Login with SSH into the VPS and we’re ready for the second step.

All the following steps are intended to be run as root

sudo -i

And set up a 1GB swap partition to avoid the kernel killing processes ifout of memory:

sudo /bin/dd if=/dev/zero of=/var/swap.1 bs=1M count=1024

sudo /sbin/mkswap /var/swap.1

sudo chmod 600 /var/swap.1

sudo /sbin/swapon /var/swap.1

Docker

To have a quick setup we’re going to use Docker. On my dockerhub’s account, it’s already available the set of containers used in this guide.

First, install docker-ce on the VPS. Here is the documentation but, TLDR:

apt-get update apt-get install \

apt-transport-https \

ca-certificates \

curl \

gnupg-agent \

software-properties-common curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - apt-key fingerprint 0EBFCD88 add-apt-repository \

"deb [arch=amd64] https://download.docker.com/linux/ubuntu \

$(lsb_release -cs) \

stable" apt-get update apt-get install docker-ce docker-ce-cli containerd.io

After doing that, you should be able to run Docker.

Download the containers from dockerhub

docker pull gdassori/spruned

docker pull gdassori/btc-rpc-explorer

I’ve built my own btc-rpc-explorer image with an increased timeout, at the time of writing I opened an issue to janoside to avoid that.

root@ip-172-31-26-222:/home/ubuntu# docker image ls

REPOSITORY TAG IMAGE ID CREATED SIZE

gdassori/spruned latest 0dc85f9e742d 3 hours ago 564MB

gdassori/btc-rpc-explorer latest 73f6a5555133 4 days ago 955MB

root@ip-172-31-26-222:/home/ubuntu#

Since we use docker, we can avoid messing with all the projects dependencies (python3.7, leveldb, nodejs and so on), and we just have to run the containers with the proper settings.

Run spruned

docker run -d -p=8332:8332 --mount=source=data,target=/root/.spruned gdassori/spruned:latest --mempool-size 50 --cache-size 2000 --keep-blocks 500 --rpcuser rpcuser --rpcpassword rpcpassword

Those parameters for spruned will open the 8332 RPC port, persist the data on

/var/lib/docker/volumes/data/_data/

while keeping a large 2GB FIFO cache, the latest 500 blocks, and a 50megabytes mempool.

When spruned is up, we should see the listening port

root@ip-172-31-26-222:~# netstat -tapn |grep docker-proxy

tcp6 0 0 :::8332 :::* LISTEN 15624/docker-proxy

And of course we can use bitcoin-cli to check the daemon status!

Install bitcoin-cli:

cd /tmp wget https://bitcoincore.org/bin/bitcoin-core-0.17.1/bitcoin-0.17.1-x86_64-linux-gnu.tar.gz tar xvfz bitcoin-0.17.1-x86_64-linux-gnu.tar.gz cp bitcoin-0.17.1/bin/bitcoin-cli /usr/local/bin/ rm -rf bitcoin-0.17.1*

Configure bitcoin-cli according to spruned settings:

As with a bitcoin full node, you need to do the following step for both root and your instance user, if you wish to use it from the default “ubuntu” account.

For root:

mkdir /root/.bitcoin echo -e "rpcuser=rpcuser

rpcpassword=rpcpassword" >/root/.bitcoin/bitcoin.conf

At this point, you should be able to do that:

Congratulations!

You have spruned bitcoin full node emulator up, running and syncing.

To do the same for the ubuntu user (so the next time you’ll log in into the AWS instance you will not have to become root):

cp /root/.bitcoin /home/ubuntu -R

chown ubuntu:ubuntu /home/ubuntu/.bitcoin -R

Here, then, we leave the root just for a bit, check the API help and go back into the root account:

We now have the Bitcoin Core API RPC interface as needed by btc-rpc-explorer, and we can run the frontend.

That’s the spruned’s magic :-)

Run btc-rpc-explorer

With Docker, to run btc-rpc-explorer is easy as we did with spruned, let’s see:

docker run -p 3002:3002 -e BTCEXP_BITCOIND_URI='bitcoin://rpcuser:rpcpassword@172.31.26.222:8332' -dt gdassori/btc-rpc-explorer

You have to change the IP address here, obviously, 172.32.26.222 won’t fit your needs:

You should be able to see the IP in the shell prompt.

To ensure, use ifconfig.

The eth0 IP is your own.

Again, if everything was smooth, we can see that docker-proxy is listening on another port:

Nice! We have the btc-rpc-explorer up and running. But if we did our homework with the security group, we shouldn’t be able to connect to it from the outside world.

Setup a free Dynamic DNS service

We are going to use the free service FreeDNS by Josh to do that.

Setup an account on https://www.afraid.org (Josh have many aliases, but this is my favorite since the 90s when I had my first authoritative DNS on a 33.6kbps dialup :-) )

You can select many free domains from FreeDNS (I guess more than 10 thousands of public domains) but the most reliable are strangled.net and mooo.com, owned by FreeDNS itself.

Once logged in, set up an A record on the subdomains section:

We could set the IP of the AWS instance here, but we chose to set 127.0.0.1 as the A record destination because we want to ensure the next steps we’re going to deploy are working properly (auto update).

Once the record is saved, go to the “Dynamic DNS” section of the FreeDNS website.

Open the “quick cron example”

Copy the last two lines, something similar, according to your hostname and API keys

PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin 1,6,11,16,21,26,31,36,41,46,51,56 * * * * sleep 29 ; wget -O - http://freedns.afraid.org/dynamic/update.php?VlqKQ01gaDddYU93RVaxaG9tOVY6MTgxNTc5NjI= >> /tmp/freedns_your-explorer_mooo_com.log 2>&1 &

Go back to the AWS shell and hit the command

crontab -e

For your convenience select the option 1 “nano”, to edit the crontab, unless you know what you are doing.

Paste the crontab entry you already have in the clipboard, at the end of file, then hit:

Ctrl+o to save the file

Ctrl+x to quit nano editor

In the console, you should see:

root@ip-172-31-26-222:~# crontab -e

crontab: installing new crontab

root@ip-172-31-26-222:~#

Nice! It’s just a matter of time before the crontab will run the update script, and after 5–10 minutes at most, you should be able to see something similar, using the “host” command, which resolves hostnames to IPs.

root@ip-172–31–26–222:~# host your-explorer.mooo.co.

your-explorer.mooo.com has address 52.122.153.64 root@ip-172–31–26–222:~#

If you still see 127.0.0.1 something is going wrong, you can wait a bit more, but you can also check the logs in the /tmp folder.

cat /tmp/freedns_your-explorer_mooo_com.log

Will show why the update is not working. We assume it will work, anyway :-)

First steps recap

We have set up a free AWS machine

We installed docker

We installed the spruned and btc-rpc-explorer containers, they are both up and running

We configured a Dynamic DNS entry, so we will be able to reach the AWS container even if Amazon changes the IP (with free tier stuff this could happen, AFAIK).

We are just a couple of steps behind having our btc-rpc-explorer up & running with spruned.

Nginx with free SSL certificate

Install nginx:

apt-get install nginx

And certbot:

sudo apt-get install software-properties-common

sudo add-apt-repository universe

sudo add-apt-repository ppa:certbot/certbot

sudo apt-get update

sudo apt-get install certbot python-certbot-nginx

Edit the Nginx default config file named

/etc/nginx/sites-enabled/default

And paste the following data (change the server_name according to your)

server { server_name your-explorer.mooo.com;

proxy_pass

} location / {proxy_pass http://localhost:3002/ listen 80;

listen [::]:80; }

Then, run certbot to configure the SSL:

certbot --nginx

Once done, the Nginx config file should have changed, and should be like the following:

server {

server_name your-explorer.mooo.com;

proxy_pass

} location / {proxy_pass http://localhost:3002/ listen [::]:443 ssl ipv6only=on; # managed by Certbot

listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/your-explorer.mooo.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/your-explorer.mooo.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

server {

if ($host = your-explorer.mooo.com) {

return 301

} # managed by Certbot server {if ($host = your-explorer.mooo.com) {return 301 https://$host$request_uri } # managed by Certbot listen 80;

listen [::]:80; server_name your-explorer.mooo.com;

return 404; # managed by Certbot

}

Well, we are done, and Nginx is up and running, working as a reverse proxy for the btc-rpc-explorer app.

The last thing to do is just open the browser and try it: