N. P. O'Donnell, 2021
ARCH=x86_64
BITCOIN_VERSION=0.21.0
wget https://bitcoin.org/bin/bitcoin-core-$BITCOIN_VERSION/bitcoin-$BITCOIN_VERSION-$ARCH-linux-gnu.tar.gz
wget https://bitcoin.org/bin/bitcoin-core-$BITCOIN_VERSION/SHA256SUMS.asc
grep bitcoin-$BITCOIN_VERSION-$ARCH-linux-gnu.tar.gz SHA256SUMS.asc | sha256sum --check
tar -xf bitcoin-$BITCOIN_VERSION-$ARCH-linux-gnu.tar.gz
sudo cp -R bitcoin-$BITCOIN_VERSION/* /usr/
sudo adduser bitcoin
Config File:
rpcallowip=127.0.0.1
rpcuser=someuser
rpcpassword=somepass
Make bitcoin data dir:
sudo mkdir -p /etc/bitcoin
Save the config file to /etc/bitcoin/bitcoind.conf
Edit unit file by typing:
sudo systemctl edit --force --full bitcoind.service
Copy-paste the following unit file:
# It is not recommended to modify this file in-place, because it will
# be overwritten during package upgrades. If you want to add further
# options or overwrite existing ones then use
# $ systemctl edit bitcoind.service
# See "man systemd.service" for details.
# Note that almost all daemon options could be specified in
# /etc/bitcoin/bitcoin.conf, but keep in mind those explicitly
# specified as arguments in ExecStart= will override those in the
# config file.
[Unit]
Description=Bitcoin daemon
Documentation=https://github.com/bitcoin/bitcoin/blob/master/doc/init.md
# https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
After=network-online.target
Wants=network-online.target
[Service]
ExecStart=/usr/bin/bitcoind -daemon \
-pid=/run/bitcoind/bitcoind.pid \
-conf=/etc/bitcoin/bitcoin.conf \
-datadir=/var/lib/bitcoind
# Make sure the config directory is readable by the service user
PermissionsStartOnly=true
ExecStartPre=/bin/chgrp bitcoin /etc/bitcoin
# Process management
####################
Type=forking
PIDFile=/run/bitcoind/bitcoind.pid
Restart=on-failure
TimeoutStopSec=600
# Directory creation and permissions
####################################
# Run as bitcoin:bitcoin
User=bitcoin
Group=bitcoin
# /run/bitcoind
RuntimeDirectory=bitcoind
RuntimeDirectoryMode=0710
# /etc/bitcoin
ConfigurationDirectory=bitcoin
ConfigurationDirectoryMode=0710
# /var/lib/bitcoind
StateDirectory=bitcoind
StateDirectoryMode=0710
# Hardening measures
####################
# Provide a private /tmp and /var/tmp.
PrivateTmp=true
# Mount /usr, /boot/ and /etc read-only for the process.
ProtectSystem=full
# Deny access to /home, /root and /run/user
ProtectHome=true
# Disallow the process and all of its children to gain
# new privileges through execve().
NoNewPrivileges=true
# Use a new /dev namespace only populated with API pseudo devices
# such as /dev/null, /dev/zero and /dev/random.
PrivateDevices=true
# Deny the creation of writable and executable memory mappings.
MemoryDenyWriteExecute=true
[Install]
WantedBy=multi-user.target
Save the unit file.
sudo systemctl enable bitcoind
sudo systemctl start bitcoind
You may want to reboot the machine at this point.
Check service is running:
sudo systemctl status bitcoind
Ensure you see active (running)
You can check on the status of blockchain sync (and any other issues) with the command:
sudo -u bitcoin tail -f /var/lib/bitcoind/debug.log
echo -e "rpcuser=someuser\nrpcpassword=somepass" > /home/$USER/.bitcoin/bitcoin.conf
Test bitcoin-cli:
bitcoin-cli help
If you see the help commands then you've successfully connected to the local daemon.