Difference between revisions of "RaspberryPi"

From Ravencoin Wiki
Jump to navigationJump to search
Line 72: Line 72:
  
 
== Connections and Security ==
 
== Connections and Security ==
First, if you are connecting your Pi with the internet trough WIFI (and not an UTP cable), it is important to know that NOOBS power management turns off wifi after a couple of hours. Obviously, we don't want that to happen so you need to turn of WIFI power management: <pre> sudo iwconfig wlan0 power off </pre>
+
First, if you are connecting your Pi with the internet trough WIFI (and not an UTP cable), it is important to know that NOOBS power management turns off wifi after a couple of hours idling. Obviously, we don't want that to happen so you need to turn of WIFI power management: <pre> sudo iwconfig wlan0 power off </pre>
 
Ok, now that the blockchain is downloading, we are going to work on listening ports (to contribute to the Ravencoin network) and security.  
 
Ok, now that the blockchain is downloading, we are going to work on listening ports (to contribute to the Ravencoin network) and security.  
  

Revision as of 10:47, 28 October 2018


By Jeroz - Oct 27th, 2018

General Introduction

I will walk you trough the steps to set up a full Ravencoin node on a Raspberry Pi running within your home network. A Raspberry Pi node is one of the cheapest options for a Ravencoin node (under $75) and consumes around 3 Watt when running the node and no peripherals are attached to it. The guide runs you through buying and installing hardware, setting up the operating system (NOOBS), installing the node, and setting up security. Setting up security is highly recommended because you are opening a port to the outside world and you want to make sure it is only used for Ravencoin. Also, as there is no working Raspberry Pi graphical user interface for the Raven Core wallet, you will have to set it up through commands in the terminal. For each step, I will try to explain what you are doing and provide command lines that you need to execute. I will provide links that 1) don't require you to compile the node (which takes about 2 hours if it doesn't crash halfway), and 2) a direct download of 1.8GB of the blockchain, so you don't have to download it from other nodes in the network. These steps likely save you days in getting the node up and running.

My resources for setting up this guide were my previous experiences in working with Bash (linux command line language) and:

  1. https://www.raspberrypi.org/documentation/
  2. https://medium.com/@meeDamian/bitcoin-full-node-on-rbp3-revised-88bb7c8ef1d1

Before you start

Before you start, you will need:

  • A working internet connection; via an UTP cable (recommended for connection stability) or WIFI.
  • A PC with an SD card reader
  • A Mouse, keyboard, and monitor

Raspberry Pi hardware

My Pi hardware:

  • $54.99, Canakit Raspberry Pi 3 B+ (Pi + Case + heat sinks + power cable)
    My reasoning for this option: I rather have everything in 1 go.
  • $15.20, 64 GB Samsung 64GB MicroSDXC EVO Plus Memory Card.
    Obviously I forgot to buy this initially (oops...)
    My reasoning for this option: I chose 64GB instead of 32 to have enough room for the future.
    Note: formatting a 64GB (or larger) card takes extra steps, see below

Setting up Pi hardware and OS software

  1. Follow the instructions that shipped with the Raspberry Pi to build it.
  2. Download the OS Zip file (NOOBS for beginners).
  3. The Raspberry Pi only reads FAT32 formatted partitions on the SD card. So you will need to format it using SD Memory Card Formatter
    Note: If your SD card is 64GB (or larger), it will automatically be formatted as exFAT, which is not compatible with NOOBS. You need to force your SD card to format as FAT32 to use NOOBS[1].
    • Linux and Mac OS: The standard formatting tools built into these operating systems are able to create FAT32 partitions; they might also be labeled as FAT or MS-DOS. Simply delete the existing exFAT partition and create and format a new FAT32 primary partition.
    • Windows: The standard formatting tools built into Windows are limited, as they only allow partitions up to 32GB to be formatted as FAT32, so to format a 64GB partition as FAT32 you need to use a third-party formatting tool. A simple tool to do this is FAT32 Format.
  4. Extract the NOOBS zip file and copy its contents on the memory card.
  5. When this process has finished, safely remove the SD card and insert it into your Raspberry Pi.
  6. Connect the power to the Raspberry Pi to let it boot. If you run into trouble, walk trough the Raspberry Pi hardware guide
  7. If you are using NOOBS and this is the first time your Raspberry Pi and SD card have been used, then you'll have to select an operating system and let it install.
  8. Don't forget to set a password for login when prompted. Otherwise it is too easy for someone else to get in.

Setting up the Ravencoin node - The quick way

Now that you got the OS running, it is time for the fun part: setting up the Ravencoin node. Normally, installing Ravencoin will take hours and syncing to the network will take days. However, I found some nice shortcuts for you.

  1. Instead of the repository of the Core Ravencoin developers, Under who is also an active developer, compiled static versions of the Ravencoin wallet/node. Static means that this version works straight out of the box for each operating system. For the Raspberry Pi, you need the ARM-linux version of Ravencoin. Open a terminal and use the following code:
    cd ~/ wget https://github.com/underdarkskies/Ravencoin/releases/download/v2.1.1/raven-2.1.1-arm-linux-gnueabihf.tar.gz tar -xvzf raven-2.1.1-arm-linux-gnueabihf.tar.gz
    Note: Under and I just saved you hours of headaches and 2 hours of compiling!
  2. There is no working Ravencoin GUI for the Raspberry Pi. So you will need to get everything working from the command line. I like to put binaries into my default local user binary location so that I can globally access them from anywhere.
    cd raven-2.1.1/bin sudo cp ./* /usr/local/bin
    Two files in this directory are important:
    • ravend: which is the Ravencoin deamon, a program that implements the Ravencoin protocol for remote procedure calls (RPCs). In simple terms: it will run a wallet/node as a background process and you can send instructions to it.
    • raven-cli: which is the command line interface for Ravencoin that you can use to send instructions to ravend.
  3. Next up is starting the deamon (ravend) process to start the Ravencoin node.
    ravend &
  4. Ravend runs entirely in the background, so you cannot see what is happening. The process will create wallet and blockchain files in ~/.raven/. Subsequently, it will start downloading the Ravencoin blockchain. This will take forever (may take a week)! So, what we are going to do is stop ravend after ~5 minutes and thank Cryptoslo for sharing a link that contains 1.8GB of the blockchain already.
    raven-cli stop cd ~/.raven wget http://147.135.10.45/blockchains/current/Raven_blockchain.zip unzip Raven_blockchain.zip
  5. Additionally, we are going to make a configuration file to set up ravencoin optimally for the raspberry pi.
    touch ~/.raven/raven.conf nano ~/.raven/raven.conf
    Enter the following lines, and adjust user/login settings accordingly:
    rpcuser=rpcuser 
    rpcpassword=SETYOURPASSWORDHERE 
    rpcallowip=IP_ADDRESS_OF_HOST_YOU_ACCESS_RAVEN-CLI_FROM 
    server=1 
    upnp=1 
    dbcache=800 
    maxmempool=50 
    disablewallet=1 
    logips=1 
    maxconnections=40 
    prune=42000 
    maxuploadtarget=5000 
    Note: It is important to set server=1 otherwise you will not get incoming connections and prune lets your pi look at the last X MB of the chain. Adjust this value based on your SD size.
    To save: CTRL+O ENTER, To exit: CTRL+X.
  6. Now you can start start ravend again to index the blockchain that you downloaded and to download the remaining bit (which may still take a day depending on your connection).
    ravend &
  7. Ok, so suppose you are as impatient as I am and you want to know more about the progress of ravend downloading the block chain. To make this insightful we are going to make use of a little script that I found using google and slightly adapted (original creator). It will use raven-cli to get information from the deamon and we will extract the most useful information from it.
    touch ~/check_status.sh nano ~/check_status.sh
    Enter the following lines:
    #!/bin/bash 
    count=$(/usr/local/bin/raven-cli getblockcount); 
    /bin/echo "block count: $count"; 
    hash=$(/usr/local/bin/raven-cli getblockhash $count); 
    /bin/echo "block hash: $hash"; 
    t=$(/usr/local/bin/raven-cli getblock "$hash" | grep '"time"' | awk '{print $2}' | sed -e 's/,$//g'); 
    /bin/echo "block timestamp is: $t"; 
    cur_t=$(date +%s); 
    diff_t=$[$cur_t - $t]; 
    /bin/echo -n "Difference is: "; 
    /bin/echo $diff_t | /usr/bin/awk '{printf "%d days, %d:%d:%d\n",$1/(60*60*24),$1/(60*60)%24,$1%(60*60)/60,$1%60}'; 
    To save: CTRL+O ENTER, To exit: CTRL+X.
    And to make it executable:
     chmod +x ~/check_status.sh 
    You can now use the script to check the blockchain download status of ravend. I noticed that it spits out an error if ravend is still indexing the blockchain (after startup) and that the first call to it is rather slow:
     ~/check_status.sh 

Connections and Security

First, if you are connecting your Pi with the internet trough WIFI (and not an UTP cable), it is important to know that NOOBS power management turns off wifi after a couple of hours idling. Obviously, we don't want that to happen so you need to turn of WIFI power management:

 sudo iwconfig wlan0 power off 

Ok, now that the blockchain is downloading, we are going to work on listening ports (to contribute to the Ravencoin network) and security.

  1. To make sure the necessary ports are open in your Raspberry Pi:
    sudo iptables -A INPUT -p tcp --dport 8767 -j ACCEPT 
    sudo iptables -A INPUT -p udp --dport 8767 -j ACCEPT
  2. You also need to set port forwarding in your router. The necessary steps to do this differs per router and therefore I need to refer you to the manual of your router. Be sure to forward the port to the IP address of your Raspberry Pi and the port you are forwarding is 8767. You can find the IP address using the ifconfig command. It is either 192.168.X.X or 10.0.X.X.
  3. Next, we are going to install Uncomplicated Firewall (ufw). As mentioned in the introduction: this is highly recommended because you are opening a port to the outside world and you want to make sure it is only used for Ravencoin:
    sudo apt install ufw
    Note: ufw default rules allow for all outgoing connections, but block all incoming connections.

    Optional: If you plan on using SSH to access your raspberry pi, make sure that ssh access is allowed (but limited):
    sudo apt install ufw
    Optional: You might want to add a few more limitations on ssh. For example if you’re planning on accessing your node from local network only. Depending on your local network:
    sudo ufw allow from 192.168.1.0/24 to any port 22
    Or
    sudo ufw allow from 10.0.0.0/24 to any port 22
    And/or if you have a dedicated static IP, for example:
    sudo ufw allow from 16.32.64.128 to any port 22
  4. To allow Ravencoin traffic:
    sudo ufw allow 8767 comment 'Ravencoin'
    You can preview the results using:
    sudo ufw status verbose 
    
    Example output: 
    To                         Action      From
    --                         ------      ----
    22/tcp                     LIMIT IN    Anywhere
    8767                       ALLOW IN    Anywhere             # Ravencoin
    22/tcp (v6)                LIMIT IN    Anywhere (v6)             
    8767 (v6)                  ALLOW IN    Anywhere (v6)        # Ravencoin  
  5. Enable Firewall:
    sudo ufw enable
  6. To make it a bit more difficult for someone trying to brute force his way in. We are going to give timeouts when the login password was wrong 5 times using Fail2Ban:
    sudo apt install fail2ban
    To see the banlist:
    sudo fail2ban-client status 
    
    Example output:
     Status|- Number of jail:    1
    `- Jail list:    sshd

Final checks

Ok, time for final checks to make sure peers can connect to you. To see if the port is working you can enter your public IP address and port 8767 at https://ping.eu/port-chk/ .

You can also connect to your node using a wallet on a different pc. In raven core, go to: help>debug window>console and type:

addnode YOUR_PUBLIC_IP:8767 add

On your Raspberry Pi you can check whether you see incoming connections:

netstat | grep :8767

Output example:

tcp  0  0 10.0.0.137:60954  ec2-18-202-73-87.e:8767 ESTABLISHED
tcp  0  0 10.0.0.137:8767   185.212.171.218:54128   ESTABLISHED
tcp  0  0 10.0.0.137:59318  ec2-34-250-168-91.:8767 ESTABLISHED
tcp  0  0 10.0.0.137:33302  pool-71-121-144-13:8767 ESTABLISHED
tcp  0  0 10.0.0.137:8767   62-165-213-161.po:58887 ESTABLISHED
tcp  0  0 10.0.0.137:47502  075-177-011-096.re:8767 ESTABLISHED
tcp  0  0 10.0.0.137:44608  ec2-52-26-83-116.u:8767 ESTABLISHED
tcp  0  0 10.0.0.137:58040  ecs-114-115-175-41:8767 ESTABLISHED
tcp  0  0 10.0.0.137:58112  c-73-37-220-84.hsd:8767 ESTABLISHED

Connections using port:8767 on the left side are incoming connections.

And there you go, a full node on a Raspberry Pi! :)

Thanks to Mapple for giving feedback and catching some typos.