The New Boston : Spin up validator guide
- Create a digital ocean ubuntu server with a minimum of 2 CPU
2. generate key to access :
a. Clone the repo in your local machine
b. Install required packages:
pip3 install -r requirements.txt
c. run the python file and you will get the keys pairs
Account Number Signing Key:
482028209af7ccdc1d1ff3fe29d33a34704f5ea16cc921f4342e0edd21253467
Account Number:
bcea9bd50bb478269666b808a249f445b61aa21216f216720373eb028d17da8c
NID Signing Key:
1e79eb494c68e0465752fb11be120edfa0a5b4220b91dead5669c18f9b55bb6a
NID:
c75520c2171780fa6fb74d4845c209df62bb901cedb99d4691c828e0ebfa62fb
SECRET_KEY:
ib1tbmzy51gbe*ibvip54jxar2(jvq-ok*k3x6h*vj4ul3c38p
NID key prove you identity on network. SECRET_KEY has nothing to do with network protocol or digital currency.
Install Dependencies
Update and install packages:
sudo add-apt-repository universesudo apt -y update && sudo apt -y upgradesudo apt -y install build-essential libpq-dev nginx postgresql postgresql-contrib python3-pip redis-server
Firewall
Enable firewall:
sudo ufw app listsudo ufw allow 'Nginx Full' && sudo ufw allow OpenSSH && sudo ufw enable
Verify that firewall is active and nginx is running:
sudo ufw status && systemctl status nginx
Do check ip of your server in browser that will show screen like this that means your nginx is working properly
You should now be able to visit your server’s public IP address and see the welcome page.
Create a new user:
sudo adduser deploy
Fill the form and set a password:
> enter a secure password
Allow this user to use sudo:
sudo visudo
Add following line into the opened file:
deploy ALL=(ALL) NOPASSWD:ALL
Switch to that new user:
su - deploy
Project Setup
Update /var/www/ permissions:
sudo chmod go+w /var/www
Clone project to server and install dependencies:
git clone https://github.com/thenewboston-developers/Validator.git /var/www/Validator
cd /var/www/Validator/
sudo pip3 install -r requirements/production.txt
NGINX
Create NGINX configuration:
sudo rm /etc/nginx/sites-available/default
sudo nano /etc/nginx/sites-available/default
Paste in the following and save:
upstream django {
server 127.0.0.1:8001;
}server {
listen 80 default_server;
server_name localhost;
charset utf-8;
client_max_body_size 75M; location /media {
alias /var/www/Validator/media;
} location /static {
alias /var/www/Validator/static;
} # Send all non-media requests to the Django server
location / {
proxy_pass http://django; proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}}
Test configuration:
sudo nginx -t
Redis
Since we are running Ubuntu, which uses the systemd init system, change this to systemd:
sudo nano /etc/redis/redis.conf
Update the following line in the configuration and save file:
# Note: these supervision methods only signal "process is ready."
# They do not enable continuous liveness pings back to your supervisor.
supervised systemd
Restart the Redis service to reflect the changes you made to the configuration file:
sudo systemctl restart redis.service
Check status to make sure Redis is running correctly:
sudo systemctl status redis
Gateway Interface (daphne)
Gateway Interface translate the web requests by Nginx to python commands for django. and ones DJango done with that requests it will sent back to daphne, then to the nginx and then to the user.
Create script to run daphne:
sudo nano /usr/local/bin/start_api.sh
Paste in the following and save:
#!/bin/bashcd /var/www/Validator
daphne -p 8001 config.asgi:application
Update permissions for the shell script:
sudo chmod a+x /usr/local/bin/start_api.sh
Celery
It just run the long process or request in background
Create a file to contain our environment variables:
cd /etc/
sudo mkdir validator
sudo mkdir /var/log/celery
sudo chown deploy /var/log/celery
sudo nano /etc/validator/environmentthen add following to it:DJANGO_APPLICATION_ENVIRONMENT=production
NETWORK_SIGNING_KEY=YOUR_NID_SIGNING_KEY
SECRET_KEY=YOUR_SECRET_KEY
Note : exchange those keys with the keys we generated before
Create celery env config:
sudo nano /etc/validator/celery.confCELERYD_NODES="w1 w2 w3"
CELERY_BIN="/usr/local/bin/celery"
CELERY_APP="config.settings"
CELERYD_MULTI="multi"
CELERYD_OPTS="--time-limit=1800 -Q:w1 celery -c:w1 2 -Q:w2 block_queue -P:w2 solo -Q:w3 confirmation_block_queue -P:w3 solo"
CELERYD_PID_FILE="/var/log/celery/%n.pid"
CELERYD_LOG_FILE="/var/log/celery/%n%I.log"
CELERYD_LOG_LEVEL="DEBUG"
DJANGO_APPLICATION_ENVIRONMENT=production
NETWORK_SIGNING_KEY=YOUR_NID_SIGNING_KEY
SECRET_KEY=YOUR_SECRET_KEY
Create service:
sudo nano /etc/systemd/system/api.serviceAdd this: [Unit]
Description = Service to run Django API
After = network.target[Service]
EnvironmentFile = /etc/validator/environment
User = deploy
ExecStart = /usr/local/bin/start_api.sh[Install]
WantedBy = multi-user.target
Update permissions for file:
sudo chmod a+x /etc/systemd/system/api.service
Create service for celery:
sudo nano /etc/systemd/system/celery.service[Unit]
Description=Validator Celery Service
After=network.target[Service]
Type=forking
User=deploy
EnvironmentFile=/etc/validator/celery.conf
WorkingDirectory=/var/www/Validator
ExecStart=/bin/sh -c '${CELERY_BIN} multi start ${CELERYD_NODES} \
-A ${CELERY_APP} --pidfile=${CELERYD_PID_FILE} \
--logfile=${CELERYD_LOG_FILE} --loglevel=${CELERYD_LOG_LEVEL} ${CELERYD_OPTS}'
ExecStop=/bin/sh -c '${CELERY_BIN} multi stopwait ${CELERYD_NODES} \
--pidfile=${CELERYD_PID_FILE}'
ExecReload=/bin/sh -c '${CELERY_BIN} multi restart ${CELERYD_NODES} \
-A ${CELERY_APP} --pidfile=${CELERYD_PID_FILE} \
--logfile=${CELERYD_LOG_FILE} --loglevel=${CELERYD_LOG_LEVEL} ${CELERYD_OPTS}'[Install]
WantedBy=multi-user.target
Reload systemd and enable both services:
sudo systemctl daemon-reload && sudo systemctl enable api && sudo systemctl enable celery
Verify it is enabled:
ls /etc/systemd/system/multi-user.target.wants/
System Services
Start API service, restart NGINX, and verify services are active:
sudo systemctl start api && sudo systemctl start celery && sudo systemctl restart nginx
Check the status of the services:
sudo systemctl status api celery nginx redis
Static Files and Application Configuration
Set environment variable:
nano ~/.profileexport DJANGO_APPLICATION_ENVIRONMENT="production"
export NETWORK_SIGNING_KEY="YOUR_NID_SIGNING_KEY"
export SECRET_KEY="YOUR_SECRET_KEY"
Log out and log back in:
logout
su - deploy
printenv
Initialize database:
# Create a new user (or more precisely, a role)
sudo -u postgres createuser --interactiveEnter name of role to add: thenewboston
Shall the new role be a superuser? (y/n) y# Create new database
sudo -u postgres createdb thenewboston# Set a password for the user
sudo -u postgres psql template1
ALTER USER thenewboston PASSWORD 'thenewboston';# Exit prompt
\q
Populate database:
cd /var/www/Validator/
python3 manage.py makemigrations && python3 manage.py migrate
python3 manage.py createsuperuser
python3 manage.py collectstatic
Check you browser on <ip>/admin :
after login:
Now before running validator node, if you do not installed the new boston then go and run that first : https://thenewboston.com/
after installing you will see validators and banks there. UI is so simple you can figure things out youself and configure validator.
TNB Account Manager will look like this:
Initialize validator node:
python3 manage.py initialize_validator
Use primary validatory info to run above script:(also add the NID and Account keys)
If setting up confirmation validator, run this script to connect to the primary validator:
python3 manage.py set_primary_validator
Now Finally, your validator start syncing with primary validator.
Kuddos to you xD
Here is our validator, which is connected to primary validator
Verify everything is working correctly by visiting:
http://[IP_ADDRESS]/config
This is our validator-
Troubleshooting
Check the status of the services:
sudo systemctl status api celery nginx redis
View the logs:
sudo journalctl -u api.service
sudo journalctl -u celery.service
sudo journalctl -u nginx.service
Thanks