[How to] Setup a Codius Host Step by Step

 

 

Please consider to support Projects like Let’s Encrypt – Codius – Developers on GitHub with a Donation

 

Requirements

 

• CentOS / Ubuntu / Debian + x86-64 architecture with ARM and Virtulization supported
• Admin Rights (Root access)
• min 1GB RAM (each contract will use at least 512Mb)

• An XRP Wallet like one on Gatehub (in the Future other Wallets will be added) + Secret
• a Top Level Domain or Sub-Domain with the permission to publish your own DNS Records
• Static Public IPv4 or IPv6 Adress

 

---

 

Automatic Workaround

 

At this moment the Community of Codius is growing and some Unix Heads already wrote a automatic deployment Script for Codius Hosts. Its quite simple and illiminates some common Problems if you are not into Administrator/Developer stuff.

 

GitHub https://github.com/xrp-community/codius-install

• start with the common stuff

sudo passwd 
su 
yum update

• install wget

yum install wget

• pull the Codius-Install Script from Github

wget https://raw.githubusercontent.com/xrp-community/codius-install/master/codius-install.sh -O codius-install.sh && bash codius-install.sh

• and just follow the Prompts
• If you need to update or Troubleshoot your Codius Host – just run the script again.

 

---

Step by Step Configuration

 

In my Tutorial i use my free Margin of Computing Power from my Google Cloud Account.

• First of all we create a new Instance -> Name, Region, Machine Typ, OS, Allow Https, assign a Static IP.

 

• Connecting via SSH to the remote Host

• change the password, user and update the maschine, install a text editor if you dont want to use Vi

sudo passwd
su
yum update
yum install nano

• change the name of your host like your DNS record later (Hostname+Domain)

hostnamectl set-hostname howtocodius.drkomtur.de

• install Hyperd and the service will be linked automaticly

yum install -y gcc-c++ make
curl -sSl https://codius.s3.amazonaws.com/hyper-bootstrap.sh | bash

• install Moneyd
• (Take sure you install the latest version)

curl --silent --location https://rpm.nodesource.com/setup_10.x | bash -
yum install -y nodejs yum install -y https://codius.s3.amazonaws.com/moneyd-xrp-4.0.1-1.x86_64.rpm

• set connection to your Wallet (prompt for secret) you can find it here:

• start moneyd service

moneyd xrp:configure  systemctl start moneyd-xrp

• install Codiusd and configure codiusd.service

yum install -y git
npm install -g codiusd --unsafe-perm
nano /etc/systemd/system/codiusd.service

• copy the configuration in the open Texteditor (take sure u change the Hostname)

[Unit]
Description=Codiusd
After=network.target nss-lookup.target
[Service]
ExecStart=/usr/bin/npm start
Environment="DEBUG=*"
Environment="CODIUS_PUBLIC_URI=https://howtocodius.drkomtur.de"
Environment="CODIUS_XRP_PER_MONTH=10"
Environment="CODIUS_MAX_MEMORY_FRACTION=0.97"
Environment="CODIUS_ADDITIONAL_HOST_INFO=true"
WorkingDirectory=/usr/lib/node_modules/codiusd
Restart=always
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=codiusd
User=root
Group=root
[Install]
WantedBy=multi-user.target

• start Codiusd

systemctl enable codiusd
systemctl start codiusd

• create two A records via your DNS Provider (take sure you point on the public ip of your host)

• now we need a public trusted HTTPS Certificate which we are able to get for free via Let’s Encrypt

yum install -y git
git clone https://github.com/certbot/certbot
cd certbot
git checkout v0.23.0
./certbot-auto -n --os-packages-only
./tools/venv.sh
ln -s `pwd`/venv/bin/certbot /usr/local/bin/certbot

• to start the Request execute this

certbot -d `uname -n` -d *.`uname -n` --manual --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory certonly

• you need to confirm all prompts
• Certbot will ask you to add two Text Records on your domain, they should look like this:

• install nginx and configure it

yum install -y epel-release yum install -y nginx
systemctl enable nginx
echo 'return 301 https://$host$request_uri;' > /etc/nginx/default.d/ssl-redirect.conf
openssl dhparam -out /etc/nginx/dhparam.pem 2048
nano /etc/nginx/conf.d/codius.conf

• copy this into the file (take sure you set the correct Hostname)

map $http_upgrade $connection_upgrade {
  default upgrade;
  '' $http_connection;
}

server {
listen 443 ssl;

ssl_certificate /etc/letsencrypt/live/howtocodius.drkomtur.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/howtocodius.drkomtur.de/privkey.pem;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;

resolver 1.1.1.1 1.0.0.1 valid=300s;
resolver_timeout 5s;

add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

location / {
    proxy_pass http://127.0.0.1:3000;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_buffering off;
  }
}

• set a acception for nginx and start nginx

setsebool -P httpd_can_network_connect 1
systemctl start nginx

• open your firewall to allow communication via 443

firewall-cmd --zone=public --add-port=443/tcp --permanent

 

---

 

Tests

• Follow your Hosts and stats at codiushosts.com

 

• Check the version and info URL

https://codius01.drkomtur.de/version
https://codius01.drkomtur.de/info

• Status Moneyd

systemctl status moneyd-xrp

• Status Codiusd

systemctl status codiusd

• Status Hyperd

systemctl status hyperd

• Status PODs (when you run a contract)

hyperctl list

• check the firewall listening to the need ports
• 7768/Moneyd – 3000/Codiusd – 443/Nginx

netstat -tulpn

 

---

Troubleshooting

 

• Test uploading a Contract to your Host https://upload.host1.codius.live/
• if all working fine it should look like this:

Successfully Uploaded Pods:

{
URL: https://l2xvchk27rbrnh3mc3y4p3iaeoonjzur2u24qxuod2iaqd5mlioa.howtocodius.drkomtur.de/,
Manifest Hash: l2xvchk27rbrnh3mc3y4p3iaeoonjzur2u24qxuod2iaqd5mlioa,
Host: https://howtocodius.drkomtur.de,
Expiry: 2018-07-18T06:15:50.626Z,
Expiration Date: 07-18-2018 6:15:50 +0000,
Expires: in 5 minutes,
Price Paid: 1142,
}

Common Fails

• Request Failed

        systemctl stop hyperd
	rm -rf /var/lib/hyper/containers/*
	rm -rf /var/lib/hyper/hosts/*
	systemctl start hyperd

• 504 Gateway Timeout

        systemctl restart hyperd
	systemctl restart moneyd-xrp
	systemctl restart codiusd

• 404 Page not Found when browsing to contract URL

your wildcard entry is missing "*.howtocodius.drkomtur.de"

• 502 Internal Server Error

 systemctl restart hyperd

• Route Control Message Was Rejected

seems like moneyd is outdated you should update moneyd 
npm upgrade -g moneyd-uplink-xrp

• Code: F02, message: failed to send packet: no clients connected

moneyd:cleanup

and setup a new payment channel (explained on the Troubleshooting Site from "Codius at Github"

Create New channels
rm /root/.moneyd.json
moneyd xrp:configure
systemctl start moneyd-xrp 

---

You need assistance or got some questions? Just send me a mail via my Contact Form