Select Git revision
-
Hugo Trentesaux authoredHugo Trentesaux authored
smith.md 4.40 KiB
How to become a (black)smith
Publish a node
Duniter part
- Add this docker-compose on your server : docker/compose/gdev-validator.docker-compose.yml
- Create a
.envfile that define environment variablesSERVER_DOMAIN,PEER_IDandVALIDATOR_PEER_ID:-
SERVER_DOMAIN: a domain name that point on your server -
PEER_ID: Your rpc node peer id, shoud be generated with this command:docker run --rm -it --entrypoint -v $PWD:/var/lib/duniter/ duniter duniter/duniter-v2s:v0.1.0 key generate-node-key --file /var/lib/duniter/rpc-node.key -
VALIDATOR_PEER_ID: Your validator node peer id, shoud be generated with this command:docker run --rm -it --entrypoint -v $PWD:/var/lib/duniter/ duniter duniter/duniter-v2s:v0.1.0 key generate-node-key --file /var/lib/duniter/validator-node.keyNote: duniter-rpc PEER_ID and duniter-validator PEER_ID isn't the same.
-
- If you have write access errors run in docker-compose.yml folder :
chmod o+rwX -R . -
docker-compose up -dto start your node
Reverse-proxy part (with Nginx)
In /etc/nginx/sites-enabled/gdev.YOUR_DOMAIN put (you can probably do simpler) :
server {
server_name gdev.YOUR_DOMAIN.fr;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/nginx/ssl/YOUR_DOMAIN.cert;
ssl_certificate_key /etc/nginx/ssl/YOUR_DOMAIN.key;
root /nowhere;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_read_timeout 90;
location /http {
proxy_pass http://localhost:9933;
proxy_http_version 1.1;
}
location /ws {
proxy_pass http://localhost:9944;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_read_timeout 1200s;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
}and replace YOUR_DOMAIN by your domain each time.
- generate your ssl certificates with let's encrypt if you don't already have a wildcard certificate.
service nginx reload
Your node is now online as a rpc node. It's fully capable for wallet use.
Join the Smith WoT
- add polkadot webextension to be able to authentificate with your account.
- Go to any node with polkadotjs ui
- Ask to join Smith WoT (you need to already be in the main WoT)
- developer > extrinsics > YOUR_SMITH_ACCOUNT > smithMembership > requestMemberShip(metadata)
- add your p2p endpoint (optional)
- add your session key (follow point 1 to 4 from Validate blocks > Generate and publish your session key)
- Send the query
- Await smith certification : developer > extrinsics > CERTIFIER_SMITH_ACCOUNT > smithCert > addCert(receiver)
When you have at least 3 certifications, your'in !
Validate blocks (blacksmith work)
- Generate and publish your session keys
- create an ssh bridge from your desktop/laptop to your server :
ssh -L 9945:localhost:9945 SSH_USER@YOUR_SERVER - In your browser go to polkadotjs : ws://localhost:9945
- In the UI : developer > appel RPC > author > rotateKey() and run
- copy the result in clipboard
- In the UI : developer > extrinsics > YOUR_SMITH_ACCOUNT > authorityMembers > setSessionKeys(keys) then copy your session keys and run the query.
- wait 48h to verify you keep sync
- create an ssh bridge from your desktop/laptop to your server :
- Join
- In the UI : developer > extrinsics > YOUR_SMITH_ACCOUNT > authorityMembers > goOnline()
If you're not able to monitor, reboot, act on your node, goOffline() to avoid penality to the blockchain and to you.
Upgrade your node with minimal interruption
- Modify docker image tag on your compose file
- Run
docker compose pull, this will pull the new image. - Run
docker compose up -d --remove-orphans, this will recreate the container - Verify that your node restarted well
docker compose logs duniter-validator - Remove the old image
docker images rmi duniter/duniter-v2s:OLD_TAG