Get syncing in 10 minutes
- Provision Ubuntu/Debian. (2 GB RAM, 2 CPUs, ~500 GB for txindex=1, or use pruning to limit size to 2-3 GB if disk space is scarce), ssh into as root.
- Update your server:
$ apt update && apt upgrade
- Optional: on your local
$ ssh-copy-id root@ip
(disable ssh password auth at step B.5.)
- As root:
$ adduser bitcoin
- Add
bitcoin
to sudoers:$ usermod -aG sudo bitcoin
$ su - bitcoin
- Optional: on your local
$ ssh-copy-id bitcoin@ip
- Disable password authentication via ssh by sudo editing the line
PasswordAuthentication no
in file/etc/ssh/sshd_config
$ sudo systemctl restart ssh
$ wget https://bitcoin.org/bin/bitcoin-core-0.21.1/bitcoin-0.21.1-x86_64-linux-gnu.tar.gz
$ tar xzf bitcoin-0.21.1-x86_64-linux-gnu.tar.gz
$ sudo install -m 0755 -o root -g root -t /usr/local/bin bitcoin-0.21.1/bin/*
$ sudo mkdir /etc/bitcoin && sudo chown -R bitcoin:bitcoin /etc/bitcoin
- Create
/etc/bitcoin/bitcoin.conf
. Use this for guidance. Mine is below. (I needed a non-pruned full node withtxindex=1
,server=1
and JSON RPC enabled.)
# dbcache is how much RAM in megabytes to dedicate
# increase dbcache (and provisioned memory on server if possible) during initial sync to speed up
# dbcache=7500 # for 8196 MiB
dbcache=1500
listen=1
txindex=1
server=1
rpcauth=bitcoin:<get this using rpcauth.py>
rpcallowip=10.0.0.0/24
- To generate rpcauth:
$ wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py && chmod +x rpcauth.py
$ ./rpcauth.py <rpc_username>
- Setup systemd by sudo creating
/etc/systemd/system/bitcoind.service
.
[Unit]
Description=Bitcoin daemon
Documentation=https://github.com/bitcoin/bitcoin/blob/master/doc/init.md
After=network-online.target
Wants=network-online.target
[Service]
ExecStart=/usr/local/bin/bitcoind -daemon \
-pid=/run/bitcoind/bitcoind.pid \
-conf=/etc/bitcoin/bitcoin.conf \
-datadir=/var/lib/bitcoind
PermissionsStartOnly=true
ExecStartPre=/bin/chgrp bitcoin /etc/bitcoin
Type=forking
PIDFile=/run/bitcoind/bitcoind.pid
Restart=on-failure
#TimeoutStartSec=infinity
TimeoutStopSec=600
User=bitcoin
Group=bitcoin
RuntimeDirectory=bitcoind
RuntimeDirectoryMode=0710
ConfigurationDirectory=bitcoin
ConfigurationDirectoryMode=0710
StateDirectory=bitcoind
StateDirectoryMode=0710
PrivateTmp=true
ProtectSystem=full
ProtectHome=true
NoNewPrivileges=true
PrivateDevices=true
MemoryDenyWriteExecute=true
[Install]
WantedBy=multi-user.target
$ sudo systemctl daemon-reload
$ sudo systemctl enable bitcoind
$ sudo systemctl start bitcoind
- Optional:
$ tail -f /var/lib/bitcoind/debug.log
to see status
$ sudo apt install tor
$ sudo systemctl enable tor
// start on boot- edit
/etc/tor/torrc
, add these:
ControlPort 9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1
HiddenServiceDir /var/lib/tor/bitcoin-service/
HiddenServicePort 8333 127.0.0.1:8334
$ sudo systemctl restart tor
$ sudo usermod -a -G debian-tor bitcoin
- copy your onion address from this:
$ cat /var/lib/tor/bitcoin-service/hostname
- add these lines to
/etc/bitcoin/bitcoin.conf
:
externalip=<youronionaddress>
listenonion=1
onlynet=onion
bind=127.0.0.1
$ sudo systemctl restart bitcoind
$ bitcoin-cli -conf=/etc/bitcoin/bitcoin.conf getnetworkinfo
should show you're only reachable via onion
That's it! Stack sats.