1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
|
#Instructions
- [For `systemd` users](#systemd)
- [Troubleshooting](#systemd-troubleshooting)
<br>
- [For `init.d` users](#initd)
- [Troubleshooting](#initd-troubleshooting)
<br>
- [For `Docker` users](#docker)
- [Troubleshooting](#docker-troubleshooting)
These instructions are primarily tested on Debian Linux, Wheezy for init.d and Jessie for systemd, but they should work on other POSIX-compliant systems too.
<a name="systemd" />
##For `systemd` users:
For security reasons we run the daemon under its own user.
Create a new user by executing the following:
```sh
sudo useradd --home-dir /var/lib/tox-bootstrapd --create-home --system --shell /sbin/nologin --comment "Account to run Tox's DHT bootstrap daemon" --user-group tox-bootstrapd
```
Restrict access to home directory:
```sh
sudo chmod 700 /var/lib/tox-bootstrapd
```
Copy `tox-bootstrapd.conf` file to where `ExecStart=` from `tox-bootstrapd.service` points to. By default it's `/etc/tox-bootstrapd.conf`.
```sh
sudo cp tox-bootstrapd.conf /etc/tox-bootstrapd.conf
```
Go over everything in the copied `tox-bootstrapd.conf` file. Set options you want and add actual working nodes to the `bootstrap_nodes` list, instead of the example ones, if you want your node to connect to the Tox network. Make sure `pid_file_path` matches `PIDFile=` from `tox-bootstrapd.service`.
Copy `tox-bootstrapd.service` to `/etc/systemd/system/`:
```sh
sudo cp tox-bootstrapd.service /etc/systemd/system/
```
You must uncomment the next line in tox-bootstrapd.service, if you want to use port number < 1024
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
and, possibly, install `libcap2-bin` or `libcap2` package, depending of your distribution.
Reload systemd units definitions, enable service for automatic start (if needed), start it and verify it's running:
```sh
sudo systemctl daemon-reload
sudo systemctl enable tox-bootstrapd.service
sudo systemctl start tox-bootstrapd.service
sudo systemctl status tox-bootstrapd.service
```
Get your public key and check that the daemon initialized correctly:
```sh
sudo grep "tox-bootstrapd" /var/log/syslog
```
<a name="systemd-troubleshooting" />
###Troubleshooting:
- Check daemon's status:
```sh
sudo systemctl status tox-bootstrapd.service
```
- Check the log for errors:
```sh
sudo grep "tox-bootstrapd" /var/log/syslog
# or
sudo journalctl --pager-end
# or
sudo journalctl -f _SYSTEMD_UNIT=tox-bootstrapd.service
```
- Make sure tox-bootstrapd user has write permission for keys and pid files.
- Make sure tox-bootstrapd has read permission for the config file.
- Make sure tox-bootstrapd location matches its path in tox-bootstrapd.service file.
<a name="initd" />
##For `init.d` users
For security reasons we run the daemon under its own user.
Create a new user by executing the following:
```sh
sudo useradd --home-dir /var/lib/tox-bootstrapd --create-home --system --shell /sbin/nologin --comment "Account to run Tox's DHT bootstrap daemon" --user-group tox-bootstrapd
```
Restrict access to home directory:
```sh
sudo chmod 700 /var/lib/tox-bootstrapd
```
Copy `tox-bootstrapd.conf` file to where `CFGFILE` variable from `tox-bootstrapd.sh` points to. By default it's `/etc/tox-bootstrapd.conf`.
```sh
sudo cp tox-bootstrapd.conf /etc/tox-bootstrapd.conf
```
Go over everything in the copied `tox-bootstrapd.conf` file. Set options you want and add actual working nodes to the `bootstrap_nodes` list, instead of the example ones, if you want your node to connect to the Tox network. Make sure `pid_file_path` matches `PIDFILE` from `tox-bootstrapd.sh`.
Look at the variable declarations in the beginning of `tox-bootstrapd.sh` init script to see if you need to change anything for it to work on your system. The default values must be fine for most users and we assume that you use those next.
Copy `tox-bootstrapd.sh` init script to `/etc/init.d/tox-bootstrapd` (note the disappearance of ".sh" ending):
```sh
sudo cp tox-bootstrapd.sh /etc/init.d/tox-bootstrapd
```
Set permissions for the init system to run the script:
```sh
sudo chmod 755 /etc/init.d/tox-bootstrapd
```
Make the init system aware of the script, start the daemon and verify it's running:
```sh
sudo update-rc.d tox-bootstrapd defaults
sudo service tox-bootstrapd start
sudo service tox-bootstrapd status
```
Get your public key and check that the daemon initialized correctly:
```sh
sudo grep "tox-bootstrapd" /var/log/syslog
```
<a name="initd-troubleshooting" />
###Troubleshooting:
- Check daemon's status:
```sh
sudo service tox-bootstrapd status
```
- Check the log for errors:
```sh
sudo grep "tox-bootstrapd" /var/log/syslog
```
- Check that variables in the beginning of `/etc/init.d/tox-bootstrapd` are valid.
- Make sure tox-bootstrapd user has write permission for keys and pid files.
- Make sure tox-bootstrapd has read permission for the config file.
- Make sure tox-bootstrapd location matches its path in the `/etc/init.d/tox-bootstrapd` init script.
<a name="docker" />
##For `Docker` users:
If you are familiar with Docker and would rather run the daemon in a Docker container, run the following from this directory:
```sh
sudo docker build -t tox-bootstrapd docker/
sudo useradd --home-dir /var/lib/tox-bootstrapd --create-home --system --shell /sbin/nologin --comment "Account to run Tox's DHT bootstrap daemon" --user-group tox-bootstrapd
sudo chmod 700 /var/lib/tox-bootstrapd
sudo docker run -d --name tox-bootstrapd --restart always -v /var/lib/tox-bootstrapd/:/var/lib/tox-bootstrapd/ -p 443:443 -p 3389:3389 -p 33445:33445 -p 33445:33445/udp tox-bootstrapd
```
We create a new user and protect its home directory in order to mount it in the Docker image, so that the kyepair the daemon uses would be shared with the host system, which makes it less likely that you would loose the keypair while playing with the Docker container.
You can check logs for your public key or any errors:
```sh
sudo docker logs tox-bootstrapd
```
If you are an experienced Docker user and have a version of Docker that supports `docker cp` both host->container and container->host directions, you might want to skip the directory mounting part and just do:
```sh
sudo docker build -t tox-bootstrapd docker/
sudo docker run -d --name tox-bootstrapd --restart always -p 443:443 -p 3389:3389 -p 33445:33445 -p 33445:33445/udp tox-bootstrapd
sudo docker logs tox-bootstrapd
```
The keypair is stored in `/var/lib/tox-bootstrapd/keys` file, so if you skipped the directory mounting part and want a new Docker container to retain the same public key that from an old one, just copy/overwrite it from the old container.
Note that the Docker container runs a script which pulls a list of bootstrap nodes off https://nodes.tox.chat/ and adds them in the config file.
<a name="docker-troubleshooting" />
###Troubleshooting:
- Check if the container is running:
```sh
sudo docker ps -a
```
- Check the log for errors:
```sh
sudo docker logs tox-bootstrapd
```
|
