This repository contains a set of scripts to automate the installation and configuration of a DIG Node with an Nginx reverse proxy, SSL certificates using Let's Encrypt, and other necessary components. The scripts are designed to work across major Linux distributions and handle specific environments like Amazon EC2 instances.
- Overview
- Features
- Prerequisites
- Directory Structure
- Installation
- Usage
- Script Descriptions
- Special Considerations
- License
The DIG Node Setup Script automates the process of setting up a DIG Node, including:
- Installing necessary software dependencies.
- Configuring Docker and Docker Compose.
- Setting up Nginx as a reverse proxy.
- Generating SSL certificates using Let's Encrypt.
- Configuring automatic SSL certificate renewal.
- Creating a systemd service for managing the DIG Node.
- Cross-Distribution Compatibility: Works on major Linux distributions (Ubuntu, Debian, CentOS, Fedora, Amazon Linux 2, Arch Linux, openSUSE).
- Modular Design: The script is broken into reusable components for easy maintenance and customization.
- SSL Support: Integrates Let's Encrypt for obtaining and renewing SSL certificates.
- UPnP Port Forwarding: Attempts to automatically open required ports using UPnP (if not on Amazon EC2).
- Amazon EC2 Detection: Automatically detects if running on an EC2 instance and adjusts behavior accordingly.
- User Prompts: Interactive prompts guide the user through the setup process.
Before running the setup script, ensure that the following software is installed on your system:
- Docker
- Docker Compose
- OpenSSL
- Certbot (for Let's Encrypt SSL certificates)
- miniupnpc (only if not running on Amazon EC2 and you wish to use UPnP for port forwarding)
Note: The script checks for these dependencies and will exit if any are missing, prompting you to install them manually.
The repository should have the following structure:
install.sh
lib/
├── ask_include_nginx.sh
├── check_root.sh
├── check_software.sh
├── colors.sh
├── collect_user_inputs.sh
├── create_docker_compose.sh
├── create_systemd_service.sh
├── detect_distro.sh
├── detect_ec2.sh
├── docker_compose_setup.sh
├── docker_group.sh
├── generate_credentials.sh
├── nginx_setup.sh
├── open_ports.sh
├── open_ports_upnp.sh
├── pull_docker_images.sh
├── stop_existing_service.sh
ssl/
└── ca/
├── chia_ca.crt
└── chia_ca.key
-
Clone the Repository
git clone https://github.com/DIG-Network/chia-dig-node.git cd chia-dig-node -
Ensure Executable Permissions
chmod +x install.sh chmod +x lib/*.sh -
Prepare SSL CA Files
- Place your
chia_ca.crtandchia_ca.keyfiles in the./ssl/ca/directory.
- Place your
Run the main setup script as the root user:
sudo ./install.shThe script will guide you through the setup process with interactive prompts.
The primary script that orchestrates the setup process by calling functions from the scripts in the lib/ directory.
Defines color codes for output formatting.
Ensures the script is run as the root user.
Detects the Linux distribution and sets variables accordingly.
Checks if the script is running on an Amazon EC2 instance.
Verifies that all required software dependencies are installed. Exits if any are missing.
Ensures the current user is in the Docker group to run Docker commands without sudo.
Stops any existing DIG Node service to prevent conflicts.
Generates high-entropy DIG_USERNAME and DIG_PASSWORD.
Prompts the user for additional configuration options, such as:
- Trusted full node IP
- Public IP override
- Enabling Mercenary Mode
- Disk space limit
Asks the user if they wish to include the Nginx reverse-proxy container.
Opens the required ports using the appropriate firewall management tool (ufw or firewalld).
Attempts to automatically open required ports on the router using UPnP. Skipped on Amazon EC2 instances.
Generates the docker-compose.yml file based on user inputs.
Sets up Nginx as a reverse proxy, generates SSL client certificates, and integrates Let's Encrypt SSL certificates if a hostname is provided.
Pulls the latest Docker images for the DIG Node services.
Creates and enables a systemd service to manage the DIG Node using docker-compose.
-
UPnP Port Forwarding: The script detects if it's running on an Amazon EC2 instance and skips the UPnP port forwarding step, as UPnP is not supported on EC2.
-
Security Groups: Ensure that your AWS Security Groups are configured to allow inbound traffic on the required ports:
- SSH: 22
- HTTP: 80 (if using Nginx)
- HTTPS: 443 (if using Nginx)
- DIG Node Ports: 4159, 4160, 4161
-
Public IP Configuration: When prompted for the public IP, you may need to provide the Elastic IP associated with your EC2 instance.
This project is licensed under the MIT License. See the LICENSE file for details.
-
Missing Software Dependencies: If the script exits due to missing software, install the required packages using your distribution's package manager.
-
Docker Group Changes: If you are added to the Docker group during the setup, you may need to log out and log back in for the changes to take effect.
-
SSL Certificate Issues: Ensure that your domain name is correctly pointed to your server's public IP and that ports 80 and 443 are accessible from the internet before attempting to obtain Let's Encrypt SSL certificates.
Contributions are welcome! Please submit pull requests or open issues for any bugs or feature requests.
For questions or support, please contact @digdotnet.
Disclaimer: This script is provided as-is without any warranty. Use it at your own risk. Always review scripts and understand their functionality before executing them on your system.