This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | |||
how_to_host_your_public_data [11/03/2022 11:59] – .04 crowetic | how_to_host_your_public_data [11/04/2022 17:40] (current) – gfactor | ||
---|---|---|---|
Line 73: | Line 73: | ||
It is also possible to setup your node as a gateway for traditional internet traffic to access your QDN site. Here is an example: https:// | It is also possible to setup your node as a gateway for traditional internet traffic to access your QDN site. Here is an example: https:// | ||
- | ===== How to Setup Your Own Public Gateway Node=== | + | If this is something |
- | (guide by crowetic) | + | |
- | + | ||
- | ===Preparation=== | + | |
- | In order to prepare for setting up your own public gateway, you will need to have a server of some kind available. Ideally you'll want that server to have a static IP, but you can also setup things like ' | + | |
- | + | ||
- | For my gateway node (the one on qortal.link above) I used a Virtual Machine on one of my Hypervisors in a data center. I use this setup for any of my public servers and nodes, but that is not a requirement. Literally the only actual **requirement** is a node with internet access, so **basically any node** can work, as long as you can **port forward** internet ports in. (Ports 80 and 443 are the primary ports used by HTTP and HTTPS.) | + | |
- | + | ||
- | For MY setup, I created a VM with **6GB of RAM** and **4 CPU cores**. The CPU on this Hypervisor | + | |
- | + | ||
- | ====Things to Remember=== | + | |
- | + | ||
- | - Any computer that can run Qortal, CAN be a gateway node, however, in order to be a gateway node the machine needs **public IP with port fowarding possible** and **unlimited or high cap on bandwidth** is recommended, | + | |
- | + | ||
- | - **Static IP is preferred** - if you can't do a static IP, then DDNS is possible. (There are many guides on setting up DDNS) | + | |
- | + | ||
- | - Your gateway node if setup **following this guide** will allow **ANY QDN site** | + | |
- | + | ||
- | - **There are ways** to setup a gateway node for **a specific QDN name only** - that just requires changing settings on the node so that instead of allowing ' | + | |
- | + | ||
- | ====Node Setup==== | + | |
- | + | ||
- | In this guide, I will be giving instructions for installation on **Ubuntu 22.04 Server** - Ubuntu Server is a **headless OS** and based on Debian Linux. Ubuntu server is what I use for basically all of my servers and my preferred OS for any hosting. You CAN set a gateway node up on other operating systems, but this guide will cover **Ubuntu Server installation** | + | |
- | + | ||
- | '' | + | |
- | + | ||
- | -**Ubuntu Server** - my personal favorite server OS (personal preference) | + | |
- | + | ||
- | -**nginx** - nginx is a great web server software, we will utilize it as a **reverse proxy** for the Qortal Gateway. | + | |
- | + | ||
- | -**Cloudflare** - Cloudflare is a DNS service provider that also provides a bunch of other solutions. I used cloudflare as a proxy in front of the gateway so that the backend server IP cannot be found, and I also used cloudflare for the **SSL certificate** - be aware, if you are going to follow this guide and you are NOT planning on using cloudflare, you will have to **obtain an SSL certificate from another location** - I will give some ideas for you on how to acquire a DIFFERENT cert, but will not be giving a walk-thru on the setup of the other cert, this guide is specifically going to be using **Cloudflare to proxy and provide SSL, and nginx to reverse proxy to the Qortal node.** | + | |
- | + | ||
- | -**Whichever Domain Name** you plan to use... in this guide I will be using the '' | + | |
- | + | ||
- | ====Qortal Configuration==== | + | |
- | + | ||
- | Obviously in order to setup a QDN gateway, we will **need a Qortal Node running.** You can do the following to install Qortal and required software on a brand new Ubuntu Server installation. | + | |
- | + | ||
- | < | + | |
- | + | ||
- | '' | + | |
- | + | ||
- | In my guide, I will create a user called ' | + | |
- | + | ||
- | < | + | |
- | < | + | |
- | + | ||
- | From the Qortal user we will download and install the Qortal Core. | + | |
- | + | ||
- | < | + | |
- | < | + | |
- | < | + | |
- | + | ||
- | Once we've got the Qortal Core setup, we can modify the **settings.json** for Qortal, to get it ready for the gateway node. | + | |
- | + | ||
- | < | + | |
- | + | ||
- | We will copy paste the following into the settings.json, | + | |
- | + | ||
- | < | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | " | + | |
- | "::/ | + | |
- | ] | + | |
- | + | ||
- | } | + | |
- | </ | + | |
- | + | ||
- | As you can see, the '' | + | |
- | + | ||
- | Also, something to point out while we're in the process of setting up the Qortal node... This is specific to **nodes with less than 8GB of RAM**, such as my VM with 6GB. | + | |
- | + | ||
- | On nodes with less than 8GB of RAM, we will want to **modify the start.sh script** so that the Java Virtual Machine (Qortal Core itself runs as a JVM) will utilize MORE RAM than the default setting. | + | |
- | + | ||
- | I have created a **modified start script** that I have made available on **my github** and you can grab it like this... | + | |
- | + | ||
- | < | + | |
- | < | + | |
- | < | + | |
- | + | ||
- | That will modify the start script so that it uses **2000+MB of RAM total** as opposed to the **default** which is **1/4 of system RAM**. For systems with less than 8GB of RAM, making this change is essentially a requirement, | + | |
- | + | ||
- | Once we have done this **we will go back to our sudo user** so that we can **do the configuration of nginx**. | + | |
- | + | ||
- | < | + | |
- | + | ||
- | ====nginx configuration==== | + | |
- | + | ||
- | The exit command will take us back to our sudoer. Once we're there, we will modify the nginx config. The default location for the nginx configuration files is ''/ | + | |
- | + | ||
- | We will make a **new configuration file** for our gateway node. | + | |
- | + | ||
- | < | + | |
- | < | + | |
- | + | ||
- | We will take the following configuration and copy paste it into the newly created file, then use '' | + | |
- | + | ||
- | We will '' | + | |
- | + | ||
- | Make sure to '' | + | |
- | + | ||
- | < | + | |
- | server { | + | |
- | listen 80 default_server; | + | |
- | server_name _; | + | |
- | + | ||
- | return 301 https:// | + | |
- | } | + | |
- | + | ||
- | server { | + | |
- | | + | |
- | + | ||
- | ####REPLACE THE FOLLOWING WITH YOUR DOMAIN AND CERTIFICATE FILE LOCATIONS### | + | |
- | + | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | + | ||
- | | + | |
- | + | ||
- | ####REPLACE THE FOLLOWING WITH YOUR SERVER' | + | |
- | + | ||
- | #### You will set the port here to whichever port you configured in the Qortal Settings.json - ours is configured to port 8080. | + | |
- | + | ||
- | proxy_pass http:// | + | |
- | + | ||
- | proxy_set_header | + | |
- | proxy_set_header | + | |
- | proxy_set_header | + | |
- | proxy_set_header | + | |
- | } | + | |
- | } | + | |
- | </ | + | |
- | + | ||
- | That's it. '' | + | |
- | + | ||
- | ====Confguring Cloudflare==== | + | |
- | + | ||
- | In order to **use cloudflare SSL** and the **cloudflare proxy** we will need to ensure our **domain is controlled by Cloudflare DNS**. In order to do this, we will need to **set cloudflare as our DNS provider for the domain.** | + | |
- | + | ||
- | To do this, there are plenty of tutorials, but it's fairly simple. | + | |
- | + | ||
- | -Create CloudFlare account - https:// | + | |
- | + | ||
- | -Tell CloudFlare the name of your domain | + | |
- | + | ||
- | -Import your domain to CloudFlare, you will need to modify the DNS records on your existing DNS provider, to **change the nameservers to CloudFlare**. | + | |
- | + | ||
- | -If you REGISTERED your domain with CloudFlare, then you can **skip this step**. | + | |
- | + | ||
- | I personally use namecheap.com for REGISTERING my domains, so I needed to port the DNS over to CloudFlare before I could use CloudFlare' | + | |
- | + | ||
- | Once your DNS is controlled by cloudflare, | + | |
- | + | ||
- | First, '' | + | |
- | + | ||
- | \\ | + | |
- | {{:: | + | |
- | \\ | + | |
- | {{:: | + | |
- | + | ||
- | Then, go to the '' | + | |
- | + | ||
- | {{:: | + | |
- | + | ||
- | {{:: | + | |
- | + | ||
- | + | ||
- | Click '' | + | |
- | + | ||
- | Cloudflare will **show you your SSL certificates in TEXT format, you will copy and paste them into files** | + | |
- | + | ||
- | '' | + | |
- | + | ||
- | < | + | |
- | + | ||
- | < | + | |
- | + | ||
- | < | + | |
- | + | ||
- | **When CloudFlare shows you the CERT**, you will do the following, and copy paste it into the following file | + | |
- | + | ||
- | < | + | |
- | + | ||
- | Again use '' | + | |
- | + | ||
- | **When CloudFlare shows you the KEY**, you will do the following, and copy paste it into the following file | + | |
- | + | ||
- | < | + | |
- | + | ||
- | Same here, after copy/ | + | |
- | + | ||
- | ====DNS configuration=== | + | |
- | + | ||
- | In your Newly setup CloudFlare DNS, you will create a new '' | + | |
- | + | ||
- | You will create the new '' | + | |
- | + | ||
- | You will make sure the '' | + | |
- | + | ||
- | Once you have done that, you're officially ready, and your domain will reply to your node. | + | |
- | + | ||
- | ====Finishing Up==== | + | |
- | + | ||
- | Alright, now that we've configured **Qortal**, **CloudFlare with SSL**, and **nginx**, we should be good to go! We only have a **few things left**. Let's **start Qortal and restart nginx** first, then we will ensure our **ports are forwarded correctly**. | + | |
- | + | ||
- | The first thing you'll do, is start Qortal. Since you're still in your qortal user on your server, you can simply do this... | + | |
- | + | ||
- | < | + | |
- | + | ||
- | Then Qortal will start. It will take a while to **bootstrap and get fully started.** | + | |
- | + | ||
- | Once that has happened, you can '' | + | |
- | + | ||
- | < | + | |
- | < | + | |
- | + | ||
- | Now you should be golden. Only thing left is to make sure you have the correct ports forwarded in to your node. | + | |
- | + | ||
- | ====Forwarding the Correct Ports in to Your Gateway Node==== | + | |
- | + | ||
- | Your Gateway Node needs to use the following ports on **TCP protocol**, the specifics of the forwarding will depend on how your firewall is setup, which type of firewall you have, etc... this guide does not cover port forwarding, but there is another guide on this wiki that does, and there are plenty of other guides specific to whichever router and firewall you're using. | + | |
- | + | ||
- | **The Necessary ports are** | + | |
- | + | ||
- | -Port '' | + | |
- | + | ||
- | -Port '' | + | |
- | + | ||
- | -Port '' | + | |
- | + | ||
- | -((Optional)) -Port '' | + | |
- | + | ||
- | ====Final Words==== | + | |
- | + | ||
- | The benefits of a Gateway Node are numerous, however, they NEED to be setup in a similar fashion to the way this one is, or there could be potential issues. Using the gateway node, a user can **acquire another peer for their data** simply by viewing through your public gateway, this allows users with nodes that are not online all the time, to acquire another peer that is. | + | |
- | + | ||
- | Gateway nodes also allow people who **do not have a Qortal Node installed** to **access QDN hosted content**, this is quite nice for **demoing the functionality** and showing what QDN can accomplish, as well as what QDN hosted websites look like when not viewed through the Qortal UI. | + | |
- | + | ||
- | However, there ARE some **potential NEGATIVES** as well... such as the fact that the content viewed through a gateway node is **not sandboxed** like the content is when viewed directly through the UI. This means that links to the internet WILL work, etc... it could also open potential attack vectors, so people should be aware of that. **it is no less secure than the traditional internet, but just not nearly as secure as accessing sites directly through the UI**. | + | |
- | + | ||
- | Also, When Q-Apps get launched, if the Q-App requires a **user account** in order to function, accessing through a Gateway, will NOT allow that to take place (at least not YET.) Having a user account authentication requires using the UI at the moment, as there is no such thing right now as a ' | + | |
- | + | ||
- | Gateway nodes are mostly for **demo** purposes, or allowing access to QDN-hosted content to people who are NOT running a Qortal node. | + | |
- | + | ||
- | Also, be aware **in certain locations certain content is ' | + | |
- | + | ||
- | The easiest way to block content on your gateway, would be to setup your gateway node to allow connections on port '' | + | |
- | + | ||
- | THAT'S IT! | + | |
- | + | ||
- | Hopefully this guide is **helpful** to those looking to setup a **Qortal Gateway Node**... I put as much detail as I could here so that it would be understandable, | + | |
- | + | ||
- | Another thing to note - ' | + | |
- | + | ||
- | However, if you do NOT use cloudflare, your server' | + | |
- | + | ||
- | You CAN still use CloudFlare for your DNS with or without using CloudFlare' | + | |
- | + | ||
- | By default, CloudFlare applies its proxy, but you CAN tell it to bypass it. | + | |
- | + | ||
- | Anyway, I will do more guides on other semi-complex topics as time goes on. Hope you enjoy this one! | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + |