monero node In this short post I’ll detail how to easily run a Monero node on a Linux server, the most common OS for virtual private servers (VPS). I would highly recommend running either Debian or Ubuntu for your Linux distribution, and this guide will assume you are running one of those. Recommended hardware Full Node: 2+ vCPUs/cores, 4GB+ RAM, 200GB+ SSD. Pruned Node: 2+ vCPUs/cores, 4GB+ RAM, 100GB+ SSD. Why run your own Monero node? The Monero network relies on a distributed web of Monero nodes, each of which validate transactions, propagate transactions to the rest of the network, and helps new nodes easily and quickly synchronize to the current state of the network. Running a Monero node for yourself not only helps to give you the stronger network-level privacy guarantees, but also helps to increase the decentralization, stability, and speed of the Monero network. Each node can expose two different services, each of which has a positive impact on the network in a unique way: Peer-to-Peer (p2p) port (default 18080): this port allows other nodes on the network to connect to your node to download the blockchain and to send you any transactions they validate that you do not yet have. It also increases overall network privacy, as your node participates in the Dandelion++ propagation of transactions. Remote Procedure Call (RPC) port (default 18089 for restricted): Exposing this port (especially with the public-node arg) allows other users on the network, especially those using mobile wallets or the GUI wallet in “Simple” mode, to connect to your node to sync their wallets, without needing to run their own full node locally. In this guide I have only given configuration files and Docker commands that expose the p2p port, as that is a key help to the network. Feel free to use one of the configuration files utilizing the public-node arg listed below if you’d also like to advertise your restricted RPC port. Update and install required packages First we need to install a few tools we will need later: sudo apt-get update && sudo apt-get upgrade -y sudo apt-get install -y ufw curl Then install Docker: curl -fsSL https://get.docker.com -o get-docker.sh sudo sh get-docker.sh sudo usermod -aG docker $USER su - $USER Note: This command downloads a script and runs as root directly from Docker. Please make sure you are comfortable doing this, and be wary of doing this on a personal computer. If you’d like to avoid that, please follow the official docs here to install from the repository. Initial Hardening via UFW We will want to make sure that the system is hardened in a simple way by making sure that the firewall is locked down to only allow access to the ports necessary for SSH and monerod, using UFW. Run the following commands to add some basic UFW rules and enable the firewall: # Deny all non-explicitly allowed ports sudo ufw default deny incoming sudo ufw default allow outgoing # Allow SSH access sudo ufw allow ssh # Allow monerod p2p port sudo ufw allow 18080/tcp # Allow monerod restricted RPC port sudo ufw allow 18089/tcp # Enable UFW sudo ufw enable Download and run monero via Docker The command set below is for running a public, pruned node. This is the most space-preserving method and also benefits the network by creating a public node that can be used by anyone: docker run -d --restart unless-stopped --name="monerod" -p 18080:18080 -p 18089:18089 -v bitmonero:/home/monero ghcr.io/sethforprivacy/simple-monerod:latest --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=18089 --public-node --no-igd --no-zmq --enable-dns-blocklist --prune-blockchain docker run -d \ --name watchtower --restart unless-stopped \ -v /var/run/docker.sock:/var/run/docker.sock \ containrrr/watchtower --cleanup \ monerod tor An alternative Docker implementation is also available on Github, which even includes native Grafana visualizations. This guide will focus on being extremely simple, so I’ll stick to just monerod here. Alternative Docker commands To watch the logs for monerod, simply run: docker logs --follow monerod Updating your Monero node As we are running Monero in a Docker container and have deployed Watchtower along with it, the node will automatically be restarted with the latest version of monerod whenever a new version is tagged in Github. Nothing else needs to be done manually! Sending commands to your node monerod supports sending commands locally, allowing you get additional info on the status of monerod, set bandwidth limits, set peer limits, etc. A full list of commands as of v0.17.1.8 can be found by running "monerod help" When you want to run a command, simply run: docker exec monerod /usr/local/bin/monerod name_of_command ...and it will automatically connect to the daemon, run the command, and print the output of that command to the terminal. Using anonymity networks Tor If you would like to also expose your RPC port over Tor as a Hidden Service, follow these few commands and you’re all set. This allows you to access your RPC port entirely over Tor without ever even needing to go through exit nodes. Run a Tor Docker container: docker run -d --restart unless-stopped --link monerod:monerod --name tor --volume tor-keys:/var/lib/tor/hidden_service/ ghcr.io/sethforprivacy/tor:latest Get the HiddenService address: docker exec -ti tor onions Note: To test connectivity, simply visit "http://replacewithnewonionaddress:18089/get_info" in the Tor browser and make sure you get a block of text back. Connecting to your new remote node This will depend on the wallet you’ve chosen to use, but usually just entails specifying the IP address of your node (either your home IP address or that of your VPS-provided host) or Onion address. Conclusion Hopefully this guide simplified the process of setting up a remote node on a VPS, and many more similar guides should be popping up shortly.