How to Deploy an IPFS Node on Digital Ocean

An IPFS Tutorial

There are plenty of easy options out there for accessing an IPFS node in the cloud. However, some of you working on your dapps may want to host your own node in the cloud but don’t know where to start. I wrote this guide on how to deploy an IPFS node on Digital Ocean so you don’t have to go through the undocumented struggles I did. This guide will cover the following:

Setting up a Digital Ocean account Creating a droplet Securing your droplet Installing GoLang / IPFS / IPFS-Update Setting up a service to keep the IPFS daemon online at all times

Step One — Sign Up

If you don’t have an account, help a dude out and use this referral link. My project is still self-funded so if you can help keep my hosting bill down, it’s much appreciated :)

Upon signing up, you’ll be taken to a landing page for your project that looks like this:

First Project Page

Step Two — Creating a droplet

Droplets are the name Digital Ocean uses for its virtual machines. You’ll be creating one for the purposes of this tutorial. Go ahead and click “Get Started with a Droplet” to be taken to the droplet creation page.

This guide will use the following options for your droplet:

Distribution and specs

I’m using the least expensive specifications here. Feel free to choose a faster option if you’d like.

Backups

Backups are optional. If you want to backup your node, feel free to do so.

Block Storage

To keep this tutorial simple, you won’t be enabling block storage. If you’re building a larger application you may eventually outgrow the 25GB SSD that’s provided with the base droplet. You can always upgrade your droplet to other options as your node starts to receive more traffic. However, eventually you’ll likely reach a point where you don’t need a faster machine, you just need more storage.

This is where block storage shines. Utilizing block storage as your main storage option for IPFS in your droplet allows you to periodically increase your data storage capabilities without needing to increase your general machine specs. I’ll be writing a guide on how to utilize block storage for your IPFS node in the near future. For now, you can read about block storage here.

Datacenter Region

Choose whichever datacenter you’d like. For quick access during this tutorial, choose the one that’s closest to you.

Additional Options

The two options I select here are “IPv6” and “Monitoring”. I chose “IPv6” because IPFS performs better with IPv6 enabled. I chose “Monitoring” because it’s free and I like to see how my Droplet is doing from time to time.

Adding an SSH Key

While this is technically optional, I would highly recommend utilizing an SSH key. I will be utilizing one for this tutorial. If you have an SSH key already, add it here. If not, I would recommend reading through this documentation on how to create one. It’s something you won’t regret learning.

Finalization

Once you have all your settings in place, name your droplet (or use the one provided), and click “Create”. Your droplet should start the creation process. Once finished, you should see something like this:

(FYI, I may sometimes include things such as IP addresses in this guide to make it easier to follow, but the node will have been deleted upon guide publication)

Step Three — Updating the new droplet

First, you’ll need to connect your droplet to start setting things up. You can do this by entering the following in your local machine’s console.

ssh root@your_droplet_ip

You should be greeted with some fun messages saying that you have a few packages you can update. Let’s do that right now.

apt-get update

apt-get upgrade

apt-get dist-upgrade

apt autoremove

A reboot may or may not be necessary after updating your droplet:

shutdown -r 0

(You’ll be disconnected from the SSH connection to your droplet when your droplet restarts)

Step Four — Setting up your non-root user (Optional)

This step is optional but highly recommended. Setting up and utilizing a non-root user for interacting with a linux instance is much safer than utilizing the root user. I’ve included this in my guide because I want you to have the knowledge to set up a more secure node if desired.

SSH back into your Droplet as root:

ssh root@your_droplet_ip

Create a new user:

For this example, let’s use my name as the new non-root user.

adduser matt

Enter in a new password for your user. You can leave the rest of the information blank by hitting enter.

Give your user root privileges

Running the following command allows you to execute root commands on your new user by adding “sudo” before your commands.

usermod -aG sudo matt

Enable your SSH key for your new non-root user

Still have your public SSH key from before? Great. Temporarily switch over to your new user.

su - matt

Create a new directory called .ssh and restrict permissions for it

mkdir ~/.ssh

chmod 700 ~/.ssh

Open a file in your new directory called “authorized_keys”

nano ~/.ssh/authorized_keys

Copy and paste your public ssh key from earlier into this file and then hit CTRL+x to exit the file. Hit y to save the changes and then ENTER to confirm.

Restrict the permissions of your new file

chmod 600 ~/.ssh/authorized_keys

Exit your SSH instance

Exit the instance for both SSH users by typing this command TWICE

exit

Try logging into your new user via SSH

ssh matt@your_droplet_ip

You should now be connected to your droplet as your new non-root user.

Step Five — Secure your machine

You’ll want to set up some security on your machine. This will help keep the bad guys away.

Go to the “networking menu” of your node

Click on “Manage Firewalls”

Click on “Create Firewall”

My firewall looks like this:

A brief description of the inbound ports you’ve opened:

TCP 22 — This is so you can SSH into your Droplet

TCP 4001 — This is the primary port that your IPFS node will use to communicate to other IPFS nodes

Optional ports you can enable depending on your needs:

TCP 5001 — This port can be opened up if you want to access your IPFS node API remotely. Disclaimer! If you do this, the entire world can access your IPFS node unless you add further safety features such as restricting which external IP addresses can access port 5001.

TCP 8080 — This is needed if you want to run your node as a gateway node. IPFS gateways are essentially web interfaces where users who aren’t running their own IPFS node can go and retrieve content from. So, people could retrieve content without running a node by visiting:

“your_droplet_ip_address:8080/ipfs/hashOfTheContent”

For example, you can retrieve an image of my dog without running a node through your public gateway: Photo of Winston

If you want to learn more about how to set up public gateways using your own custom domain, Carson Farmer from Textile has a great guide on setting up your own gateway node with NGINX that I would highly recommend.

TCP 8081 — This is needed if you want to run pubsub capabilities on your node. You can read more about pubsub functionality here.

Outbound rules:

You shouldn’t really care about what’s leaving your node so feel free to keep this open as shown.

Step Six— Installing GoLang

GoLang is needed for running IPFS.

Install GoLang

(At the time of this guide, the current version of GoLang is 1.12.5. You may want to replace the version of GoLang if a newer version becomes available)

Extract GoLang to /usr/local

sudo tar -C /usr/local -xzf go1.12.5.linux-amd64.tar.gz

Open up your .profile

nano ~/.profile

Add these lines to the bottom of the file

export PATH=$PATH:/usr/local/go/bin

export GOPATH="$HOME/go"

PATH="$GOPATH/bin:$PATH"

OPTIONAL

If you’d like to define a specific path for IPFS instead of the default ~/.ipfs path, please include the following line at the end of the file:

export IPFS_PATH=/your/custom/path

Exit with CTRL+x, save with y, and hit ENTER to confirm.

Reload your profile

source ~/.profile

Check that your installation was successful

go version

You should be greeted with something like: “go version go1.12.1 linux/amd64”. If you received this message, congrats! GoLang was successfully installed.

Step Seven — Installing IPFS

Install ipfs-update

First, you’ll want to install ipfs-update. This handy package allows you to easily update your ipfs client whenever there are new updates without having to go through a bunch of manual upgrade headaches.

go get -u github.com/ipfs/ipfs-update

Once this is complete, go ahead and run this command:

ipfs-update versions

Take note of whatever version is the latest and run something like this:

ipfs-update install v0.4.19

You should receive a message that says “Installation complete!”

Now run:

ipfs init --profile server

You should receive a message that looks something like this:

If you’re seeing this, congrats! You’ve successfully installed IPFS on your droplet!

Last thing for this section. Since your droplet has 25GB in storage, you might as well use it. Let’s increase your IPFS repo size from the default 10GB to 20GB.

ipfs config Datastore.StorageMax 20GB

Step Eight — Making sure IPFS is running all the time.

At this point you can run:

ipfs daemon

Your IPFS node will now be officially running.

However, if you exit your SSH session with the droplet, IPFS will shut down.

You can fix this by creating an ubuntu systemd service to keep things running.

sudo nano /etc/systemd/system/ipfs.service

Enter the following code into your editor.

*Note* — If you chose a custom path for IPFS in Step Six, you’ll want to use that in the environment instead of the default IPFS path.

[Unit] Description=IPFS Daemon [Service] Type=simple ExecStart=/home/matt/go/bin/ipfs daemon --enable-gc Group=matt Restart=always Environment="IPFS_PATH=/home/matt/.ipfs" [Install] WantedBy=multi-user.target

Save your new file by hitting CTRL+x, y, and then confirming by hitting ENTER.

Run these lines in the terminal to enable your new service:

sudo systemctl daemon-reload

sudo systemctl enable ipfs

sudo systemctl start ipfs

Check and see if this worked by running:

sudo systemctl status ipfs

You should see something like this:

Reboot your machine as one final test that everything worked:

sudo shutdown -r 0

Once the reboot is complete, SSH back into your droplet and run the following to see if you have an IPFS node up and running:

ipfs swarm peers

You should see a few peers your node is connected to. This list will grow the longer your node is online!

Conclusion

You now have an IPFS node up and running on Digital Ocean! Hopefully this guide was helpful. If you have any questions about this tutorial or IPFS in general, please reach out!

Twitter: https://twitter.com/MattOber1

Email: matt@pinata.cloud