Once you have a secure Linux server prepared, you can set up a Zen Node. See Build a ZenCash Secure Node – Part 1 – Prepare the VPS if you still need to prepare your server.
This part covers building the Zen node and getting an SSL certificate, as well as some other tasks to make the node and certificate usable. These steps will be necessary in order to run a Zen Secure Node.
Part 3 (still to be published) will finish this series and will be published after the Zen developers update the software for Secure Node functionality.
Build the Zen Node
Open your browser at the Zen Node Github page, copy the link for Clone or Download
Login to your VPS. If it has been a few days, update it using the upgrade script you created before:
Create a directory, navigate to it, and clone the Zen repository
mkdir zencash cd zencash git clone https://github.com/ZencashOfficial/zen.git
Following the directions on the Github page, add the prerequisites for building the software:
sudo apt -y install build-essential pkg-config libc6-dev m4 g++-multilib autoconf libtool ncurses-dev unzip git python zlib1g-dev wget bsdmainutils automake
Continuing to follow the directions, build, get the proving key, then run the zend software. The compiling of the software will take a while. While it is doing this you can start getting the SSL certificate below.
cd zen ./zcutil/build.sh -j$(nproc)
When it is finished compiling, if it worked, it will look something like this:
Next, the Zen parameters need to be downloaded. Enter this command:
After that is complete, run the zen application.
It will start, stop, then give you a message that you need to create a zen.conf file. OK, let’s do that. Navigate to your root directory, then to the hidden .zen directory, and see what’s in it:
cd cd .zen ls
There’s nothing in it! That’s ok, there will be soon. Create a new file zen.conf
Then paste this into it. I STRONGLY recommend changing your username and address to something different. If you have a text only application on your PC or Mac, like textedit or notepad, paste it into the text only application first, change what you need, then copy and paste into the the zen.conf file:
addnode=zpool.blockoperations.com addnode=zennodes.network rpcuser=znodeuser rpcpassword=63Qa5VybvCTPppBpVmn8HpjrKgxqaaEAqfYVrHjk9WtBG738 rpcport=18231 rpcallowip=127.0.0.1 server=1 daemon=1 listen=1 txindex=1 logtimestamps=1
Now navigate back to the place where the zend file is located and run it and check its status:
cd ~/zencash/zen/src ./zend ./zen-cli getinfo
It should look like this. See the blocks? That needs to count up to over 110,000. You can use up arrow to repeat the command and keep checking on it if you want, or go on and do something else while it is updating.
Let’s make this a little more user friendly and automatic. We are going to copy the two main files we need to the user application directory, and make the zend application start when the server boots.
sudo cp zend /usr/bin/ sudo cp zen-cli /usr/bin/
Let’s go back to our user level crontab and make the zend application start on boot. There are fancier ways to do this, but this will be good enough for now.
Navigate to the bottom, and paste this:
If you really want to test this, you can reboot your server and see if the application starts on reboot. For right now, let’s do a partial test. Navigate to your base directory, check on the server, stop it, start it, then check on it. Do this slowly, not superfast, so the server has a little bit of time to stop and start back up again.
cd zen-cli getinfo zen-cli stop zend zen-cli getinfo
If you want to see what the current node height is, there are some Zen block explorers out there. I just check my Zen mining pool statistics at https://zpool.blockoperations.com/stats for the latest. Right now it looks like this:
What we have done so far is create a working Zen node that maintains the full set of transactions, and the index. It is also set up to accept RPC commands. It is not yet a Zen Secure Node. We need a few more things for that.
By the way, if you are concerned the blockchain is filling up your system storage, an easy way to check on disk usage is df -h. It shows you how much used and free space your entire system has.
If you want to see how much space the blockchain is taking up, run ncdu (we installed that in part one). Do this from your base user directory, navigate with arrow keys, and exit with q. The zen blockchain is stored in ~/.zen/blocks/
If the storage gets too full, you should probably upgrade your VPS to one that has more storage space.
Create an SSL certificate
For an SSL certificate, you need your own domain. I will use one of mine from Namecheap in the example but there are many other ways to do this.
Login to Namecheap, buy a domain, and go to your dashboard.
Choose the Advanced DNS option:
Add a New Record, and make it an A record:
Type in the hostname and the IP address of your VPS, then save the changes
Test the setup by going to your own computer and pinging the Fully Qualified Domain Name (FQDN) you just created:
It should work right away. I find changes take some time to propagate, but new records update over the internet quickly. Open a second ssh session to your VPS so you can do things in parallel with the compiling and downloading we are doing, and let’s get the certificate going.
Get a certificate and set up copying to user directory
We are going to use Letsencrypt free SSL certificate. It is also possible to buy a certificate and install it, but that’s kind of expensive, and not really necessary.
If your zen software is still compiling, login using a second terminal session. Just remember what you are doing in each session.
Make sure your firewall ports are open for http and https:
and that you don’t have a webserver running. There should be nothing listening on ports 80 and 443
We are going to use a handy little script called acme.sh (hat tip @robdebagel)
cd sudo apt install socat mkdir acme cd acme git clone https://github.com/Neilpang/acme.sh.git cd acme.sh ./acme.sh --install
Let’s create the certificate.
cd sudo .acme.sh/acme.sh --issue --standalone -d znode.blockoperations.io
Now let’s set up the system so the keys get renewed when they need to be.
sudo crontab -e
Put this info at the bottom of the crontab
6 0 * * * "/home/blockops/.acme.sh"/acme.sh --cron --home "/home/blockops/.acme.sh" > /dev/null
You now have a certificate ready to go, and the system will renew the cert with letsencrypt as necessary.
That’s it for part 2!
Part 3 will be the rest of the work to get a ZenCash secure node running. If you want to be part of the beta test, go to Build a ZenCash Secure Node Part 2.5 – Test TLS and SecNodeTracker
More Information on Block Operations