- based on small Digital Ocean VPS (1CPU / 1GB RAM) with Ubuntu 16.04
- SSH keys are recommended, but not described here
- (sub) domain name necessary for SSL certificate
Login as "root"
$ apt update
$ apt upgrade
$ apt install ufw fail2ban
$ ufw app list
$ ufw default deny incoming
$ ufw default allow outgoing
$ ufw allow OpenSSH
$ ufw allow 9735 comment 'allow Lightning'
$ ufw allow 9000 comment 'allow Lightning Charge HTTP'
$ ufw allow 9001 comment 'allow Lightning Charge HTTPS'
$ ufw enable
$ systemctl enable ufw
$ ufw status
### create sudo user
$ adduser stadicus
$ adduser stadicus sudo
### create service user
$ adduser bitcoin
$ exit
https://github.com/gdassori/spruned
### with sudo user
$ sudo apt install libleveldb-dev python3-dev git virtualenv gcc g++
$ sudo su - bitcoin
### with bitcoin user
$ git clone https://github.com/gdassori/spruned.git
$ cd spruned
$ virtualenv -p python3.5 venv
$ . venv/bin/activate
$ pip install -r requirements.txt
$ python setup.py install
$ exit
### systemd startup
$ sudo nano /etc/systemd/system/spruned.service
# sPRUNED: systemd unit
# /etc/systemd/system/spruned.service
[Unit]
Description=sPRUNED Bitcoin node
After=network.target
[Service]
ExecStart=/home/bitcoin/spruned/venv/bin/spruned --network bitcoin.mainnet --rpcuser xxx --rpcpassword xxx
Type=simple
User=bitcoin
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
### start and enable the new service
$ sudo systemctl start spruned
$ sudo systemctl status spruned
$ sudo systemctl enable spruned
$ sudo tail -f /home/bitcoin/.spruned/spruned.log
https://bitcoin.org/en/download
### with sudo user
$ mkdir download && cd download
$ wget https://bitcoin.org/bin/bitcoin-core-0.16.1/bitcoin-0.16.1-x86_64-linux-gnu.tar.gz
$ tar -xvf bitcoin-0.16.1-x86_64-linux-gnu.tar.gz
$ sudo install -m 0755 -o root -g root -t /usr/local/bin bitcoin-0.16.1/bin/bitcoin-cli
$ cd
$ rm -rf download
### bitcoin-cli configuration
$ sudo mkdir /home/bitcoin/.bitcoin
$ sudo nano /home/bitcoin/.bitcoin/bitcoin.conf
# Connection settings
rpcuser=xxx
rpcpassword=xxx
https://github.com/ElementsProject/lightning
### with admin user
$ sudo apt-get install -y autoconf automake build-essential git libtool libgmp-dev libsqlite3-dev python python3 net-tools zlib1g-dev
$ cd
$ git clone https://github.com/ElementsProject/lightning.git
$ cd lightning
$ git tag -l
$ git checkout tags/v0.6
$ ./configure
$ make
$ sudo make install
### systemd startup
$ sudo nano /etc/systemd/system/lightning.service
# c-Lightning: systemd unit
# /etc/systemd/system/lightning.service
[Unit]
Description=c-Lightning daemon
Requires=spruned.service
After=spruned.service
[Service]
ExecStart=/usr/local/bin/lightningd --pid-file=/home/bitcoin/.lightning/lightning.pid --daemon
PIDFile=/home/bitcoin/.lightning/lightning.pid
User=bitcoin
Type=forking
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
### c-lightning configuration
sudo mkdir /home/bitcoin/.lightning
sudo nano /home/bitcoin/.lightning/config
alias=Your_Node_Alias
log-level=debug
network=bitcoin
bitcoin-rpcuser=xxx
bitcoin-rpcpassword=xxx
bitcoin-rpcconnect=localhost
bitcoin-rpcport=8332
log-file=/home/bitcoin/.lightning/lightning.log
### set bitcoin as owner, start and enable
$ sudo chown -R bitcoin:bitcoin /home/bitcoin/.lightning/
$ sudo systemctl start lightning
$ sudo systemctl status lightning
$ sudo systemctl enable lightning
$ sudo tail -f /home/bitcoin/.lightning/lightning.log
### Check setup
$ sudo su - bitcoin
$ bitcoin-cli getblockchaininfo
{
"blocks": 533666,
"pruned": false,
"chainwork": null,
"headers": 533666,
"bestblockhash": "0000000000000000001b65cc396bfdd8cff3a712f2f31b5ee7feb963314a5acd",
"difficulty": null,
"mediantime": 1532556068,
"chain": "main",
"warning": "spruned 0.0.2a3, emulating bitcoind v0.16",
"verificationprogress": 100
}
$ lightning-cli -h
$ lightning-cli connect [email protected]:9735 ## get a random node from 1ml.com
$ lightning-cli listpeers
$ lightning-cli newaddr
https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-16-04
### as sudo user
$ sudo apt-get install nginx
$ sudo ufw allow "Nginx Full"
$ systemctl status nginx
### point domain name to this server and check Nginx website with your browser
### configure Nginx
$ sudo nano /etc/nginx/sites-available/charged
server {
listen 9000;
server_name your.domainname.com;
location / {
proxy_pass http://127.0.0.1:9112;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
### enable Nginx block
$ sudo rm /etc/nginx/sites-enabled/default
$ sudo ln /etc/nginx/sites-available/charged /etc/nginx/sites-enabled/charged
$ sudo nginx -t
$ sudo systemctl reload nginx
### as sudo user
$ curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
$ sudo apt-get install -y nodejs build-essential
### sometimes, this step caused some errors. Not sure why
$ npm install -g lightning-charge
### if you get an error, try this
$ sudo npm install --unsafe-perm -g lightning-charge
### check operations (optional)
### in "bitcoin" user session
$ charged --api-token REPLACE_WITH_YOUR_SECRET_TOKEN defaults: --ln-path /home/bitcoin/.lightning --db-path /home/bitcoin/.lightning/charge.db --port 9112
### different user session on the same machine:
$ curl localhost:9112
### as sudo user
$ sudo nano /etc/systemd/system/charged.service`
# Lightning Charge: systemd unit
# /etc/systemd/system/charged.service
[Unit]
Description=Lightning Charge
After=lightning.service
Requires=lightning.service
[Service]
WorkingDirectory=/home/bitcoin/.lightning
ExecStartPre=/bin/sh -c 'sleep 30'
ExecStart=/usr/bin/charged --api-token REPLACE_WITH_YOUR_SECRET_TOKEN --ln-path /home/bitcoin/.lightning --db-path /home/bitcoin/.lightning/charge.db --port 9112
User=bitcoin
Type=simple
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
### start & enable
$ sudo systemctl start lightning
$ sudo systemctl status lightning
$ sudo systemctl enable lightning
$ sudo tail -f
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt update
$ sudo apt install python-certbot-nginx
$ sudo certbot --nginx -d your.domainname.com
### when asked, do not redirect HTTPS traffic at the moment
### check website again, using https://....
### open nginx block and change "443" to "9001"
$ sudo nano /etc/nginx/sites-available/charged
$ sudo systemctl reload nginx
### check https://your.domainname.com:9001 in your browser