Installation
Last updated
Was this helpful?
Last updated
Was this helpful?
Deployment of the testnet software will be done using a program called «Docker».
Docker is compatible with Linux, MacOS and Windows, as well as with AWS-/Azure-cloud services. It creates a virtual container that contains and runs the software provided by Factom.
Step by step instructions will be provided for downloading and installing an ordinary node on Linux, MacOS and Windows, as well as for the Linux version of the Authority server.
The main support channel is in the Factom Community under the category "COMMUNITY-TESTNET".
If you are an experienced user you may skip these instructions, and head directly to the .
Download .
Make a bootable USB by using a tool like or .
Boot from the USB-stick you made, and install Ubuntu
After the installation is complete you need to grant your Ubuntu-user permission to actually use the docker program. This is done by executing the following commands:
Verify that the command was successful by opening the terminal and running:
This should then generate the «hello-world» image.
In order to have your node join the swarm (or even function properly), you need to expose a couple of ports. The set up depends on whether you use an external firewall (or NAT), such as AWS or hosting at home, or rely on the node's own firewall to secure it (most VPS-services). If you do not want to join the authority set, only port 8110 needs to be opened to the public.
No firewall needs to be configured on the node itself, but it can still be set up for added security in case your external firewall gets compromised. You need to allow access to port 2376, 2222 and 8088 ONLY TO 54.171.68.124. Failure to do this properly can compromise your node. Port 8090 to public is beneficial for testnet debugging. Port 8110 is required to be open to the public, this is the port the network communicates on. The steps to do this varies greatly by your individual set up (NAT or not, firewall/router model, etc..)
TCP port 2376 only to 54.171.68.124 for secure Docker engine communication. This port is required for Docker Machine to work. Docker Machine is used to orchestrate Docker hosts. As this is a local service we use the INPUT chain.
In addition, the following ports must be opened for factomd to function which we add to the DOCKER-USER chain:
2222 to 54.171.68.124, which is the SSH port used by the ssh container
8088 to 54.171.68.124, the factomd API port
8090 to 0.0.0.0, the factomd Control panel
Keeping this open to the world is beneficial on testnet for debugging purposes
8110 to 0.0.0.0, the factomd testnet port
An example using iptableswith the optional setting at line 5:
Linux
This is done on your local computer, not your node, and will create a 4096-bit RSA key-pair. During creation, you will be given the option to encrypt the private key with a passphrase. This means that it cannot be used without entering the passphrase, unless you save it to your local desktop’s keychain manager. We suggest you use the key-pair with a passphrase, but you can leave this field blank if you don’t want to use one.
Press Enter to use the default names id_rsa and id_rsa.pub in /home/your_username/.ssh before entering your passphrase.
Now copy your key to your node (replace the username and ip with appropriate values)
Exit and log back in to your node. If you specified a passphrase, you need to enter it here.
Windows
Select RSA and increase to a 4096-bits key in the bottom right field and generate a key. Type in a passphrase (optional, recommended). Now save your keys.
Now copy the entire public key, it starts with ssh-rsa and ends with == followed by the key comment. On your node, create your .ssh folder if it does not already exist. Now create and/or edit the file ./ssh/authorized_keys and paste your key here.
The next time you use PuTTy to connect, go to your Connection -> SSH -> Auth setting and browse to the PRIVATE key you saved earlier. Save the connection and try to connect. You should now be able to connect using your SSH key instead of password.
Edit /etc/ssh/sshd_config using your favorite editor:
Below are a handful of settings we recommend setting:
You can store these files in the directory /etc/docker for instance:
Now you should have the files with the correct permissions set.
Please note that in the rest of this tutorial it's assumed you stored the files using the /etc/docker location and with the above names. If not, please adjust the commands below involving the certificate and keys.
Configure the docker daemon using a default config file, located at /etc/docker/daemon.json . Create this file if it doesn't exist. Copy the following into the file:
Now you'll need to replace the standard docker start command. Run the following command:
The above command creates an override directory at /etc/systemd/system/docker.service.d/ and an override file called override.conf (which is open on your terminal now). Copy and paste the following:
Exit and save the file. Now reload the docker configuration and the docker.service:
Docker should now be configured and ready. You can test if it runs correctly with the following:
It should restart with no errors appearing and you should see that the override.conf file has been loaded.
Factomd relies on two volumes, factom_database and factom_keys. Please create these before joining the swarm:
These volumes are there to make sure that you can remove or delete the container itself but the database and the keys are still persistent on the system.
For running a main-net authority node we strongly recommend syncing the database from scratch. If you do already have a recently synced main-net node and would like to avoid re-syncing, run:
The directory in _data after the copy should be custom-database, as the volume is mounted at $HOME/.factom/m2.
Finally, to join the swarm, run the following command:
Please note: There is a version for the Factom software in the next command. Make sure you run the correct and latest announced version from the Discord #operators-announcement channel
Run the following command exactly:
After this your node will be started. You can check for the existence of a Factom container using the command docker ps.
This will download and save the file to your current folder. Now place the config file in /var/lib/docker/volumes/factom_keys/_data by running (if the file is where you're currently at):
Now you're free to start the factomd container again with docker start factomd.
Please wait for your node to be fully synced by checking the control panel node sync statuses to be 100% before performing any next steps. Please also regard the initial wait period of 20 minutes before doing anything with your node.
This tutorial assumes that you've setup Ubuntu that is running the Factom Daemon. If you haven't, please check out the getting started with the basics tutorial first.
You can check if the daemon is up by running docker ps . A container with the image factominc/factomd:vX.xx should show up where vX.xx is your current Factomd version.
To be able to join the testnet as an authority server you will need a «personal» server identity. The identity is generated using the serveridentity program. Entry Credits are required to create your identity to the blockchain.
Startfactom-walletd
Create a new TC address factom-cli -s=localhost:port newecaddress
Verify that it has been funded: factom-cli -s=localhost:port balance ECXXXXXXXXXXXXXX
Export your address: factom-cli -s=localhost:port exportaddresses
Create a new Entry Credit address in your Address Book.
Verify that it has been funded by checking the balance in the wallet
Click the pencil-icon on your EC wallet and click "Display Private Key", you will need this for the next step.
Also create a new Factoid address to set up efficiency and payout
The identity is generated using the serveridentity tool, but first you need to build said tool.
Start off by installing git, golang-go and golang-glide:
next up edit ~/.profile with for example nano:
and add the following lines to the bottom:
Open a new terminal for these changes to take effect. You might even need to re-log.
Next up clone the serveridentity tool:
Now you should have two files in the go/bin/folder named serveridentity and signedwithed25519. These are the files you need to generate your server identity.
Now run the following:
This will generate numerous keys which are printed to stdout, two files will also be produced:
Script to add the Identity to the blockchain
Script that utilizes factom-cli
Name of script is by default fullidentity.sh or {OPTIONAL_FILENAME}.sh if provided.
Config file needed for the server
Place in ~/factom/m2 and rename to factomd.conf
Name of config is by default fullidentity.conf or {OPTIONAL_FILENAME}.conf if provided
Record the private keys printed out to the screen on paper or long term storage. These are used to control your identity in the future. Level 4 is the highest security and level 1 will be used to do more operations.
Make sure factomd is running and run factom-walletd in a terminal window. The factom-cli commands in important.sh need to be run. Change all lines with factom-cli … to now read factom-cli -s=localhost:port .... Import the EC address to your wallet:
Check the balance of your addresses:
Run the important.sh script:
Check the explorer that the new identity chains were created 10 minutes later. You can now paste the contents of the important.conf file into your factomd.conf, normally located at /var/docker/volumes/factom_keys/_data/factomd.conf.
Follow the excellent Docker install-guide . The guide involves removing any old versions of docker, adding the docker-CE repository and then installing it.
In order to join the swarm, first ensure that your firewall rules allow access on the following ports. All swarm communications occur over a self-signed TLS certificate. Due to the way iptables and docker work you cannot use the INPUT chain to block access to apps running in a docker container as it's not a local destination but a FORWARD destination. By default when you map a port into a docker container it opens up to any host. To restrict access we need to add our rules in the DOCKER-USER chain .
OPTIONAL: 8088 to 178.62.125.252, the factomd API port to monitoring server
Don't forget to the rules!
Download and install (use the MSI installer as it includes puttygen).
Make sure you store the docker swarm testnet key and certificate on your system. The files can be found at . You can store these files in the directory /etc/docker for instance:
Once you have joined the swarm network, you will be issued a control panel login by the testnet adminstrator. Please submit this and a staff member will contact you as soon as possible.
Only accept logins at . Any other login endpoints are fraudulent and not to be trusted.
You're now almost ready to be included in the testnet. Stop the factomd container with docker stop factomd and download the factomd.conf file , or run:
Latest version of the Factom Daemon can be found
Visit the and input your generated address.
Visit the and input your generated address
