Skip to content

Instantly share code, notes, and snippets.

@kdmukai
Last active September 13, 2024 06:16
Show Gist options
  • Save kdmukai/fa19e862776c0ce1c487e20931e59b17 to your computer and use it in GitHub Desktop.
Save kdmukai/fa19e862776c0ce1c487e20931e59b17 to your computer and use it in GitHub Desktop.
Create a Bitcoin Core node in Proxmox

Create a Bitcoin Core Node CT in Proxmox

Create the CT:

  • Debian 12 image
  • 4GB system disk in local-lvm
  • 6GB RAM, 0 swap

Add a data disk mount point

In the CT's "Resources" > "Add" > "Mount point":

  • Storage: "Directory" disk from above
  • Disk size: 1024 GB
  • Path: /data

Debian setup

apt update && apt upgrade -y
apt install gpg -y

Enable ssh

nano /etc/ssh/sshd_config

# In sshd_config:
PermitRootLogin yes

Exit and save changes, restart ssh

/etc/init.d/ssh restart

Install bitcoind

Download a pre-built binary and follow the verification instructions on that page.

Now complete installation

tar xvf bitcoin-27.1-x86_64-linux-gnu.tar.gz

Copy the binaries: See: https://bitcoin.org/en/full-node#linux-instructions

install -m 0755 -o root -g root -t /usr/local/bin bitcoin-27.1/bin/*

Install as a service

nano /etc/systemd/system/bitcoind.service

# configuration:
[Unit]
Description=bitcoind
After=network.target

[Service]
ExecStart=bitcoind -conf=/data/bitcoin.conf
PIDFile=/data/bitcoind.pid
Restart=always
TimeoutSec=120
RestartSec=30

[Install]
WantedBy=multi-user.target

CTRL-X, y to exit and save.

Load the new service and run:

systemctl enable bitcoind
systemctl start bitcoind

If you make further service config changes, load your new changes with:

systemctl daemon-reload

Forward port 8333 on your router

bitcoind will run fine and find outbound peers to connect to as-is, but will need port 8333 forwarded to it if you want inbound peers to be able to connect to you.


Optional


Install Tor

Note: You can run Tor in its own VM but that adds some additional requirements to get the two VMs communicating securely that probably aren't worth the effort. So instead we run Tor directly in the same VM as bitcoind.

Add the Tor repos and install

The debian default repos do not have up to date Tor releases (only up to 0.4.7.16 as of this writing).

from: https://support.torproject.org/apt/

apt install apt-transport-https

# Create a new file:
nano /etc/apt/sources.list.d/tor.list

# In the text editor (assumes debian 12.5 "bookworm"):
deb     [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org bookworm main
deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org bookworm main

CTRL-X, y to exit and save.

Back on the command line:

# Add the repo's signing key
wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null

# Read the new repo
apt update

# Install Tor and its package that keeps the signing key updated
apt install tor deb.torproject.org-keyring

Configure Tor

from: https://github.com/bitcoin/bitcoin/blob/master/doc/tor.md#control-port

# Edit the tor conf file:
nano /etc/tor/torrc

# In the text editor:

# Uncomment:
ControlPort 9051
CookieAuthentication 1

# Based on info from the bitcoin guide linked above, also add:
CookieAuthFileGroupReadable 1
DataDirectoryGroupReadable 1
# Restart the Tor service
systemctl restart tor

Configure bitcoind

nano /data/bitcoin.conf

# In the text editor:

# add:
debug=tor

# anonymize all outgoing connections
proxy=127.0.0.1:9050

# automatically create an onion service to listen on (support incoming onion connections)
listen=1
# Restart bitcoind with the changes.
systemctl restart bitcoind

bitcoind should automatically locate the Tor authentication cookie and set up its own onion service. Monitor bitcoind's logs during startup to verify:

tail -f -n 1000 /data/debug.log

Look for log entries that are prefixed with [tor], e.g.:

[tor] Successfully connected!
[tor] Connected to Tor version 0.4.8.12
[tor] Supported authentication method: COOKIE
Supported authentication method: SAFECOOKIE
[tor] Using SAFECOOKIE authentication, reading cookie authentication from /run/tor/control.authcookie
init message: Done loading
[tor] SAFECOOKIE authentication challenge successful
[tor] AUTHCHALLENGE ServerHash [...] ServerNonce [...]
[tor] Authentication successful
[tor] Get SOCKS port command yielded 127.0.0.1:9050
[tor] Configuring onion proxy for 127.0.0.1:9050
[tor] ADD_ONION successful
Got tor service ID [...], advertising service [...].onion:8333
[tor] Cached service private key to /data/onion_v3_private_key

Add an i2p relay

Note: I could not get bitcoind to connect to i2pd (C++) or I2P (Java) running in a different VM. But running i2pd locally in the same VM as bitcoind "just worked". 🤷‍♂️

Steps from: https://jonatack.github.io/articles/using-alternative-p2p-networks-with-bitcoin-core

Learn more: https://github.com/bitcoin/bitcoin/blob/master/doc/i2p.md

apt install i2pd

# Load the i2pd service
systemctl enable i2pd

# Start the service
systemctl start i2pd

Then edit your bitcoin.conf to enable i2p p2p connections

nano /data/bitcoin.conf

# In the text editor add:
debug=i2p

# [i2p]
# I2P SAM proxy <ip:port> to reach I2P peers and accept I2P connections.
i2psam=127.0.0.1:7656

CTRL-X, y to exit and save.

Restart bitcoind:

systemctl restart bitcoind

Monitor bitcoind's logs during startup to verify:

tail -f -n 1000 /data/debug.log

Look for log entries that are prefixed with [i2p], e.g.:

[i2p] Creating persistent SAM session 0b3c53fc4b with 127.0.0.1:7656
[i2p] Persistent SAM session 0b3c53fc4b created, my address=[...].b32.i2p:0
2024-06-23T13:45:59Z AddLocal([...].b32.i2p:0,4)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment