Set Up a Full Node
This guide covers how to set up an Edgeware node. There are two ways you can proceed:
    Setting up a private node, e.g. if you would like to run a validator
    Setting up a public node, e.g. if you want to run connect services or dapps to Edgeware
If you are running a private node, you will only need to follow steps 0 and 1 of this guide. Otherwise, we will guide you through setting up an SSL certificate in steps 2 and 3, so any browser can securely connect to your node. (Most people, including validators, only need to set up a private node.)

0. Provisioning a server

Provision an appropriately sized server from a reputable VPS provider, e.g.:
We recommend a node with at least 2GB of RAM, and Ubuntu 18.04 x64. Other operating systems will require adjustments to these instructions.
If you are running a public node, set up DNS from a domain name that you own to point to the server. The DNS target needs to be type A and not Redirect type. We will use testnet1.edgewa.re. (You don't need to do this if you are setting up a private node.)
SSH into the server.

1. Installing Edgeware and setting it up as a system service

First, clone the edgeware-node repo, install any dependencies, and run the required build scripts.
1
apt update
2
apt install -y gcc libc6-dev
3
apt install -y cmake pkg-config libssl-dev git clang libclang-dev
4
5
# Prefetch SSH publickeys
6
ssh-keyscan -H github.com >> ~/.ssh/known_hosts
7
8
# Install rustup
9
curl https://sh.rustup.rs -sSf | sh -s -- -y
10
source /root/.cargo/env
11
export PATH=/root/.cargo/bin:$PATH
12
13
# Get packages
14
git clone https://github.com/hicommonwealth/edgeware-node.git
15
cd edgeware-node
16
17
# Build packages
18
./setup.sh
Copied!
Set up the node as a system service. To do this, navigate into the root directory of the edgeware-node repo and execute the following to create the service configuration file:
1
{
2
echo '[Unit]'
3
echo 'Description=Edgeware'
4
echo '[Service]'
5
echo 'Type=exec'
6
echo 'WorkingDirectory='`pwd`
7
echo 'ExecStart='`pwd`'/target/release/edgeware --chain=edgeware --ws-external --rpc-cors "*"'
8
echo '[Install]'
9
echo 'WantedBy=multi-user.target'
10
} > /etc/systemd/system/edgeware.service
Copied!
Note: This will create an Edgeware server that accepts incoming connections from anyone on the internet. If you are using the node as a validator, you should instead remove the ws-external flag, so Edgeware does not accept outside connections.
Double check that the config has been written to /etc/systemd/system/edgeware.service correctly. If so, enable the service so it runs on startup, and then try to start it now:
1
systemctl enable edgeware
2
systemctl start edgeware
Copied!
Check the status of the service:
1
systemctl status edgeware
Copied!
You should see the node connecting to the network and syncing the latest blocks. If you need to tail the latest output, you can use:
1
journalctl -u edgeware.service -f
Copied!

2. Configuring an SSL certificate (public nodes only)

We will use Certbot to talk to Let's Encrypt. Install Certbot dependencies:
1
apt -y install software-properties-common
2
add-apt-repository universe
3
snap install --classic certbot
4
apt update
Copied!
Install Certbot:
1
apt -y install certbot python-certbot-nginx
Copied!
It will guide you through getting a certificate from Let's Encrypt:
1
certbot certonly --standalone
Copied!
If you already have a web server running (e.g. nginx, Apache, etc.) you will need to stop it, by running e.g. service nginx stop, for this to work.
Certbot will ask you some questions, start its own web server, and talk to Let's Encrypt to issue a certificate. In the end, you should see output that looks like this:
1
root:~/edgeware-node# certbot certonly --standalone
2
Saving debug log to /var/log/letsencrypt/letsencrypt.log
3
Plugins selected: Authenticator standalone, Installer None
4
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
5
to cancel): testnet1.edgewa.re
6
Obtaining a new certificate
7
Performing the following challenges:
8
http-01 challenge for testnet1.edgewa.re
9
Waiting for verification...
10
Cleaning up challenges
11
12
IMPORTANT NOTES:
13
- Congratulations! Your certificate and chain have been saved at:
14
/etc/letsencrypt/live/testnet1.edgewa.re/fullchain.pem
15
Your key file has been saved at:
16
/etc/letsencrypt/live/testnet1.edgewa.re/privkey.pem
17
Your cert will expire on 2019-10-08. To obtain a new or tweaked
18
version of this certificate in the future, simply run certbot
19
again. To non-interactively renew *all* of your certificates, run
20
"certbot renew"
Copied!

3. Configuring a Websockets proxy (public nodes only)

First, install nginx:
1
apt -y install nginx
Copied!
Set the intended public address of the server, e.g. testnet1.edgewa.re, as an environment variable:
1
export name=testnet1.edgewa.re
Copied!
Set up an nginx configuration. This will inject the public address you have just defined.
1
{
2
echo 'user www-data; ## Default: nobody'
3
echo 'worker_processes 5; ## Default: 1'
4
echo 'error_log /var/log/nginx/error.log;'
5
echo 'pid /var/run/nginx.pid;'
6
echo 'worker_rlimit_nofile 8192;'
7
echo ''
8
echo 'events {'
9
echo ' worker_connections 4096; ## Default: 1024'
10
echo '}'
11
echo ''
12
echo 'http {'
13
echo ' map $http_upgrade $connection_upgrade {'
14
echo ' default upgrade;'
15
echo " \'\' close;"
16
echo ' }'
17
echo ' server {'
18
echo ' listen 443 ssl;'
19
echo ' server_name '$name';'
20
echo ''
21
echo ' ssl_certificate /etc/letsencrypt/live/'$name'/cert.pem;'
22
echo ' ssl_certificate_key /etc/letsencrypt/live/'$name'/privkey.pem;'
23
echo ' ssl_session_timeout 5m;'
24
echo ' ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;'
25
echo ' ssl_ciphers HIGH:!aNULL:!MD5;'
26
echo ' ssl_prefer_server_ciphers on;'
27
echo ''
28
echo ' location / {'
29
echo ' proxy_pass http://127.0.0.1:9944 ;'
30
echo ' proxy_http_version 1.1;'
31
echo ' proxy_set_header Upgrade $http_upgrade;'
32
echo ' proxy_set_header Connection $connection_upgrade;'
33
echo ' }'
34
echo ' }'
35
echo '}'
36
} > /etc/nginx/nginx.conf
Copied!
Make sure that the paths of ssl_certificate and ssl_certificate_key match what Let's Encrypt produced earlier. Check that the configuration file has been created correctly.
1
cat /etc/nginx/nginx.conf
2
nginx -t
Copied!
Make sure that Nginx's OpenSSL version >1.0.2 You will have to Rebuild Nginx if the OpenSSL version is lower. Otherwise, modern TLS protocols created in letsencrypt certificates won't work, and Nginx will throw an error.
If there is an error, nginx -t should tell you where it is. Note that there may be subtle variations in how different systems are configured, e.g. some boxes may have different login users or locations for log files. It is up to you to reconcile these differences.
Start the server:
1
service nginx restart
Copied!
You can now try to connect to your new node from polkadot.js/apps, or by making a curl request that emulates opening a secure WebSockets connection:
1
curl --include --no-buffer --header "Connection: Upgrade" --header "Upgrade: websocket" --header "Host: $name:80" --header "Origin: http://$name:80" --header "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" --header "Sec-WebSocket-Version: 13" http://$name:9944/
Copied!

4. Connecting to your node

Congratulations on your new node! If you set up public DNS and a SSL certificate in steps 2 and 3, you should be able to connect to it now from polkadot-js/apps:
Otherwise, you should be able to use edgeware-cli to connect to it:
1
git clone https://github.com/hicommonwealth/edgeware-cli.git
2
cd edgeware-cli
3
yarn
4
bin/edge -r ws://testnet1.edgewa.re:9944 balances freeBalance 5G8jA2TLTQqnofx2jCE1MAtaZNqnJf1ujv7LdZBv2LGznJE2
Copied!
In general, you should use these URLs to connect to your node:
    ws://testnet1.edgewa.re:9944 if you set it up as a public node with --ws-external in step 1
    wss://testnet1.edgewa.re if you set it up as a public node and also followed steps 2 and 3

5. Next steps

Your node will automatically restart when the system reboots, but it may not be able to recover from other failures. To handle those, consider following our guide to Setting up monitoring.
You may also wish to proceed to Validating on Edgeware.
Last modified 2mo ago