Remote Masternode

Please Read

Copy and Paste from this document often fails. Please copy paste into another editor, adjust line endings and then add to your server.

Requirements

Remote Masternodes have a different software, AKA and Proof of Reputation requirement than standard Akroma full masternodes

Software

  • Nginx

  • Let's Encrypt

  • Akroma (0.2.4 or later)

AKA and Proof of Participation

Manual Install Process

Based on Digital Ocean (assume root).

Configure Akroma

$ wget https://github.com/akroma-project/akroma/releases/download/0.2.4/release.linux-amd64.0.2.4.zip
$ apt-get install unzip
$ unzip release.linux-amd64.0.2.4.zip
$ chmod a+x geth
$ mv geth /usr/sbin/geth-akroma

Add akroma user

Debian/Ubuntu:

/usr/sbin/adduser akroma --gecos "" --disabled-password --system --group

CentOS:

/usr/sbin/adduser -r akroma -s /bin/false -b /home -m

Create systemd service

Create file /etc/systemd/system/akroma.remote.service

[Unit]
Description=akroma.remote
After=network-online.target
[Service]
User=akroma
Group=akroma
Type=simple
Restart=always
RestartSec=30s
TimeoutStopSec=5
ExecStart=/usr/sbin/geth-akroma --masternode --rpcport 8545 --rpcvhosts * --rpc --rpcapi "eth,net,web3" --rpcaddr "0.0.0.0" --rpccorsdomain * --atxi --atxi.autobuild
[Install]
WantedBy=default.target

Enable and start service:

$ systemctl daemon-reload
$ systemctl enable akroma.remote
$ systemctl status akroma.remote
$ systemctl restart akroma.remote
$ systemctl status akroma.remote

Register Masternode in Portal

Now that you configured your masternode, head over to the Akroma portal and register the masternode.

  • Select "remote masternode" under the "type" dropdown of the "create masternode" page.

  • Remote masternodes listen on port 80

  • Your masternode will not be verified, and will fail health checks until you complete nginx steps.

Run the following command on your masternode to get the enodeId

/usr/sbin/geth-akroma attach --datadir /home/akroma/.akroma/ --exec "admin.nodeInfo.id"

Configure Nginx

$ apt-get install nginx

Replace /etc/nginx/sites-available/default with the the following. I am sure there is a better way to configure nginx that will be made part of the installer.

Replace NODEID with the ID of the node you just created in the Akroma portal.

Replace DATA with the transaction data used for verification.

server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _ NODEID.remote.akroma.io;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:8545/;
proxy_redirect http://localhost:8545/ https://$server_name/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
location /client {
proxy_pass http://localhost:8545/;
proxy_redirect http://localhost:8545/ https://$server_name/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Content-Type "application/json";
proxy_set_body '{"jsonrpc":"2.0","method":"web3_clientVersion","params":[],"id":NODEID}';
proxy_method POST;
}
}
server {
listen 80;
listen [::]:80;
server_name remote.akroma.io;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:8545/;
proxy_redirect http://localhost:8545/ https://$server_name/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
location /validate {
return 200 NODEID.DATA;
add_header Content-Type text/plain;
}
}
$ systemctl restart nginx
$ systemctl status nginx

Verify your masternode is responding to requests: curl http://ip.address/client

Now that your masternode is responding to requests; it will be validated in the portal and you won't get failing health checks, but setup is not complete.

Configure Domains

The next step is to create 2 DNS records and SSL certs for those records.

If you are using a firewall, ports 80 and 443 must be open for remote masternode verification.

Install CertBot

$ add-apt-repository ppa:certbot/certbot
$ apt-get update
$ apt-get install python-certbot-nginx

Request a SSL Cert for NODEID.remote.akroma.io and remote.akroma.io

$ certbot --installer nginx --manual --preferred-challenges dns -d remote.akroma.io -d NODEID.remote.akroma.io

Remember to change NODEID to your nodes ID.

You will see the following output, record the value. You will go back to the Akroma portal and edit your masternode to enter that value.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name
_acme-challenge.3104.remote.akroma.io with the following value:
FmixxxxxxxxxxxxRzdbC1llE0 <--- DNS Verification
Before continuing, verify the record is deployed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name
_acme-challenge.remote.akroma.io with the following value:
P6Ixxxxxxxxxx-TOQMOXvutTljsf4RmktsA <--- DNS Remote Verification
Before continuing, verify the record is deployed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue <--- DO NOT CONTINUE UNTIL YOU UPDATE YOUR NODE IN THE PORTAL

Update Masternode in Akroma Portal

From the Akroma portal, edit your masternode and enter the verification codes you got from running CertBot.

After you update your masternode with the verification code; Akroma will update the required DNS settings and your masternode will be updated to a "pending-complete" status.

Complete verification

Seriously, make sure there is a DNS record before moving forward.....

You can check the DNS records here using this tool

On your masternode, once you verify the DNS records have been created:

Press Enter to Continue
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):
YOU MUST SELECT SELECT 1

Select 1 - no redirect.

Your server should respond to both https://nodeid.remote.akroma.io and https://remote.akroma.io

Masternode Registration

Follow the same steps outlined at https://docs.akroma.io/masternodes/operating-systems/installation-on-linux#masternode-registration

Chill.

Akroma will verify the SSL configuration in the next 24 hours and then add your masternode to the gateway `remote.akroma.io`.

Your masternode is ready to start providing remote rpc services to light clients, mobile apps, desktop apps, the chrome extension. Your masternode is now part of the fabric of Akroma.

FAQ

Why are 2 domains required?

nodeid.remote.akroma.io is used to monitor the health of your masternode. remote.akroma.io is the address clients connect to. Clients connect to randomized masternodes.

Health Checks

Health checks are handled at the gateway level. Akroma makes a request for masternodes from the gateway to determine all the masternodes health at once.