Make sure epel repo is enabled.
# yum install epel-release
Make sure go is installed:
# yum install golang -y # go version
Download and install geth release (downloads page: https://geth.ethereum.org/downloads/)
# cd # wget https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-1.10.6-576681f2.tar.gz # md5sum ./geth-linux-amd64-1.10.6-576681f2.tar.gz # tar xvzf ./geth-linux-amd64-1.10.6-576681f2.tar.gz # cp ~/geth-linux-amd64-1.10.6-576681f2/geth /usr/local/bin/ # geth version
Create ethereum user:
# useradd -m ethereum # passwd ethereum # su ethereum $ cd
Adjust firewall to allow traffic on geth public port 30303:
# firewall-cmd --zone=public --add-port=30303/tcp --permanent # firewall-cmd --zone=public --add-port=30303/udp --permanent # firewall-cmd --reload
Run fast sync
$ geth --syncmode fast --cache 1024
Unitil chain index is fully upgraded:
... INFO [08-03|17:03:07.086] Upgrading chain index type=bloombits percentage=99 INFO [08-03|17:03:10.174] Finished upgrading chain index type=bloombits
Create systemd unit
# vim /usr/lib/systemd/system/geth.service [Unit] Description=Ethereum go client After=syslog.target network.target [Service] User=ethereum Group=ethereum Environment=HOME=/home/ethereum Type=simple ExecStart=/usr/local/bin/geth --cache 2048 --http --http.addr=<public_ip> [Install] WantedBy=multi-user.target # systemctl start geth && systemctl enable geth && systemctl status geth
Test from local
# netstat -lpn | grep 8545 $ geth attach
Make sure you use firewall to access this port:
# firewall-cmd --zone=trusted --add-port=8545/tcp --permanent # firewall-cmd --permanent --zone=trusted --add-source=<client_ip_address> # firewall-cmd --reload # firewall-cmd --zone=trusted --list-all # firewall-cmd --permanent --zone=trusted --list-sources
Test from remote
$ curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"web3_clientVersion","params":[],"id":67}' http://<public_geth_ip>:8545
{"jsonrpc":"2.0","id":67,"result":"Geth/v1.10.6-stable-576681f2/linux-amd64/go1.16.4"}
Check if node is still syncing:
$ geth attach eth.syncing
It should return false (if node is not anymore syncing). Or json object with some stats if eth is still syncing.
Set up nginx with HTTP basic auth:
# yum install nginx httpd-tools -y
# htpasswd -c /etc/nginx/conf.d/.htpasswd.geth geth
<password>
<password>
# vim /etc/nginx/conf.d/geth.conf
server {
listen 80;
listen [::]:80;
auth_basic "Ethereum";
auth_basic_user_file /etc/nginx/conf.d/.htpasswd.geth;
server_name <public_ip>;
location / {
proxy_pass http://localhost:8545/;
proxy_set_header Host $host;
}
}
# systemctl start nginx && systemctl enable nginx && systemctl status nginx
# netstat -lpn | grep 80
Adjust geth to run HTTP RPC API only on localhost ip:
# vim /usr/lib/systemd/system/geth.service ... ExecStart=/usr/local/bin/geth --cache 2048 --http ... # systemctl daemon-reload && systemctl stop geth && systemctl start geth && systemctl status geth # netstat -lpn | grep 8545
Adjust firewall to allow traffic on port 80 and remove traffic on port 8545:
# firewall-cmd --zone=trusted --add-service=http --permanent # firewall-cmd --zone=trusted --remove-port=8545/tcp --permanent # firewall-cmd --reload
Test from remote:
curl -u geth:<http_auth_password> -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"web3_clientVersion","params":[],"id":67}' http://<public_ip>
Done