 install -r requirements/production.txt

NGINX

Create NGINX configuration:

sudo rm /etc/nginx/sites-available/default
sudo nano /etc/nginx/sites-available/default

Paste in the following and save:

upstream django {
server 127.0.0.1:8001;
}
server {
listen 80 default_server;
server_name localhost;
charset utf-8;
client_max_body_size 75M;
location /media {
alias /var/www/Validator/media;
}
location /static {
alias /var/www/Validator/static;
}
# Send all non-media requests to the Django server
location / {
proxy_pass http://django;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}

Test configuration:

sudo nginx -t

Redis

Since we are running Ubuntu, which uses the systemd init system, change this to systemd:

sudo nano /etc/redis/redis.conf

Update the following line in the configuration and save file:

# Note: these supervision methods only signal "process is ready."
# They do not enable continuous liveness pings back to your supervisor.
supervised systemd

Restart the Redis service to reflect the changes you made to the configuration file:

sudo systemctl restart redis.service

Check status to make sure Redis is running correctly:

sudo systemctl status redis

Gateway Interface (daphne)

Gateway Interface translate the web requests by Nginx to python commands for django. and ones DJango done with that requests it will sent back to daphne, then to the nginx and then to the user.

Create script to run daphne:

sudo nano /usr/local/bin/start_api.sh

Paste in the following and save:

#!/bin/bashcd /var/www/Validator
daphne -p 8001 config.asgi:application

Update permissions for the shell script:

sudo chmod a+x /usr/local/bin/start_api.sh

Celery

It just run the long process or request in background

Create a file to contain our environment variables:

cd /etc/
sudo mkdir validator
sudo mkdir /var/log/celery
sudo chown deploy /var/log/celery
sudo nano /etc/validator/environment
then add following to it:DJANGO_APPLICATION_ENVIRONMENT=production
NETWORK_SIGNING_KEY=YOUR_NID_SIGNING_KEY
SECRET_KEY=YOUR_SECRET_KEY

Note : exchange those keys with the keys we generated before

Create celery env config:

sudo nano /etc/validator/celery.confCELERYD_NODES="w1 w2 w3"
CELERY_BIN="/usr/local/bin/celery"
CELERY_APP="config.settings"
CELERYD_MULTI="multi"
CELERYD_OPTS="--time-limit=1800 -Q:w1 celery -c:w1 2 -Q:w2 block_queue -P:w2 solo -Q:w3 confirmation_block_queue -P:w3 solo"
CELERYD_PID_FILE="/var/log/celery/%n.pid"
CELERYD_LOG_FILE="/var/log/celery/%n%I.log"
CELERYD_LOG_LEVEL="DEBUG"
DJANGO_APPLICATION_ENVIRONMENT=production
NETWORK_SIGNING_KEY=YOUR_NID_SIGNING_KEY
SECRET_KEY=YOUR_SECRET_KEY

Create service:

sudo nano /etc/systemd/system/api.serviceAdd this: [Unit]
Description = Service to run Django API
After = network.target
[Service]
EnvironmentFile = /etc/validator/environment
User = deploy
ExecStart = /usr/local/bin/start_api.sh
[Install]
WantedBy = multi-user.target

Update permissions for file:

sudo chmod a+x /etc/systemd/system/api.service

Create service for celery:

sudo nano /etc/systemd/system/celery.service[Unit]
Description=Validator Celery Service
After=network.target
[Service]
Type=forking
User=deploy
EnvironmentFile=/etc/validator/celery.conf
WorkingDirectory=/var/www/Validator
ExecStart=/bin/sh -c '${CELERY_BIN} multi start ${CELERYD_NODES} \
-A ${CELERY_APP} --pidfile=${CELERYD_PID_FILE} \
--logfile=${CELERYD_LOG_FILE} --loglevel=${CELERYD_LOG_LEVEL} ${CELERYD_OPTS}'
ExecStop=/bin/sh -c '${CELERY_BIN} multi stopwait ${CELERYD_NODES} \
--pidfile=${CELERYD_PID_FILE}'
ExecReload=/bin/sh -c '${CELERY_BIN} multi restart ${CELERYD_NODES} \
-A ${CELERY_APP} --pidfile=${CELERYD_PID_FILE} \
--logfile=${CELERYD_LOG_FILE} --loglevel=${CELERYD_LOG_LEVEL} ${CELERYD_OPTS}'
[Install]
WantedBy=multi-user.target

Reload systemd and enable both services:

sudo systemctl daemon-reload && sudo systemctl enable api && sudo systemctl enable celery

Verify it is enabled:

ls /etc/systemd/system/multi-user.target.wants/

System Services

Start API service, restart NGINX, and verify services are active:

sudo systemctl start api && sudo systemctl start celery && sudo systemctl restart nginx

Check the status of the services:

sudo systemctl status api celery nginx redis

Static Files and Application Configuration

Set environment variable:

nano ~/.profileexport DJANGO_APPLICATION_ENVIRONMENT="production"
export NETWORK_SIGNING_KEY="YOUR_NID_SIGNING_KEY"
export SECRET_KEY="YOUR_SECRET_KEY"

Log out and log back in:

logout
su - deploy
printenv

Initialize database:

# Create a new user (or more precisely, a role)
sudo -u postgres createuser --interactive
Enter name of role to add: thenewboston
Shall the new role be a superuser? (y/n) y
# Create new database
sudo -u postgres createdb thenewboston
# Set a password for the user
sudo -u postgres psql template1
ALTER USER thenewboston PASSWORD 'thenewboston';
# Exit prompt
\q

Populate database:

cd /var/www/Validator/
python3 manage.py makemigrations && python3 manage.py migrate
python3 manage.py createsuperuser
python3 manage.py collectstatic

Check you browser on <ip>/admin :

after login:

Now before running validator node, if you do not installed the new boston then go and run that first : https://thenewboston.com/

after installing you will see validators and banks there. UI is so simple you can figure things out youself and configure validator.

TNB Account Manager will look like this:

Initialize validator node:

python3 manage.py initialize_validator

Use primary validatory info to run above script:(also add the NID and Account keys)

If setting up confirmation validator, run this script to connect to the primary validator:

python3 manage.py set_primary_validator

Now Finally, your validator start syncing with primary validator.

Kuddos to you xD

Here is our validator, which is connected to primary validator

Verify everything is working correctly by visiting:

http://[IP_ADDRESS]/config

This is our validator-

Troubleshooting

Check the status of the services:

sudo systemctl status api celery nginx redis

View the logs:

sudo journalctl -u api.service
sudo journalctl -u celery.service
sudo journalctl -u nginx.service

Thanks

--

--

Mohit Rakhade

Diving deep into Decentralized world of Blockchian to achieve transparency, enhanced security, Increased Efficiency & Improved Traceability ✨