Monero is a cryptocurrency that distinguishes itself using a CryptoNote-derived algorithm to secure the blockchain such that transactions don't divulge the transaction amount, source, or destination. This clever combination means decentralized "public" miners mathematically validate "private" transactions while preserving the privacy of parties to the transaction. Fortunately, the standard Monero package provides monero-wallet-rpc which our existing servers can use to easily leverage Monero off a dedicated droplet.
We're primarily reading the Monero blockchain, as opposed to mining it, which means the droplet can skimp on CPU/RAM for disk space (the current blockchain is ~56GB). I used the lowest-tier ($5/mo) option running 64-bit Ubuntu 18.04.2 with 25GB disk, then added Block Storage Volume for 100GB for the blockchain; this also makes expanding it in the future pretty simple (note that added volumes appear in /mnt with a region identifier such as "/mnt/volume_nyc3_01").
Although the droplet is currently dedicated to Monero, we'll minimize future headaches by getting off root
and using a dedicated user. I also highly recommend using iptables (or equivalent) to restrict network (P2P/RPC) access to only designated remote addresses.
adduser monero mkdir -p /mnt/volume_nyc3_01/monero ln -s /mnt/volume_nyc3_01/monero /var/monero chown monero:monero /mnt/volume_nyc3_01/monero
Now switching over to that user...
su monero cd /var/monero mkdir -p data logs service # download the latest command-line interface release wget https://downloads.getmonero.org/cli/linux64 tar -xjvf linux64 mv monero-v* bin rm linux64 # basic network-accessible Monero configuration cat <<EOF >/var/monero/monero.conf data-dir=/var/monero/data log-file=/var/monero/logs/monerod.log # P2P full node p2p-bind-ip=0.0.0.0 # Bind to all interfaces (the default) p2p-bind-port=18080 # Bind to default port # RPC open node rpc-login=username:$(openssl rand -base64 42) # RPC authentication (no encryption) rpc-bind-ip=0.0.0.0 # Bind to all interfaces rpc-bind-port=18081 # Bind on default port confirm-external-bind=1 # Open node (confirm) restricted-rpc=1 # Prevent unsafe RPC calls no-igd=1 # Disable UPnP port mapping # Slow but reliable db writes db-sync-mode=safe # Emergency checkpoints set by MoneroPulse operators will be enforced to workaround potential consensus bugs # Check https://monerodocs.org/infrastructure/monero-pulse/ for explanation and trade-offs enforce-dns-checkpointing=1 out-peers=64 # This will enable much faster sync and tx awareness; the default 8 is suboptimal nowadays in-peers=1024 # The default is unlimited; we prefer to put a cap on this limit-rate-up=1048576 # 1048576 kB/s == 1GB/s; a raise from default 2048 kB/s; contribute more to p2p network limit-rate-down=1048576 # 1048576 kB/s == 1GB/s; a raise from default 8192 kB/s; allow for faster initial sync EOF # systemd service configuration cat <<EOF > /var/monero/service/monero.service [Unit] Description=Monero node After=network.target [Service] User=monero Group=monero Type=simple WorkingDirectory=/var/monero ExecStartPre=/bin/mkdir -p /var/monero/data ExecStartPre=/bin/chown monero:monero /var/monero/data ExecStart=/var/monero/bin/monerod --config-file /var/monero/monero.conf --data-dir /var/monero/data --non-interactive StandardError=syslog Restart=on-failure [Install] WantedBy=multi-user.target EOF
Back to root to install and start the service
exit # get back to root; alternatively give monero sudo (`adduser monero --group sudo`) cp /var/monero/service/monero.service /etc/systemd/system/ systemctl daemon-reload systemctl enable monero service monero start
Finally, check the logs to ensure it works
tail --follow /var/monero/logs/monerod.log
Congratulations! Your droplet should now be downloading and parsing the blockchain.