Search the Community

How to setup a Fantom RPC Go-Opera Node on Ubuntu 20.04. You want to lock this down yourself at some point after testing it works. We will need a couple things, mainly go, nginx and go-opera. go-opera: https://github.com/Fantom-foundation/go-opera go: https://golang.org/dl/ nginx Install go, latest is https://golang.org/dl/go1.16.4.linux-amd64.tar.gz wget https://golang.org/dl/go1.16.4.linux-amd64.tar.gz sudo tar -C /usr/local -xzf go1.16.4.linux-amd64.tar.gz export PATH=$PATH:/usr/local/go/bin source ~/.bashrc cd ~ go version Clone github and make the go-opera binary sudo apt install git git clone https://github.com/Fantom-foundation/go-opera cd go-opera make opera cd build cp opera ~/ cd ~ I am putting opera binary in the main home folder so I can keep track of which version I am on. Find your IP address for initial go-opera syncing. ip a We also need the genesis block in our home folder. wget https://opera.fantom.network/mainnet.g Lets run this and prepare Cloudflare and our Domain next. replace the 111's with your IP address. This is not locked down at all, but I don't have anything on this wallet, so there is nothing to see here. The initial genesis decode will take at least 10 minutes, so wait for this to finish and you will see the sync. Sync as of right now took about 24 hours. I am running this in the background using screen. screen -S go-opera ./opera --genesis ~/mainnet.g --nat extip:111.111.111.111 --nousb --http --http.vhosts="*" --http.corsdomain="*" --ws --ws.origins="*" --http.api="ftm,eth,debug,admin,web3,personal,net,txpool,sfc" Setup cloudflare with TLS/SSL. Make a subdomain with an A record pointing to your IP address. Go to SSL/TLS -> Origin Server -> Create Certificate and either use the default or like I did, specifiy the full subdomain. Here I am showing example.denarius.pro for the example. Click Next. I created a certificate for domain like rpc.denarius.pro and click Next and then copy the info to here Insert Origin Certificate into a cert.pem sudo nano /etc/ssl/certs/cert.pem Insert Private Key into key.pem sudo nano /etc/ssl/private/key.pem Install nginx sudo apt install nginx I am lazy so just use default file to edit sudo nano /etc/nginx//sites-available/default You want something like this for https and web socket in the default file server { listen 80; listen [::]:80; server_name rpc.denarius.pro; return 302 https://$server_name$request_uri; } server { listen 443 ssl; listen [::]:443 ssl http2; ssl on; ssl_certificate /etc/ssl/certs/cert.pem; ssl_certificate_key /etc/ssl/private/key.pem; location ^~ /ws { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 86400s; proxy_send_timeout 86400s; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass http://127.0.0.1:18546/; } location ^~ / { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass http://127.0.0.1:18545/; } } Restart nginx sudo nginx -s reload Load up metamask and point a new network to your new domain like https://rpc.denarius.pro, chainID 250, Symbol 250 and you are good to go.

Top Free DNS Servers by Speed 5/27/2020: Speed Data from https://www.dnsperf.com/#!dns-resolvers 1.1.1.1 - 1.0.0.1 (Cloudflare) 8.8.8.8 - 8.8.4.4 (Google) 208.67.222.222 - 208.67.220.220 (OpenDNS) 45.90.28.21 - 45.90.30.21 (NextDNS) 156.154.70.5 - 156.154.71.5 (Neustar) 199.85.126.10 199.85.127.10 (Norton) 8.26.56.26 8.20.247.20 (NuSEC by Comodo) 9.9.9.9 - 149.112.112.112 (Quad9) 195.46.39.39, 195.46.39.40 (SafeDNS) ------------------------------------------------------ The speed might not be as fast as 1.1.1.1, but https://www.opennic.org/ also has great censorship resistant DNS servers available and additional domain support. Feel free to add the DNS servers you use in this thread!

The goal here is to setup 2 or more vps's to run IPFS in cluster mode. The IPFS daemons will stay in sync to distribute the files so its always up. Then use a typical domain name to serve the hash using Cloudflare gateway on Cloudflare's dashboard. From there a typical web browser sees your domain like usual, but behind the scenes can still use the IPFS Browser to directly see the website. create user denarius or whoever you want, but notice in the systemd files User=whoeveryoucreated adduser denarius usermod -aG sudo denarius exit If you are using ssh keys already ssh-copy-id denarius@yourVPSip login ssh denarius@yourVPSip install ipfs (Snapcraft), since snap might have to logout and back in after the sudo apt install snapd part. Mainly just wanted to show how to use snap IPFS daemon. https://snapcraft.io/ipfs sudo apt update sudo apt install snapd sudo snap install ipfs ipfs version ipfs init systemd service sudo nano /etc/systemd/system/ipfs.service [Unit] Description=IPFS daemon After=network.target [Service] ### Uncomment the following line for custom ipfs datastore location # Environment=IPFS_PATH=/path/to/your/ipfs/datastore User=denarius ExecStart=/snap/bin/ipfs daemon Restart=always [Install] WantedBy=multi-user.target sudo systemctl restart ipfs sudo systemctl status ipfs sudo systemctl enable ipfs install ipfs cluster ctl https://dist.ipfs.io/#ipfs-cluster-ctl wget https://dist.ipfs.io/ipfs-cluster-ctl/v0.13.0/ipfs-cluster-ctl_v0.13.0_linux-amd64.tar.gz tar -xzvf ipfs-cluster-ctl_v0.13.0_linux-amd64.tar.gz cd ipfs-cluster-ctl sudo cp ipfs-cluster-ctl /usr/local/bin/ install ipfs cluster service https://dist.ipfs.io/#ipfs-cluster-service wget https://dist.ipfs.io/ipfs-cluster-service/v0.13.0/ipfs-cluster-service_v0.13.0_linux-amd64.tar.gz tar -xzvf ipfs-cluster-service_v0.13.0_linux-amd64.tar.gz cd ipfs-cluster-service sudo cp ipfs-cluster-service /usr/local/bin/ initialize ipfs cluster ipfs-cluster-service init the secret to use across all the clusters is in ~/.ipfs-cluster/service.json example a2e2f791d26a04e76cbea370696964614a574a4265593aeaf4 systemd service sudo nano /etc/systemd/system/ipfsc.service [Unit] Description=IPFS Cluster daemon After=network.target [Service] ### Uncomment the following line for custom ipfs datastore location # Environment=IPFS_PATH=/path/to/your/ipfs/datastore User=denarius ExecStart=/usr/local/bin/ipfs-cluster-service daemon Restart=always [Install] WantedBy=multi-user.target Start, Status and Enable service sudo systemctl restart ipfsc sudo systemctl status ipfsc sudo systemctl enable ipfsc in status look for a line like this, this will be your bootstrap for the other nodes in the cluster /ip4/23.94.107.170/tcp/9096/p2p/12D3KooWL6FJgyiY3BUMx8PXpqCK3B6Qcn6X5dPPtGvgAaB7gTxW how bootstrap looks in systemd on the helpers sudo nano /etc/systemd/system/ipfsc.service [Unit] Description=IPFS Cluster daemon After=network.target [Service] ### Uncomment the following line for custom ipfs datastore location # Environment=IPFS_PATH=/path/to/your/ipfs/datastore User=denarius ExecStart=/usr/local/bin/ipfs-cluster-service daemon --bootstrap /ip4/23.94.107.170/tcp/9096/p2p/12D3KooWL6FJgyiY3BUMx8PXpqCK3B6Qcn6X5dPPtGvgAaB7gTxW Restart=always [Install] WantedBy=multi-user.target then to pin we use ipfs-cluster-ctl ipfs-cluster-ctl peers ls Add some random example file. Like nano example.txt, "this is a test" ipfs-cluster-ctl add example.txt ipfs-cluster-ctl pin ls now go to, to add the newly created hash directly to cloudflare to serve through their gateway. I see a 50mb limit on files, so be aware of this if making a website. https://www.cloudflare.com/distributed-web-gateway/ Add the CNAME and TXT Record like below Then back on the cloudflare link above, input your domain name, and Submit. Now you have an instant website serving using the Cloudflare IPFS gateway and a cluster of IPFS daemons keeping the files in sync. The website will also stay fully decentralized using IPFS directly because of that initial cluster we setup above. An example which I am not going to keep up forever. But wanted to show how this looks across different browsers and URLs. Just remember no nginx proxy pass is being used in this guide. ipfs-cluster-ctl add -r ~/website which gave me a hash of QmSrrb571Gm1RLvxHePEMXfuzjTG1nbCNb5PrZutJLde5L spread between the cluster Some Examples then in Brave Nightly as an example I can type ipfs://QmSrrb571Gm1RLvxHePEMXfuzjTG1nbCNb5PrZutJLde5L Which since directly seems slow, and still learning how this works, appears like this. This is how same page looks using Firefox with IPFS Companion, going directly through the hash And how a typical user would see in Chrome going directly to denarius.guide

If you are playing on IPFS you can use IPNS so your site has a typical domain someone can go to. A user can also go to the hash of the IPNS too, using IPFS gateway, Infura or Cloudflare as well. I was curious how to setup Full Strict on Cloudflare and what that would do with this monstrosity. First setup your domain on cloudflare with a proxy. I am using explorer.denarius.pro for this example. Install IPFS on your VPS, PI or VM. Setup your website like usual and setup IPNS with that. I might write out how to do this again in a second post. Setup IPNS on cloudflare with the TXT record. The nuts and bolts is a gist I forked https://gist.github.com/buzzkillb/aabf6b113154cf4f1601cc34e5488acf Go to SSL/TLS -> Origin Server -> Create Certificate and either use the default or like I did, specifiy the full subdomain. Here I am showing example.denarius.pro for the example. Click Next. Insert Origin Certificate into a cert.pem sudo nano /etc/ssl/certs/cert.pem Insert Private Key into key.pem sudo nano /etc/ssl/private/key.pem Download and copy https://support.cloudflare.com/hc/en-us/article_attachments/360044928032/origin-pull-ca.pem into cloudflare.crt sudo nano /etc/ssl/certs/cloudflare.crt -----BEGIN CERTIFICATE----- MIIGCjCCA/KgAwIBAgIIV5G6lVbCLmEwDQYJKoZIhvcNAQENBQAwgZAxCzAJBgNV BAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMRQwEgYDVQQLEwtPcmln aW4gUHVsbDEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzETMBEGA1UECBMKQ2FsaWZv cm5pYTEjMCEGA1UEAxMab3JpZ2luLXB1bGwuY2xvdWRmbGFyZS5uZXQwHhcNMTkx MDEwMTg0NTAwWhcNMjkxMTAxMTcwMDAwWjCBkDELMAkGA1UEBhMCVVMxGTAXBgNV BAoTEENsb3VkRmxhcmUsIEluYy4xFDASBgNVBAsTC09yaWdpbiBQdWxsMRYwFAYD VQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMSMwIQYDVQQD ExpvcmlnaW4tcHVsbC5jbG91ZGZsYXJlLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQAD ggIPADCCAgoCggIBAN2y2zojYfl0bKfhp0AJBFeV+jQqbCw3sHmvEPwLmqDLqynI 42tZXR5y914ZB9ZrwbL/K5O46exd/LujJnV2b3dzcx5rtiQzso0xzljqbnbQT20e ihx/WrF4OkZKydZzsdaJsWAPuplDH5P7J82q3re88jQdgE5hqjqFZ3clCG7lxoBw hLaazm3NJJlUfzdk97ouRvnFGAuXd5cQVx8jYOOeU60sWqmMe4QHdOvpqB91bJoY QSKVFjUgHeTpN8tNpKJfb9LIn3pun3bC9NKNHtRKMNX3Kl/sAPq7q/AlndvA2Kw3 Dkum2mHQUGdzVHqcOgea9BGjLK2h7SuX93zTWL02u799dr6Xkrad/WShHchfjjRn aL35niJUDr02YJtPgxWObsrfOU63B8juLUphW/4BOjjJyAG5l9j1//aUGEi/sEe5 lqVv0P78QrxoxR+MMXiJwQab5FB8TG/ac6mRHgF9CmkX90uaRh+OC07XjTdfSKGR PpM9hB2ZhLol/nf8qmoLdoD5HvODZuKu2+muKeVHXgw2/A6wM7OwrinxZiyBk5Hh CvaADH7PZpU6z/zv5NU5HSvXiKtCzFuDu4/Zfi34RfHXeCUfHAb4KfNRXJwMsxUa +4ZpSAX2G6RnGU5meuXpU5/V+DQJp/e69XyyY6RXDoMywaEFlIlXBqjRRA2pAgMB AAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1Ud DgQWBBRDWUsraYuA4REzalfNVzjann3F6zAfBgNVHSMEGDAWgBRDWUsraYuA4REz alfNVzjann3F6zANBgkqhkiG9w0BAQ0FAAOCAgEAkQ+T9nqcSlAuW/90DeYmQOW1 QhqOor5psBEGvxbNGV2hdLJY8h6QUq48BCevcMChg/L1CkznBNI40i3/6heDn3IS zVEwXKf34pPFCACWVMZxbQjkNRTiH8iRur9EsaNQ5oXCPJkhwg2+IFyoPAAYURoX VcI9SCDUa45clmYHJ/XYwV1icGVI8/9b2JUqklnOTa5tugwIUi5sTfipNcJXHhgz 6BKYDl0/UP0lLKbsUETXeTGDiDpxZYIgbcFrRDDkHC6BSvdWVEiH5b9mH2BON60z 0O0j8EEKTwi9jnafVtZQXP/D8yoVowdFDjXcKkOPF/1gIh9qrFR6GdoPVgB3SkLc 5ulBqZaCHm563jsvWb/kXJnlFxW+1bsO9BDD6DweBcGdNurgmH625wBXksSdD7y/ fakk8DagjbjKShYlPEFOAqEcliwjF45eabL0t27MJV61O/jHzHL3dknXeE4BDa2j bA+JbyJeUMtU7KMsxvx82RmhqBEJJDBCJ3scVptvhDMRrtqDBW5JShxoAOcpFQGm iYWicn46nPDjgTU0bX1ZPpTpryXbvciVL5RkVBuyX2ntcOLDPlZWgxZCBp96x07F AnOzKgZk4RzZPNAxCXERVxajn/FLcOhglVAKo5H0ac+AitlQ0ip55D2/mf8o72tM fVQ6VpyjEXdiIXWUq/o= -----END CERTIFICATE----- Edit the default nginx sites-available file sudo nano /etc/nginx/sites-available/default and throw this in. Take note of the domain as you would change that to whatever you are using. server { listen 80; listen [::]:80; server_name explorer.denarius.pro; return 302 https://$server_name$request_uri; } server { listen 443 ssl; listen [::]:443 ssl http2; ssl on; ssl_certificate /etc/ssl/certs/cert.pem; ssl_certificate_key /etc/ssl/private/key.pem; location / { proxy_pass http://127.0.0.1:8080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } } Test nginx that there are no errors from the copy/pasta. nginx -t And reload the nginx service. nginx -s reload Now that you have full strict cloudflare on your IPFS / IPNS website. Turn this on. Denarius Wiki is a Hugo built site. https://denarius.wiki/ https://gateway.ipfs.io/ipns/denarius.wiki/ Simple Explorer is a test site using IPFS for a block explorer. https://explorer.denarius.pro/ https://gateway.ipfs.io/ipns/explorer.denarius.pro/

Read the docs over a few times on how to setup Enterprise Xrouter. https://gist.github.com/Aderks/e3ebee5730b337ca7e0d3510155c9e05 and https://github.com/blocknetdx/exrproxy Basically the first example is putting the uwsgi.ini file in /xrproxy directory so I am going to throw the extra cloudflare certificates in same folder to make this as easy as possible. Once you get setup the docker run command I am using for this setup is docker run -d --name=xrproxy -p 80:80 -p 443:443 -v=/xrproxy:/opt/uwsgi/conf blocknetdx/xrouterproxy:latest First we want to put the Cloudflare Certificates into the /xrproxy folder, so login to Cloudflare. Go to SSL/TLS -> Origin Server -> Create Certificate and either use the default or like I did, specifiy the full subdomain. Here I am showing example.denarius.pro for the example. Click Next. Insert Origin Certificate into a cert.pem sudo nano /xrproxy/cert.pem Insert Private Key into key.pem sudo nano /xrproxy/key.pem Not sure if cloudflare.crt matters but do it anyways. Download and copy https://support.cloudflare.com/hc/en-us/article_attachments/360044928032/origin-pull-ca.pem into cloudflare.crt sudo nano /xrproxy/cloudflare.crt below for easy to copy and paste cloudflare.crt -----BEGIN CERTIFICATE----- MIIGCjCCA/KgAwIBAgIIV5G6lVbCLmEwDQYJKoZIhvcNAQENBQAwgZAxCzAJBgNV BAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMRQwEgYDVQQLEwtPcmln aW4gUHVsbDEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzETMBEGA1UECBMKQ2FsaWZv cm5pYTEjMCEGA1UEAxMab3JpZ2luLXB1bGwuY2xvdWRmbGFyZS5uZXQwHhcNMTkx MDEwMTg0NTAwWhcNMjkxMTAxMTcwMDAwWjCBkDELMAkGA1UEBhMCVVMxGTAXBgNV BAoTEENsb3VkRmxhcmUsIEluYy4xFDASBgNVBAsTC09yaWdpbiBQdWxsMRYwFAYD VQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMSMwIQYDVQQD ExpvcmlnaW4tcHVsbC5jbG91ZGZsYXJlLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQAD ggIPADCCAgoCggIBAN2y2zojYfl0bKfhp0AJBFeV+jQqbCw3sHmvEPwLmqDLqynI 42tZXR5y914ZB9ZrwbL/K5O46exd/LujJnV2b3dzcx5rtiQzso0xzljqbnbQT20e ihx/WrF4OkZKydZzsdaJsWAPuplDH5P7J82q3re88jQdgE5hqjqFZ3clCG7lxoBw hLaazm3NJJlUfzdk97ouRvnFGAuXd5cQVx8jYOOeU60sWqmMe4QHdOvpqB91bJoY QSKVFjUgHeTpN8tNpKJfb9LIn3pun3bC9NKNHtRKMNX3Kl/sAPq7q/AlndvA2Kw3 Dkum2mHQUGdzVHqcOgea9BGjLK2h7SuX93zTWL02u799dr6Xkrad/WShHchfjjRn aL35niJUDr02YJtPgxWObsrfOU63B8juLUphW/4BOjjJyAG5l9j1//aUGEi/sEe5 lqVv0P78QrxoxR+MMXiJwQab5FB8TG/ac6mRHgF9CmkX90uaRh+OC07XjTdfSKGR PpM9hB2ZhLol/nf8qmoLdoD5HvODZuKu2+muKeVHXgw2/A6wM7OwrinxZiyBk5Hh CvaADH7PZpU6z/zv5NU5HSvXiKtCzFuDu4/Zfi34RfHXeCUfHAb4KfNRXJwMsxUa +4ZpSAX2G6RnGU5meuXpU5/V+DQJp/e69XyyY6RXDoMywaEFlIlXBqjRRA2pAgMB AAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1Ud DgQWBBRDWUsraYuA4REzalfNVzjann3F6zAfBgNVHSMEGDAWgBRDWUsraYuA4REz alfNVzjann3F6zANBgkqhkiG9w0BAQ0FAAOCAgEAkQ+T9nqcSlAuW/90DeYmQOW1 QhqOor5psBEGvxbNGV2hdLJY8h6QUq48BCevcMChg/L1CkznBNI40i3/6heDn3IS zVEwXKf34pPFCACWVMZxbQjkNRTiH8iRur9EsaNQ5oXCPJkhwg2+IFyoPAAYURoX VcI9SCDUa45clmYHJ/XYwV1icGVI8/9b2JUqklnOTa5tugwIUi5sTfipNcJXHhgz 6BKYDl0/UP0lLKbsUETXeTGDiDpxZYIgbcFrRDDkHC6BSvdWVEiH5b9mH2BON60z 0O0j8EEKTwi9jnafVtZQXP/D8yoVowdFDjXcKkOPF/1gIh9qrFR6GdoPVgB3SkLc 5ulBqZaCHm563jsvWb/kXJnlFxW+1bsO9BDD6DweBcGdNurgmH625wBXksSdD7y/ fakk8DagjbjKShYlPEFOAqEcliwjF45eabL0t27MJV61O/jHzHL3dknXeE4BDa2j bA+JbyJeUMtU7KMsxvx82RmhqBEJJDBCJ3scVptvhDMRrtqDBW5JShxoAOcpFQGm iYWicn46nPDjgTU0bX1ZPpTpryXbvciVL5RkVBuyX2ntcOLDPlZWgxZCBp96x07F AnOzKgZk4RzZPNAxCXERVxajn/FLcOhglVAKo5H0ac+AitlQ0ip55D2/mf8o72tM fVQ6VpyjEXdiIXWUq/o= -----END CERTIFICATE----- Now that we have the certs setup, make sure your Cloudflare is showing proxied, and start or restart the docker container. docker restart xrproxy Enter the Docker container to edit the nginx file to add the certs. docker exec -it xrproxy /bin/bash I use nano so I installed nano before editing the file. apt update apt install nano Edit nginx.conf nano /etc/nginx/nginx.conf An example of what this ends up looking like server { # Running port #listen 80; listen 443 ssl; server_name api.denarius.pro; ssl_certificate /opt/uwsgi/conf/cert.pem; ssl_certificate_key /opt/uwsgi/conf/key.pem; # Proxying connections to application servers location / { } Save and exit nano, restart nginx inside the docker container. service nginx restart Type exit to exit the docker container. If you remove this docker container, you will need to setup nginx again. This part should now work. On the blocknet service node, xrouter.conf I used port=80 and tls=1 I forked the original and added api.denarius.pro just so I could test this out myself. https://github.com/buzzkillb/exrproxy/blob/master/Dockerfile#L76 Examples below of calls to different coin daemons. https://api.denarius.pro/xr/BTC/xrGetBlockCount https://api.denarius.pro/xr/D/xrGetBlockCount https://api.denarius.pro/xr/LTC/xrGetBlockCount https://api.denarius.pro/xr/XSN/xrGetBlockCount After its all working your node should show up here under whatever coins you are running, and also say Enterprise under Type. https://service-explorer.core.cloudchainsinc.com/#/spv-wallets