Instantly share code, notes, and snippets.

Embed
What would you like to do?
Ubuntu 16.04 ZEN Secure Nodes Automated Setup
#This script was written by REXOVAS to automate 90% of a ZEN Secure Node setup process for an IPv4 node.
#Parts of this script were adapted from a script by github user rnkhouse
#rnkhouse script found here: https://gist.github.com/rnkhouse/f7f04f0cb10b596e2c6623275968a220
#Prior to running this script, please ensure that you are not signed in as root, and have completed all steps up until the copying
#of authentication key pairs in this guide: https://blockoperations.com/build-zencash-secure-node-part-1-prepare-vps/
#This script performs all actions described in the 3 guides found on blockoperations.com. It compiles zend from source.
#This script installs both Monit and PM2 and automatically configures monit to monitor zend.
#WARNING: This script is intended for use by advanced Linux users. Please read through this script thoroughly to ensure that
# it performs no malicious activity, and completes only the tasks required to initialize a secure node.
# This script will not work 100% in Debian, as Debian will default to installing TLS certs in the root dir, when they are
# required to be in the user dir. Only use this script in UBUNTU 16.04.
# REXOVAS: contact@rexovas.com
# ZEN DONATION ADDRESS: znfRdzcDB1oBDCk2ox7n9Syh2VybrmZfoP3
# INSTRUCTIONS: Copy the contents of this script into a new file (replace <filename> with the name of the file)
# Run chmod +x <filename> to make the script executable
# Run sudo ./<filename>
# NOTE: User input is required at various moments in the setup process. Please monitor the process.
#!/usr/bin/env bash
# Quit on any error.
set -e
purpleColor='\033[0;95m'
normalColor='\033[0m'
# Set environment variables:
read -p "Enter FQDN (a.example.com): " FQDN
read -p "Enter required swap memory (4G): " SWAP
read -p "Enter Username (rexovas): " USER
read -p "Enter Email Address for Alerts (email@gmail.com): " EMAIL
read -p "Ensure the above inputs are as desired. If not press ctrl+c and re-run script. Otherwise press enter to continue " nil
######################################################
sudo timedatectl set-timezone 'America/New_York'
sudo apt update
sudo apt -y install git screen vim nmap ncdu busybox inxi links unzip python pwgen ufw
#########################FIREWALL############
sudo ufw default allow outgoing
sudo ufw default deny incoming
sudo ufw allow ssh/tcp
sudo ufw limit ssh/tcp
sudo ufw allow http/tcp
sudo ufw allow https/tcp
sudo ufw allow 9033/tcp
#sudo ufw allow 19033/tcp
sudo ufw logging on
sudo ufw enable
#############################################
sudo fallocate -l $SWAP /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo echo "/swapfile none swap sw 0 0" >> /etc/fstab
sudo echo "vm.swappiness=10" >> /etc/sysctl.conf
echo -e $purpleColor"Swapfile is done!"$normalColor
##########################################################
sudo apt -y install mailutils postfix
sudo echo "root: $EMAIL" >> /etc/aliases
sudo newaliases
sudo systemctl enable postfix
sudo systemctl restart postfix
echo "NEW NODE TEST" | mail -s "NEW NODE TEST" root
######################################################
sudo apt -y install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
##########################################
sudo apt -y install rkhunter
sudo rkhunter --propupd
#####################################################
sudo touch /home/$USER/update
sudo sh -c "echo '
#!/bin/bash
sudo apt update
sudo apt -y dist-upgrade
sudo apt -y autoremove
npm i -g npm
sudo rkhunter --propupd
' >> /home/$USER/update"
chmod +x update
#######################################################################
mkdir /home/$USER/zencash
cd zencash
git clone https://github.com/ZencashOfficial/zen.git
sudo apt -y install build-essential pkg-config libc6-dev m4 g++-multilib autoconf libtool ncurses-dev unzip git python zlib1g-dev wget bsdmainutils automake
cd zen
./zcutil/build.sh -j$(nproc)
./zcutil/fetch-params.sh
#sudo mv /root/.zcash-params /home/$USER/
#####################################################################################
sudo mkdir -p /home/$USER/.zen
sudo touch /home/$USER/.zen/zen.conf
RPC_USERNAME=$(pwgen -s 74 1)
RPC_PASSWORD=$(pwgen -s 74 1)
sudo sh -c "echo '
addnode=$FQDN
addnode=zennodes.network
rpcuser=$RPC_USERNAME
rpcpassword=$RPC_PASSWORD
rpcport=18231
rpcallowip=127.0.0.1
server=1
daemon=1
listen=1
txindex=1
logtimestamps=1
tlscertpath=/home/$USER/.acme.sh/$FQDN/$FQDN.cer
tlskeypath=/home/$USER/.acme.sh/$FQDN/$FQDN.key
testnet=0
' >> /home/$USER/.zen/zen.conf"
echo -e $purpleColor"zen.conf is done!"$normalColor
##########################################################################
sudo apt-get install monit
sudo touch /home/$USER/zencash/init_zen
sudo cat << EOF >> /home/$USER/zencash/init_zen
#!/bin/bash
PID_FILE='/home/$USER/.zen/zen_node.pid'
start() {
touch \$PID_FILE
eval "/bin/su $USER -c '/usr/bin/zend 2>&1 >> /dev/null'"
PID=\$(ps aux | grep zend | grep -v grep | awk '{print \$2}')
echo "Starting zend with PID \$PID"
echo \$PID > \$PID_FILE
}
stop () {
pkill zend
rm \$PID_FILE
echo "Stopping zend"
}
case \$1 in
start)
start
;;
stop)
stop
;;
*)
echo "usage: zend {start|stop}" ;;
esac
exit 0
EOF
sudo chown -R $USER: /home/$USER/zencash
chmod u+x /home/$USER/zencash/init_zen
sudo cat << EOF >> /etc/monit/monitrc
#added on setup for zend
set httpd port 2812
use address localhost # only accept connection from localhost
allow localhost # allow localhost to connect to the server
#
#zend process control
check process zend with pidfile /home/$USER/.zen/zen_node.pid
start program = "/home/$USER/zencash/init_zen start" with timeout 60 seconds
stop program = "/home/$USER/zencash/init_zen stop"
#
#email notifications using local postfix relay
set mailserver localhost
set mail-format { from: monit@$FQDN }
set alert $EMAIL #receive all alerts
EOF
##################################################
cd /home/$USER
mkdir acme
sudo apt install socat
cd acme
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
./acme.sh --install
cd /home/$USER
sudo /home/$USER/.acme.sh/acme.sh --issue --standalone -d $FQDN
chown -R $USER: /home/$USER/.acme.sh
sudo mkdir /usr/share/ca-certificates/letsencrypt/
sudo cp /home/$USER/.acme.sh/$FQDN/ca.cer /usr/share/ca-certificates/letsencrypt/ca.crt
sudo dpkg-reconfigure ca-certificates
CRONCMD_ACME="6 0 * * * \"/home/$USER/.acme.sh\"/acme.sh --cron --home \"/home/$USER/.acme.sh\" > /dev/null" && (crontab -l | grep -v -F "$CRONCMD_ACME" ; echo "$CRONCMD_ACME") | crontab -
echo -e $purpleColor"certificates has been installed!"$normalColor
###################################################################
################################################################
sudo cp /home/$USER/zencash/zen/src/zend /usr/bin/
sudo cp /home/$USER/zencash/zen/src/zen-cli /usr/bin/
chown -R $USER: /home/$USER/.zen
sudo monit reload
sudo monit start zend
#sudo apt install curl
#curl -sL https://deb.nodesource.com/setup_8.x | sudo bash -
#sudo apt-get install -y nodejs
sudo apt-get install -y npm
sudo npm install -g n
sudo n 8.9
cd /home/$USER/zencash
git clone https://github.com/ZencashOfficial/secnodetracker.git
cd secnodetracker
npm install
sudo chown -R $USER: /home/$USER/zencash
npm install pm2 -g
pm2 kill
sudo chown -R $USER: /home/$USER/.pm2
node -v
npm -v
echo -e $purpleColor"Change /etc/monit/monitrc check frequency!"$normalColor
echo -e $purpleColor"sudo vim /etc/monit/monitrc 'Set daemon 120' change to 'Set daemon 10'"$normalColor
echo -e $purpleColor"sudo monit reload"$normalColor
echo -e $purpleColor"sudo monit start zend"$normalColor
echo -e $purpleColor"zen-cli getinfo to confirm blockchain is syncing"$normalColor
echo -e $purpleColor""$normalColor
echo -e $purpleColor"Navigate to '/home/$USER/zencash/secnodetracker' and run node setup"$normalColor
echo -e $purpleColor"Run pm2 startup"$normalColor
echo -e $purpleColor"Copy and paste the command that pm2 tells you to run"$normalColor
echo -e $purpleColor"Run pm2 start app.js --name secnodetracker"$normalColor
echo -e $purpleColor"Run pm2 save"$normalColor
echo -e $purpleColor"To monitor, type pm2 logs. When finished press ctrl+c"$normalColor
echo -e $purpleColor"IMPORTANT: Verify secnodetracker runs on reboot: Reboot the server 'sudo reboot now', log back in, and run 'pm2 logs'"$normalColor
echo -e $purpleColor"Secnodetracker should be running"$normalColor
echo -e $purpleColor""$normalColor
echo -e $purpleColor""$normalColor
echo -e $purpleColor"REXOVAS: contact@rexovas.com"$normalColor
echo -e $purpleColor"ZEN DONATION ADDRESS: znfRdzcDB1oBDCk2ox7n9Syh2VybrmZfoP3"$normalColor
@DatDraggy

This comment has been minimized.

DatDraggy commented Jun 15, 2018

Is /home/$USER/zencash/zen/src used by anything? I think it should be deleted after the cp to clear up space.
Or just the whole /home/$USER/zencash/zen directory, if it's not being used.

@KeramxD

This comment has been minimized.

KeramxD commented Sep 10, 2018

Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
fallocate: no filename specified

How can I fix that?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment