@ -23,7 +23,9 @@ Install your preferred distro. In this example I am using a VPS running Ubuntu 2
1. Enable nginx thru your firewall and open port 443 (HTTPS). Look up more info on ufw if needed.
```
$ ufw help
$ sudo ufw status
$ sudo ufw allow 443
```
##### Setup Hushd
@ -32,6 +34,13 @@ Install your preferred distro. In this example I am using a VPS running Ubuntu 2
1. Start a screen session and change to user hush with ```sudo -u hush -s```.
1. Open hushd port in the firewall.
```
$ sudo ufw allow 18030
$ sudo ufw status
```
1. Run hushd at the command line. You should see a bunch of text scrolling.
1. Then check if the Hush blockchain is downloading by noticing if the blockchain directory is increasing.
@ -40,7 +49,7 @@ Install your preferred distro. In this example I am using a VPS running Ubuntu 2
$ du -h ~/.komodo/HUSH3/blocks/
```
1. The blockchain download will take some time, so open another terminal (or screen) and continue to install Lightwalletd.
1. The blockchain download will take some time, so feel free to take a break and wait or open another terminal (or GNU screen) and continue to install Hush lightwalletd.
##### Setup Lightwalletd
@ -50,9 +59,23 @@ Install your preferred distro. In this example I am using a VPS running Ubuntu 2
$ git clone https://git.hush.is/hush/lightwalletd
```
1. Get a TLS certificate. If you running a public-facing server, the easiest way to obtain a certificate is to use a NGINX reverse proxy and get a Let's Encrypt certificate. Since we're using Ubuntu here **I SUGGEST YOU DO NOT USE SNAPD** and just ```sudo apt install certbot``` and then start on [Step 7 of these instructions by the EFF](https://certbot.eff.org/instructions).
1. Install these packages for certbot
```
$ sudo apt install certbot python3-certbot-nginx
```
1. Get a TLS certificate. If you running a public-facing server, the easiest way to obtain a certificate is to use a NGINX reverse proxy and get a Let's Encrypt certificate. Since we're using Ubuntu here **I SUGGEST YOU DO NOT USE SNAPD** and just ```sudo apt install certbot``` and then start on [Step 7 of these instructions by the EFF](https://certbot.eff.org/instructions) and most users would run the following command and follow the prompts:
```
$ sudo certbot --nginx
```
1. Open up your web browser and see that the https template site is working before moving forward. It will appear with the lock icon in your web browser and you can click on it and see that it is valid certificate in your web browser.
1. Make a backup of the nginx's default file located under /etc/nginx/sites-available/default.
1. Create a new section for the NGINX reverse proxy and change port 443 to something else if needed:
1. Modify the above default file to contain only the following (if not using 443, then change that to which port you are using too):
```
server {
@ -75,19 +98,46 @@ Install your preferred distro. In this example I am using a VPS running Ubuntu 2
You might also need these [20.04 specific instructions to setup your tls certificate with Nginx](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04)
1. Run the lightwalletd frontend with the following:
1. Restart nginx to enable the new configuration.
```
$ sudo systemctl restart nginx.service
```
1. Open lightwalletd port in the firewall.
```
$ sudo ufw allow 9067
$ sudo ufw status
```
1. Run the lightwalletd frontend with the following and your server's hostname:
```
$ sudo go run cmd/server/main.go -bind-addr your_host.net:9067 -conf-file ~/.komodo/HUSH3/HUSH3.conf -no-tls
```
Note: Above we use the "-no-tls" option as we are using NGINX as a reverse proxy and letting it handle the TLS authentication.
Note: Above we use the "-no-tls" option as we are using NGINX as a reverse proxy and letting it handle the TLS authentication for us.
Note: You can configure lightwalletd to handle its own TLS authentication, but you will have to consult the [lightwalletd documentation](https://git.hush.is/hush/lightwalletd) for that setup.
Note: You can configure lightwalletd to handle its own TLS authentication, but you will have to consult the lightwalletd documentation for that setup.
1. It will first begin downloading golang dependencies. After that is complete then you should start seeing the frontend ingest and cache the Hush blocks after ~15 seconds. Success!
1. You should start seeing the frontend ingest and cache the Hush blocks after ~15 seconds. Success!
##### Testing your SDL server
###### Option 1: Point the SilentDragonLite GUI Desktop wallet to this server
1. Download and install the [SilentDragonLite (SDL) wallet](sdl.md).
1. After opening the SDL wallet, go into the Edit -> Settings toolbar.
1. Enter your https://your_host.net into the Lightwallet Server field.
1. Close SDL and then re-open it.
1. Success!
##### Point the `silentdragonlite-cli` to this server
###### Option 2: Point the command line `silentdragonlite-cli` to this server
1. Ubuntu only has version 1.43.0 or Rustc, so we want to install a newer version. I used the defaults in the script.
@ -102,7 +152,6 @@ Install your preferred distro. In this example I am using a VPS running Ubuntu 2
