Set up your node

This section comprises every information to properly and securely set up an X-Cash DPoPS node.

Parameters

Parameter

Description

--parameters

Show a list of all parameters

--test

Run the test to make sure the program is compatible with your system

--total_threads <thread_param>

Total number of threads to use

If <param> is not defined, "default" is the max number of threads

--delegates_website

Run the delegates website

--shared-delegates-website --fee <fee_param> --minimum_amount <amount_param>

Run the shared delegates website, with a fee of <fee_param> and a minimum amount of <amount_param>.

<fee_param> : expressed in percentage (up to 6 decimal places). Ex: 6.020000 equals to 6.02%

<amount_param> : Minimum amount for a public_address to receive a payment (in normal units).

--synchronize_database

Synchronize the database from a network data node.

--disable_synchronizing_databases_and_starting_timers

(Used for testing) Disables synchronizing of the databases and starts the timers.

--test_data_add

Add test data to the databases

--test_data_remove

Remove test data from the databases

Set up the Firewall

The goal of setting up a firewall in the DPoPS node is to block any DDoS attacks. We are using IPtables for the firewall.

Solo node setup

The firewall_script.sh is already configured for a solo node setup, no change is required.

Delegates or shared delegates setup

To configure the firewall for a shared delegates website or delegates website, a few changes need to be made to the firewall script. First, open the firewall script:

nano ~/Installed-Programs/XCASH_DPOPS/scripts/firewall/firewall_script.sh

Then, un-comment these 3 lines (by removing the #)

(line 66) # iptables -t filter -I INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 100 --connlimit-mask 32 -j DROP
(line 82) # iptables -A INPUT -p tcp --dport 80 -j ACCEPT
(line 96) # iptables -A PREROUTING -t nat -p tcp --dport 80 -j REDIRECT --to-ports 1828

If you want to run the shared delegates website or delegates website using HTTPS, you will need to install a webserver (e.g. nginx) and configure it.

Run the firewall script

Now we need to run the firewall script and activate it

chmod +x ~/Installed-Programs/XCASH_DPOPS/scripts/firewall/firewall_script.sh
~/Installed-Programs/XCASH_DPOPS/scripts/firewall/firewall_script.sh
iptables-save > /etc/network/iptables.up.rules
iptables-apply -t 60

You should then open another connection to the server to make sure it worked as planned and did not lock you out. Then press y to confirm the changes for the firewall.

Set up and install the systemd files

Edit the below systemd files to your paths.

Copy all of the service files in the systemd folder to /lib/systemd/system/

cp -a ~/Installed-Programs/XCASH_DPOPS/scripts/systemd/* /lib/systemd/system/

Reload systemd

systemctl daemon-reload

Create a systemd PID folder

mkdir ~/Installed-Programs/systemdpid/

Create a mongod pid file and a xcashd pid file

touch ~/Installed-Programs/systemdpid/mongod.pid
touch ~/Installed-Programs/systemdpid/xcash_daemon.pid

MongoDB

MongoDB systemd file
[Unit]
Description=MongoDB Database Server
After=network.target
[Service]
Type=forking
User=root
PIDFile=/root/Installed-Programs/systemdpid/mongod.pid
ExecStart=/root/Installed-Programs/mongodb-linux-x86_64-ubuntu1804-4.2.0/bin/mongod
Restart=always
LimitFSIZE=infinity
LimitCPU=infinity
LimitAS=infinity
LimitNOFILE=64000
LimitNPROC=64000
LimitMEMLOCK=infinity
TasksMax=infinity
TasksAccounting=false
[Install]
WantedBy=multi-user.target

To properly set up the systemd file, you will need to change:

  • Userto the user of the system

  • PIDFileto the full path of the mongod.pid file

  • ExecStart to the path of the mongod file

Reload systemd after you have made any changes to the systemd service files

systemctl daemon-reload

XCASH Daemon

XCASH Daemon systemd file
[Unit]
Description=XCASH Daemon systemd file
[Service]
Type=forking
User=root
PIDFile=/root/Installed-Programs/systemdpid/xcash_daemon.pid
ExecStart=/root/Installed-Programs/X-CASH/build/release/bin/xcashd --rpc-bind-ip 0.0.0.0 --rpc-bind-port 18281 --restricted-rpc --confirm-external-bind --detach --pidfile /root/Installed-Programs/systemdpid/xcash_daemon.pid
RuntimeMaxSec=15d
Restart=always
[Install]
WantedBy=multi-user.target

Make sure to leave the RuntimeMaxSec=15d in the systemd service file, as the XCASH Daemon usually needs to restart after a while to prevent it from not synchronizing.

To properly set up the systemd file, you will need to change:

  • Userto the user of the system

  • PIDFileto the full path of the xcash_daemon.pid file

  • ExecStart to the path of the xcashd file

Reload systemd after you have made any changes to the systemd service files

systemctl daemon-reload

XCASH Daemon (Block Verifier)

Only run the XCASH Daemon service file, as the XCASH DPOPS program will determine if you are a block verifier and start the correct systemd service file

XCASH Daemon (block verifier) systemd file
[Unit]
Description=XCASH Daemon Block Verifier systemd file
[Service]
Type=forking
User=root
PIDFile=/root/Installed-Programs/systemdpid/xcash_daemon.pid
ExecStart=/root/Installed-Programs/X-CASH/build/release/bin/xcashd --block-verifier --rpc-bind-ip 0.0.0.0 --rpc-bind-port 18281 --restricted-rpc --confirm-external-bind --detach --pidfile /root/Installed-Programs/systemdpid/xcash_daemon.pid
RuntimeMaxSec=15d
Restart=always
[Install]
WantedBy=multi-user.target

Make sure to leave the RuntimeMaxSec=15d in the systemd service file, as the XCASH Daemon usually needs to restart after a while to prevent it from not synchronizing.

To properly set up the systemd file, you will need to change:

  • Userto the user of the system

  • PIDFileto the full path of the xcash_daemon.pid file

  • ExecStart to the path of the xcashd file

Reload systemd after you have made any changes to the systemd service files

systemctl daemon-reload

XCASH Wallet

This is the systemd file for XCASH Wallet

XCASH Wallet systemd file
[Unit]
Description=XCASH Wallet
[Service]
Type=simple
User=root
ExecStart=/root/Installed-Programs/X-CASH/build/release/bin/xcash-wallet-rpc --wallet-file /root/Installed-Programs/xcash_wallets/WALLET_FILE_NAME --password PASSWORD --rpc-bind-port 18285 --confirm-external-bind --daemon-port 18281 --disable-rpc-login --trusted-daemon
Restart=always
[Install]
WantedBy=multi-user.target

To properly set up the systemdfile, you will need to change:

  • Userto the user of the system

  • WALLET_FILE_NAME with the name of your wallet file

  • PASSWORD with the password of your wallet file

Reload systemd after you have made any changes to the systemd service files

systemctl daemon-reload

XCASH_DPOPS

This is the systemd file for XCASH DPOPS

XCASH DPOPS systemd file
[Unit]
Description=XCASH DPOPS
[Service]
Type=simple
LimitNOFILE=64000
User=root
WorkingDirectory=/root/Installed-Programs/XCASH_DPOPS/
ExecStart=/root/Installed-Programs/XCASH_DPOPS/XCASH_DPOPS
Restart=always
[Install]
WantedBy=multi-user.target

The LimitNOFILE=64000 will allow the XCASH_DPOPS program to utilize up to 64000 concurrent file descriptors instead of the default 4096 for a Linux process. The actual XCASH_DPOPS program is limited to only accept up to 1000 concurrent connections due to that DPOPS program usage will not be extensive at the start. This will help with DDOS at this time and the limits in the XCASH_DPOPS program will be updated.

To properly set up the systemdfile, you will need to change:

  • Userto the user of the system

  • ExecStart to the full path of theXCASH_DPOPSfile

  • Add the startup flags :

    • --shared_delegates_website to run the XCASH_DPoPS node and the shared delegates website

    • --delegates_website to run the XCASH_DPoPS node and the delegates website

Reload systemd after you have made any changes to the systemd service files

systemctl daemon-reload

Firewall

Firewall systemd file
[Unit]
Description=firewall
[Service]
Type=oneshot
RemainAfterExit=yes
User=root
ExecStart=/root/Installed-Programs/XCASH_DPOPS/scripts/firewall/firewall_script.sh
[Install]
WantedBy=multi-user.target

To properly set up the systemdfile, you will need to change:

  • Userto the user of the system

  • ExecStart to the full path of thefirewall_script.shfile

Reload systemd after you have made any changes to the systemd service files

systemctl daemon-reload

Set up a domain name instead of an IP Address

The XCASH DPOPS system needs a IP Address when registering a delegate to be able to let other delegates know where to send messages to. One can instead setup a domain name (without the www.) and register this instead of an IP address. The possible benefits of using a domain name over an IP address are:

  • One can change IP's from their domain page if they change servers instead of having to update that info in the DPoPS database.

  • It could be more recognizable if there is an issue, since in the XCASH_DPOPS logs and the XCASH_Daemon logs will print the source and destination of messages.

To set up a domain instead of an IP address, go to the domain registrar you have purchased the domain name from and add an A record to the domain.

Each domain registrar is going to be a little different, so you will want to check if they have an official article on how to add an A record.

Now you need to setup the reverse DNS as well. Go to the hosting dashboard of the place where you are renting the server.

Not all hosting companies let you change the reverse DNS, so you might not be able to complete the process.

Navigate to the DPoPS server your are renting. Depending on your service provider, you might have the choice to change the reverse DNS. Change it to the domain name you used in the first step.

At this point you can now register the domain name (without the www.) to the XCASH DPOPS system.

Start/stop/logs for component

Action on systemd service

Command

start

systemctl start name_of_service_file_without.service

e.g. systemctl start XCASH_DPOPS

stop

systemctl stop name_of_service_file_without.service

e.g. systemctl stop XCASH_DPOPS

restart

systemctl stop name_of_service_file_without.service

e.g. systemctl restart XCASH_DPOPS

check status

systemctl status name_of_service_file_without.service

e.g. systemctl status XCASH_DPOPS

check the logs

journalctl --unit=name_of_service_file_without.service

e.g. journalctl --unit=XCASH_DPOPS

check the logs (last 100 lines)

journalctl --unit=name_of_service_file_without.service -n 100 --output cat

e.g. journalctl --unit=XCASH_DPOPS -n 100 --output cat

check the logs (live logging)

journalctl --unit=name_of_service_file_without.service --follow -n 100 --output cat

e.g. journalctl --unit=XCASH_DPOPS --follow -n 100 --output cat