Over the last few years I have keenly followed the rise of Bitcoin from its early days trading at around $8USD. I watched with interest when it made its sharp rise to $1200USD and then felt a bit of dismay with more recent decline back to around the $200USD mark.
As a whole I think Bitcoin and the Blockchain are both game changing technologies that are yet to see their full potential. So over the last few months rather than just watching the Bitcoin exchange rate bounce around the place. I sought to get a deeper understanding of how the underlying technology works and how it can be extended further.
As part of this learning process I decided to set up a Bitcoin node both to act as learning resource for myself and to help contribute something to the larger Bitcoin network. In this article I am going to run through the process of turning a VPS running Debian Wheezy into a fully fledged Bitcoin node.
Unfortunately at the time of writing the Bitcoin software is not available for Debian Wheezy in the standard repositories. So we are going to use a Ubuntu PPA to get the source code and build a package from that instead. Before we get started though please be aware the Blockchain is huge, will use upwards of 30GB of storage and it will only continue to grow. So keep this in mind if you are going to run your node on a VPS or similar to get one with enough disk space.
Okay now that the initial warnings out of the way lets get started. Login to your system an add the following line to the /etc/apt/sources.list file and then save the changes.
[codesyntax lang=”bash” title=”Add Bitcoin Source Repository”]
deb-src http://ppa.launchpad.net/bitcoin/bitcoin/ubuntu precise main
[/codesyntax]
First we need to add the key for the new repository you added to the sources.list. Then its time to update the package list and upgrade the existing libraries and packages that are installed on the system.
[codesyntax lang=”bash” title=”Update & Upgrade Packages”]
apt-key adv –keyserver keyserver.ubuntu.com –recv-keys 8842CE5E
apt-get update
apt-get upgrade
[/codesyntax]
Before we get too carried away though we need to install some supporting packages that the Bitcoin software requires to function.
[codesyntax lang=”bash” title=”Install Supporting Packages”]
apt-get install dpkg-dev qt4-qmake libdb5.1++-dev libqt4-dev libqrencode-dev libminiupnpc-dev libboost-test1.49-dev zlib1g lib32z1 libc6-i386 debhelper devscripts bash-completion libboost-system-dev libssl-dev pkg-config libboost-filesystem-dev libboost-program-options-dev libboost-thread-dev libboost-test-dev dh-autoreconf libboost-chrono1.49.0 libboost-chrono-dev libboost-all-dev libprotobuf-dev protobuf-compiler
[/codesyntax]
Next we grab the source code for the Bitcoin project and get it ready to compile into a .deb package.
[codesyntax lang=”bash” title=”Get Bitcoin Source Code”]
cd /usr/src
apt-get source bitcoin
cd bitcoin-0.9.4/
[/codesyntax]
NOTE: The exact name of the Bitcoin directory will of course change over time as newer versions of the project are released.
Open the file debian/changelog with a text editor and add the following lines to the top of the file:
[codesyntax lang=”bash” title=”Edit The Project Changelog”]
bitcoin (0.9.4-wheezy1) wheezy; urgency=low
* Mark for wheezy.
— Matt Corallo <matt@bluematt.me>
[/codesyntax]
Then close the changelog saving the changes. Now clean the source tree by running the command below from the root of the project code base.
[codesyntax lang=”bash” title=”Clean The Source Tree”]
./debian/rules clean
[/codesyntax]
Side Note: If your system is like mine you may get some complaints back from the cleaning process about the locale not being set. To fix this issue run the commands below to regenerate the system locales. Selecting the appropriate locales that you want on the system for your location then run the clean process again.
[codesyntax lang=”bash” title=”Clean The Source Tree”]
locale-gen en_AU en_AU.UTF-8 hu_HU hu_HU.UTF-8
dpkg-reconfigure locales
./debian/rules clean
[/codesyntax]
If you run the build script as it stands you will get an error from the build process complaining about the version of Berkeley DB installed on the system.
You can find out what version you have installed on your system by executing the following snippet.
[codesyntax lang=”bash” title=”Display Current Version of Berkeley DB”]
cat /usr/include/db.h | grep DB_VERSION_STRING
[/codesyntax]
This will display something similar to the output below.
[codesyntax lang=”bash” title=”Installed Berkeley DB Version”]
#define DB_VERSION_STRING “Berkeley DB 5.1.29: (October 25, 2011)”
[/codesyntax]
My system had version 5.1.29 which is newer than the build process is requesting so I am just going to get it to ignore the issue. If you really want to use Berkeley DB v4.8 you will have to compile it as well which is outside of the cope of this article.
Continuing on, lets add a parameter for the build process to just use the newer version of Berkeley DB we already have. Edit the debian/rules file go down to line 21 and append the flag to the configure command, so it looks like the following.
[codesyntax lang=”bash” title=”Set Incompatible Berkeley DB Flag”]
./configure –with-incompatible-bdb
[/codesyntax]
The flag above will allow the binary to compile but any wallets created on the system will not be portable.
If you are not planning on using the wallet functionality and simply want to run a P2P node. You can go one step further and simply disable the functionality altogether by appending the flag below instead.
[codesyntax lang=”bash” title=”Disable Wallet Functionality”]
./configure –disable-wallet
[/codesyntax]
With the Berkeley DB issue fixed its time to run the actual build process. This step can be time consuming depending on the speed of your system taking anywhere from 10 – 30+ minutes to complete.
[codesyntax lang=”bash” title=”Run Build Script”]
./debian/rules binary
[/codesyntax]
On completion of the build process you should have a freshly made .deb file that can be easily installed with the Debian package manager.
[codesyntax lang=”bash” title=”Install Compiled Debian Package”]
cd ../
dpkg -i bitcoind_0.9.4-precise1_amd64.deb
[/codesyntax]
Up to this point you have probably been logged into your machine as root either natively or using sudo to elevate you privileges for the build process. For the sake of security you obviously don’t want to run the Bitcoin node under a user with so many systems privileges. So lets add dedicated user account to run the service under so its not running with root privileges:
[codesyntax lang=”bash” title=”Create User To Run Bitcoin Process”]
adduser bitcoin
[/codesyntax]
Create a new configuration file for the Bitcoin service.
[codesyntax lang=”bash” title=”Configure Bitcoin Service”]
pico /home/bitcoin/.bitcoin/bitcoin.conf
[/codesyntax]
In this file at a minimum add two lines ( see below for example ) defining a user and password for the JSON RPC web service that allows you to interact with the node.
[codesyntax lang=”bash” title=”Set A Password For The Webservice”]
rpcuser=bitcoinrpc
rpcpassword=D5vrfdZUeQpeF3GCSp5nUMf9DTuYsmdpB81ZmwVeSmz2
[/codesyntax]
For an example file config file showing some of the other possible parameters I recommend taking a look at the Bitcoin Wiki to see all of the options available.
Finally you are ready to start the service.
[codesyntax lang=”bash” title=”Run Bitcoind as Daemon”]
bitcoind –daemon
[/codesyntax]
If you look in the same directory as the config file you created for the service you should also see a log file named debug.log. If you use the tail command to follow the log file ( i.e tail -f debug.log ) now that the node is running. The log will show your node syncing with the blockchain, running through all the old blocks to bring itself up to speed with where things are now. This is a slow process and could take up to a few days to fully sync with the network depending on the connection speed.
Next Steps:
Hardening your new node with some firewall rules is also a pretty good idea to help things secure. Create yourself a script in an editor, with some iptables rules similar to below. If you are not planning on running a web server on the node then I recommend removing the two rules that allow http traffic through on port 80.
[codesyntax lang=”bash” title=”Create Firewall Script”]
#! /bin/sh
# Flushing all rules
iptables -F
iptables -X
# Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# Allow unlimited traffic on loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow incoming SSH
iptables -A INPUT -p tcp –dport 22 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp –sport 22 -m state –state ESTABLISHED -j ACCEPT
# Allow incoming http
iptables -A INPUT -p tcp –dport 80 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp –sport 80 -m state –state ESTABLISHED -j ACCEPT
# Allow incoming 8333
iptables -A INPUT -p tcp –dport 8333 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp –sport 8333 -m state –state ESTABLISHED -j ACCEPT
# Allow outgoing 8333
iptables -A OUTPUT -p tcp –dport 8333 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp –sport 8333 -m state –state ESTABLISHED -j ACCEPT
[/codesyntax]
After entering your firewall rules save the file, add change the file permissions so it can be executed. Then simply run to activate your firewall rules.
If you want to see how much bandwidth your node is using I also recommend installing the vnstat package. This will give you some basic information on the amount of traffic your node is consuming on a daily, weekly, monthly basis. Replace eth0 with the interface you would like to track on your machine. The last command will just display a brief summary of what is happening traffic wise, but you can pull this information in a number of different formations for the full options run vnstat –help.
[codesyntax lang=”bash” title=”Add Vnstat To Monitor Bandwidth Stats”]
apt-get install vnstat
vnstat -i eth0
vnstat -u -i eth0
[/codesyntax]
Beer money?
Are you still awake after reading all that? Are you feeling rich? Any spare BTC for beer is always greatly appreciated!
Send BTC toย 1HYtEBszMQZwFNomhD78h7UWE9aeY7Kru1
Further Reading:
Mastering Bitcoin a solid book containing most of the things you need to know about Bitcoin and the Blockchain while still remaining easy enough to read.
A map of the Bitcoin nodes across the globe