Created
July 31, 2025 18:20
-
-
Save portlandhodl/c4eb8de116452d99f45dc5d45d926c74 to your computer and use it in GitHub Desktop.
Bitcoin Core Setup Bash Script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Bitcoin daemon setup script | |
| # This script sets up bitcoind with proper user, directories, and systemd service | |
| set -e # Exit on error | |
| # Colors for output | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| YELLOW='\033[1;33m' | |
| NC='\033[0m' # No Color | |
| # Function to print colored output | |
| print_status() { | |
| echo -e "${GREEN}[+]${NC} $1" | |
| } | |
| print_error() { | |
| echo -e "${RED}[!]${NC} $1" | |
| } | |
| print_warning() { | |
| echo -e "${YELLOW}[*]${NC} $1" | |
| } | |
| # Check if running as root | |
| if [[ $EUID -ne 0 ]]; then | |
| print_error "This script must be run as root" | |
| exit 1 | |
| fi | |
| print_status "Starting Bitcoin daemon setup..." | |
| # Check if Bitcoin is installed | |
| if ! command -v bitcoind &> /dev/null; then | |
| print_error "Bitcoin daemon (bitcoind) is not installed." | |
| print_warning "Please install Bitcoin Core first. You can download it from:" | |
| print_warning "https://bitcoin.org/en/download" | |
| print_warning "Or install via package manager if available for your distribution." | |
| exit 1 | |
| fi | |
| # Create bitcoin user and group if they don't exist | |
| if ! id -u bitcoin &>/dev/null; then | |
| print_status "Creating bitcoin user and group..." | |
| useradd -r -s /usr/sbin/nologin -m -d /var/lib/bitcoind bitcoin | |
| else | |
| print_warning "Bitcoin user already exists" | |
| fi | |
| # Create required directories | |
| print_status "Creating required directories..." | |
| # Configuration directory | |
| mkdir -p /etc/bitcoin | |
| chown root:bitcoin /etc/bitcoin | |
| chmod 710 /etc/bitcoin | |
| # Data directory | |
| mkdir -p /var/lib/bitcoind | |
| chown bitcoin:bitcoin /var/lib/bitcoind | |
| chmod 710 /var/lib/bitcoind | |
| # Runtime directory (will be created by systemd, but we'll set it up) | |
| mkdir -p /run/bitcoind | |
| chown bitcoin:bitcoin /run/bitcoind | |
| chmod 710 /run/bitcoind | |
| # Create basic bitcoin.conf if it doesn't exist | |
| if [ ! -f /etc/bitcoin/bitcoin.conf ]; then | |
| print_status "Creating basic bitcoin.conf..." | |
| cat > /etc/bitcoin/bitcoin.conf << 'EOF' | |
| # Bitcoin Core configuration file | |
| # Network-related settings | |
| # Run on the main network (use testnet=1 for testnet) | |
| #testnet=0 | |
| # JSON-RPC options (for controlling bitcoind) | |
| server=1 | |
| rpcuser=bitcoinrpc | |
| rpcpassword=CHANGE_THIS_PASSWORD_$(openssl rand -hex 32) | |
| # Connection settings | |
| #rpcallowip=127.0.0.1 | |
| #rpcport=8332 | |
| # Miscellaneous options | |
| txindex=0 | |
| prune=550 # Reduce storage requirements to ~550MB (remove this line for full node) | |
| # Performance options | |
| dbcache=450 | |
| maxorphantx=10 | |
| maxmempool=300 | |
| maxconnections=125 | |
| maxuploadtarget=1000 # Limit upload to ~1GB per day | |
| # Security | |
| disablewallet=0 | |
| # Logging | |
| printtoconsole=0 | |
| EOF | |
| # Set proper permissions on config file | |
| chown root:bitcoin /etc/bitcoin/bitcoin.conf | |
| chmod 640 /etc/bitcoin/bitcoin.conf | |
| print_warning "Basic bitcoin.conf created. Please edit /etc/bitcoin/bitcoin.conf to:" | |
| print_warning " - Change the rpcpassword" | |
| print_warning " - Adjust settings according to your needs" | |
| print_warning " - Remove 'prune=550' if you want to run a full archival node" | |
| else | |
| print_warning "bitcoin.conf already exists, skipping creation" | |
| fi | |
| # Create systemd service file | |
| print_status "Creating systemd service file..." | |
| cat > /etc/systemd/system/bitcoind.service << 'EOF' | |
| # It is not recommended to modify this file in-place, because it will | |
| # be overwritten during package upgrades. If you want to add further | |
| # options or overwrite existing ones then use | |
| # $ systemctl edit bitcoind.service | |
| # See "man systemd.service" for details. | |
| # Note that almost all daemon options could be specified in | |
| # /etc/bitcoin/bitcoin.conf, but keep in mind those explicitly | |
| # specified as arguments in ExecStart= will override those in the | |
| # config file. | |
| [Unit] | |
| Description=Bitcoin daemon | |
| Documentation=https://github.com/bitcoin/bitcoin/blob/master/doc/init.md | |
| # https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ | |
| After=network-online.target | |
| Wants=network-online.target | |
| [Service] | |
| ExecStart=/usr/bin/bitcoind -pid=/run/bitcoind/bitcoind.pid \ | |
| -conf=/etc/bitcoin/bitcoin.conf \ | |
| -datadir=/var/lib/bitcoind \ | |
| -startupnotify='systemd-notify --ready' \ | |
| -shutdownnotify='systemd-notify --stopping' | |
| # Make sure the config directory is readable by the service user | |
| PermissionsStartOnly=true | |
| ExecStartPre=/bin/chgrp bitcoin /etc/bitcoin | |
| # Process management | |
| #################### | |
| Type=notify | |
| NotifyAccess=all | |
| PIDFile=/run/bitcoind/bitcoind.pid | |
| Restart=on-failure | |
| TimeoutStartSec=infinity | |
| TimeoutStopSec=600 | |
| # Directory creation and permissions | |
| #################################### | |
| # Run as bitcoin:bitcoin | |
| User=bitcoin | |
| Group=bitcoin | |
| # /run/bitcoind | |
| RuntimeDirectory=bitcoind | |
| RuntimeDirectoryMode=0710 | |
| # /etc/bitcoin | |
| ConfigurationDirectory=bitcoin | |
| ConfigurationDirectoryMode=0710 | |
| # /var/lib/bitcoind | |
| StateDirectory=bitcoind | |
| StateDirectoryMode=0710 | |
| # Hardening measures | |
| #################### | |
| # Provide a private /tmp and /var/tmp. | |
| PrivateTmp=true | |
| # Mount /usr, /boot/ and /etc read-only for the process. | |
| ProtectSystem=full | |
| # Deny access to /home, /root and /run/user | |
| ProtectHome=true | |
| # Disallow the process and all of its children to gain | |
| # new privileges through execve(). | |
| NoNewPrivileges=true | |
| # Use a new /dev namespace only populated with API pseudo devices | |
| # such as /dev/null, /dev/zero and /dev/random. | |
| PrivateDevices=true | |
| # Deny the creation of writable and executable memory mappings. | |
| MemoryDenyWriteExecute=true | |
| # Restrict ABIs to help ensure MemoryDenyWriteExecute is enforced | |
| SystemCallArchitectures=native | |
| [Install] | |
| WantedBy=multi-user.target | |
| EOF | |
| # Reload systemd daemon | |
| print_status "Reloading systemd daemon..." | |
| systemctl daemon-reload | |
| # Enable the service | |
| print_status "Enabling bitcoind service..." | |
| systemctl enable bitcoind.service | |
| # Create a helper script for bitcoin-cli | |
| print_status "Creating bitcoin-cli helper script..." | |
| cat > /usr/local/bin/bitcoin-cli-service << 'EOF' | |
| #!/bin/bash | |
| # Helper script to run bitcoin-cli with correct configuration | |
| exec /usr/bin/bitcoin-cli -conf=/etc/bitcoin/bitcoin.conf "$@" | |
| EOF | |
| chmod +x /usr/local/bin/bitcoin-cli-service | |
| print_status "Setup complete!" | |
| echo "" | |
| print_warning "Important next steps:" | |
| print_warning "1. Edit /etc/bitcoin/bitcoin.conf and change the rpcpassword" | |
| print_warning "2. Review and adjust other settings in bitcoin.conf as needed" | |
| print_warning "3. Start the service with: systemctl start bitcoind" | |
| print_warning "4. Check service status with: systemctl status bitcoind" | |
| print_warning "5. View logs with: journalctl -u bitcoind -f" | |
| print_warning "6. Use bitcoin-cli with: bitcoin-cli-service <command>" | |
| echo "" | |
| print_status "First sync may take several hours to days depending on your configuration." | |
| print_status "If using pruned mode (default in this setup), only ~550MB will be used." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment