Guide – Setting up your own public Monero remote node

I have been running my Monero remote nodes for a couple months now, so I think it's time I share how I set up my server and how you can create your own remote node to share with the Monero community. This guide is supposed to be as beginner friendly as possible, so if anyone has any feedback on how I can make this guide better please leave a comment 🙂

This guide is intended for Debian based Linux distros. I recommend Debian 10 or 11 for your Monero node as it is a great distro for server applications and has a lot of online support.

Important

It is not a good practice to run your node as root user. It is recomended you create a new user with a unique password and disable root login via SSH. It is also a good practice to secure your SSH login by using SSH key authentication and disabling password authentication. I will not be going over these in this guide, but you can find great tutorials for Debain here and here.

Starting Steps

First we need to make sure our system is updated. Whether you are using a VPS or self-hosting, it is recomended to use the most up to date packages available. To update your system, use sudo apt update && sudo apt upgrade -y

Setting Up Our Firewall

Now that we have our system up to date we need to decrease the amount of attack vectors by restricting access to unneeded ports. The most widely used tool for this is UFW (Uncomplicated Firewall). You can install it with sudo apt install ufw

When the installation has finished we need to set our default traffic settings and open the needed ports for our node. You can set the default settings using sudo ufw default deny incoming && sudo ufw default allow outgoing

Now we can open the needed ports for our Monero node. We will need ports 18081, 18080, and the port you are using for your SSH connection. To allow traffic through these ports you can use sudo ufw allow 18081/tcp && sudo ufw allow 18080/tcp && sudo allow ssh

We can now reload our firewall and enable it so our settings are being used. Do this with sudo ufw reload && sudo ufw enable

Installing Tor

Now that we have our firewall setup and enabled, we can start to install the needed packages for our node. The first program we need to install is Tor so that we can accept incoming connections from the Tor network as our own hidden service. You can install Tor using sudo apt install tor

Once your installation is complete, you need to edit/create your torrc config file located at /etc/tor/torrc. To open your file in an editor you can use sudo nano /etc/tor/torrc

Now that you have opened your file using nano, copy the below config and paste it into your open nano session. To save your new file, press Ctrl+x. You should see a prompt asking you "Save modified buffer?". Press 'Y' to save your changes. Another prompt will appear asking where you want to save your new file. Leave this at the default and press 'Enter'.

HiddenServiceDir /var/lib/tor/monero HiddenServicePort 18081 127.0.0.1:18081 HiddenServicePort 18083 127.0.0.1:18083 

This will allow the ports our node will use to be accessable with Tor connections.

With our torrc config set correctly we need to enable tor as a service so if our server ever restarts, Tor will automatically startup once rebooted. We will also restart Tor to make sure our new torrc config is being used. You can do this using sudo systemctl enable tor && sudo systemctl restart tor

Installing Monero CLI

Now that we have Tor installed and configured, we can start installing the needed packages for our Monero node. Before we do this we need to create a new user for our node to run on. To do this use sudo useradd --system monero

We will need to create some directories that will be used by our node daemon. Use the following commands to create the needed directories and give them the required permissions:

sudo mkdir -p /opt/monero && sudo chown -R monero:monero /opt/monero sudo mkdir -p /srv/monero && sudo chown -R monero:monero /srv/monero sudo mkdir -p /var/log/monero && sudo chown -R monero:monero /var/log/monero 

With our new user and directories added, we can now install the Monero CLI package and starting configuring our node.

You will need to get the latest version of Monero CLI on the official github repo's releases. You can find it here. Click the latest release and scroll to find the "Linux, 64-bit" download link. Right click this link and copy it.

On your server you can install this package using wget -o [link to latest package]

After it is done downloading the file, type ls into your terminal. You should see a file named close to monero-linux-x64-[your-version].tar.bz2

We need to extract the data from this file using tar -xf monero-linux-x64-[your-version].tar.bz2

Once extracted, you can type ls and see a new directory named close to monero-x86_64-linux-gni-[your-version]. We need to move the contents of this directory to our /opt/monero directory we created earlier and confirm it has the correct permissions. You can do this using sudo mv monero-x86_64-linux-gnu-[your-version]/* /opt/monero && sudo chown -R monero:monero /opt/monero

Configuring Monero Node

Now we need to start configuring our monero.conf file to get our node running. Before we can do this we will need to get our Tor hostname that was created for us when we started Tor. You can get your hostname using sudo cat /var/lib/tor/monero/hostname. It should be a random string of characters ending in .onion. This is what you will use to connect to this node through Tor.

Now that we have our new hostname, we can edit/create our monero.conf file. Do this using sudo nano /etc/monero.conf

Change the labeled areas of the config below and paste it into your text editor on your server.

data-dir=/srv/monero # prune-blockchain=1 # Uses less disk space, but is not a full node # sync-pruned-blocks=1 log-file=/var/log/monero/monero.log log-level=0 max-log-file-size=2147483648 check-updates=disabled public-node=1 db-sync-mode=safe rpc-ssl=autodetect confirm-external-bind=1 p2p-bind-ip=0.0.0.0 p2p-bind-port=18080 rpc-bind-ip=0.0.0.0 rpc-bind-port=18081 restricted-rpc-ban=1 no-igd=1 no-zmq=1 max-txpool-weight=268435456 limit-rate-up=1048576 limit-rate-down=1048576 out-peers=64 in-peers=64 tx-proxy=tor,127.0.0.1:9050,16 # It is recomended to add more peer and priority nodes. # You can find more peers at xmrguide.org/remote_nodes add-peer=prvtxmrj7rfc5pupyxhazg3ulxumnti3fhrozgmx3floqcqufjy2srid.onion:18089 add-peer=prvtxmrb5kok3onh2w7i2nusvyt3g5vjvm6hxjjsycq5ossc42yqzkyd.onion:18089 add-peer=xmrnodesarnt4w35aqmu66aart3o324yw6qbnv6pglpof6uqaydzk5id.onion:18081 add-priority-node=prvtxmrj7rfc5pupyxhazg3ulxumnti3fhrozgmx3floqcqufjy2srid.onion:18089 add-priority-node=prvtxmrb5kok3onh2w7i2nusvyt3g5vjvm6hxjjsycq5ossc42yqzkyd.onion:18089 add-priority-node=xmrnodesarnt4w35aqmu66aart3o324yw6qbnv6pglpof6uqaydzk5id.onion:18081 # Replace [onion-hostname] with your new Tor hostname anonymous-inbound=[onion-hostname]:18083,127.0.0.1:18083,64 

To save your file, press Ctrl+x. You should see a prompt asking you "Save modified buffer?". Press 'Y' to save your changes. Another prompt will appear asking where you want to save your new file. Leave this at the default and press 'Enter'.

Now that your config file is created we need to create a monero.service config so we can run our Monero daemon as a service just like our Tor instance.

To create our new config file, you can use sudo nano /etc/systemd/system/monero.service

Paste the below into your nano session.

[Unit] Description=Monero Node After=network.target Wants=network.target [Service] ExecStart=/opt/monero/monerod --detach --config-file /etc/monero.conf --pidfile /run/monero/monerod.pid ExecStartPost=/bin/sleep 0.1 Type=forking PIDFile=/run/monero/monerod.pid Restart=always RestartSec=10 User=monero Group=monero RuntimeDirectory=monero StandardOutput=journal StandardError=journal [Install] WantedBy=multi-user.target 

To save your new file, press Ctrl+x. You should see a prompt asking you "Save modified buffer?". Press 'Y' to save your changes. Another prompt will appear asking where you want to save your new file. Leave this at the default and press 'Enter'.

Now that we have our service config file created, we can enable our Monero daemon and restart it. You can do this using sudo systemctl enable monero && sudo systemctl restart monero

If everything is working correctly you shouldn't see any messages returned. You can confirm that your daemon is running correctly using sudo systemctl status monero

This command should show monero.service is active in green text. If you want to track the monero log and see your current sync status you can use sudo tail -n100 /var/log/monero/monero.log

You can now use your server's IP or Tor hostname and port 18081 to connect to your Monero node. It can take up to a few days for your node to fully sync depending on your hardware, connection speed, and disk speed. Using SSD storage is highly recomended to improve performance.

This is all you need to host your own public Monero remote node! If you have any feedback or questions please leave a comment below.

If you are not interested in setting up your own Monero remote node and just need a secure node for your wallet, you can use one our official nodes with the info listed on our website here.

submitted by /u/privatemonero-org
[link] [comments]

Leave a Reply

Your email address will not be published. Required fields are marked *