-
Notifications
You must be signed in to change notification settings - Fork 13
Home
Welcome to the BokkyPooBah's Ethereum Workshop wiki!
The associated Meetup group is https://www.meetup.com/BokkyPooBahs-Ethereum-Workshop/.
The associated Telegram chat invite link is https://t.me/joinchat/Ep-XOkwa_uns--L08HhRTw.
There is an associated virtual server we use with this workshop. It is not a highly secured environment, but more of a sandbox for developing Ethereum Dapps and Ethereum based web services.
The server is running the geth
Ethereum node softwre on the Ethereum Ropsten Testnet network. See
If you need some Ropsten Testnet ethers... for details on connecting to the Ropsten network, and/or to get some Ropsten testnet ethers.
Voting Systems:
- TODO
- Set Up Virtual Server
- Set Up The Parity Node
- Set Up The Go Ethereum Environment
- Security Set Up
- Set up firewall
- SSL certificates
- Build different voting implementations
- Hosted on
172.104.5.185
, this is a Linode 2GB plan costing USD 10 per month for a 2Gb RAM 30Gb storage server. - Set up the DNS
ethvoter.thedao.fund
to point to172.104.5.185
- Installed Ubuntu 16.04 LTS Disk
- Nov 11 2017 Set up DNS
www.EtherDevSwamp.org
to point to172.104.5.185
-
The host is created with a root user account
-
The root user can then set up additional non-root user accounts using the commands:
# Sets up the user's account adduser {username} # Provide the user with `sudo` execute-action-as-superuser access usermod -aG sudo {username} # Provide the user with admin access, e.g. tail -f /var/log/syslog sudo usermod -aG adm {username}
-
The user can then log in using
ssh {username}@ethvoter.thedao.fund
-
The user can change their password using the command
passwd
sudo apt-get -y install apache2
You can now browse http://ethvoter.thedao.fund/.
The webpages can be customised on the virtual server in the directory /var/www/html/
.
# Set hostname to "ethvoter"
sudo hostname ethvoter
- Nov 11 2017 BK Renaming from ethvoter to EthDevSwamp
Update /etc/hosts
and /etc/hostname
to make the change above survive reboots
$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 ethvoter.members.linode.com ethvoter
...
$ cat /etc/hostname
ethvoter
- Nov 11 2017 BK Renaming from ethvoter to EthDevSwamp
Backup user passwords and groups, just because it took so long to setup.
# usually you wouldn't do this as this sensitive data, another source of leaks
$ tar cjvf user_state.tar.bz2 /etc/group /etc/shadow /etc/gshadow /etc/passwd
# scp it off to somewhere that's not this server
$ scp user_state.tar.bz2 USER@remote_server:.
Disable root
login
$ sudo vi /etc/ssh/sshd_config
...
PermitRootLogin no
...
# Reload sshd daemon for the new settings to take effect
$ sudo systemctl reload sshd
Killing processes
If process doesn't shutdown as expected, kill it with pkill
use ps -ef or some equivalent to see what processes are still running
$ pkill 'program name'
$ ps -ef | grep 'program name'
If the program doesn't die or will not exit then use pkill -9
Don't use -9 unless necessary, it doesn't give programs a chance to do internal cleanup.
NOTE. We were using the Parity node software to set up a connection to the Ethereum blockchain. On Sep 18 2017, the node
has been switched to using geth
.
From https://github.com/paritytech/parity/releases, download the Linux x86_64 .deb file. For example:
$ wget http://parity-downloads-mirror.parity.io/v1.7.0/x86_64-unknown-linux-gnu/parity_1.7.0_amd64.deb
$ sudo apt install ./parity_1.7.0_amd64.deb
$ which parity
/usr/bin/parity
We will use the systemd service framework
$ vi /etc/systemd/system/parity.service
[Unit]
Description=Parity
[Service]
Type=simple
User=parity
Restart=always
# Mainnet
# ExecStart=/usr/bin/parity --warp --port 30303 --jsonrpc-port 8545 --no-dapps --no-ui
# Ropsten
ExecStart=/usr/bin/parity --chain ropsten --warp --port 30303 --jsonrpc-port 8545 --no-dapps --no-ui
[Install]
WantedBy=default.target
# Start service
sudo systemctl start parity
# Stop service
sudo systemctl stop parity
# View all logs
sudo journalctl -u parity
# Tail log
sudo journalctl -f -u parity
In order to send transactions from this Parity node, the personal API has to be enabled. We will leave the personal API off by default for this node to reduce the security risk.
-
Stop the system Parity service
$ sudo systemctl stop parity
-
Switch to the
parity
usersudo su - {enter your password} root@ethvoter:~# su - parity parity@ethvoter:~$
-
Start Parity with the personal API:
parity@ethvoter:~$ parity --chain ropsten --jsonrpc-port 8545 --jsonrpc-apis "web3,eth,net,parity,traces,rpc,personal"
-
In a separate window, run
geth
and note that the personal module is enabled:$ geth attach rpc:http://localhost:8545 ... modules: eth:1.0 net:1.0 parity:1.0 personal:1.0 rpc:1.0 traces:1.0 web3:1.0 ...
-
To create a new account (once off):
> personal.newAccount("{password}") "0x74ed6eb23c21403d7a00bf388a2ec691b98ba8ed" > eth.accounts ["0x74ed6eb23c21403d7a00bf388a2ec691b98ba8ed"]
-
In between, I've transferred 200 RtETH to the new account
> web3.fromWei(eth.getBalance(eth.accounts[0]), "ether") 200
-
To unlock the main account:
> personal.unlockAccount(eth.accounts[0], "{password}") true
-
Exit
geth
withControl-D
-
Back in the window where you manually started Parity, type Control-C to terminate Parity, then start the Parity system service
$ sudo systemctl stop parity
We will be using Go Ethereum (geth
) as a command line JavaScript console.
As of Sep 18 2017, this node is running the geth
service on the Ropsten testnet.
From https://github.com/ethereum/go-ethereum/wiki/Installation-Instructions-for-Ubuntu:
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository -y ppa:ethereum/ethereum
$ sudo apt-get update
$ sudo apt-get install ethereum
$ which geth
/usr/bin/geth
We will use the systemd service framework
$ vi /etc/systemd/system/parity.service
[Unit]
Description=Geth
[Service]
Type=simple
User=geth
Restart=always
# Mainnet
# ExecStart=/usr/bin/geth --rpc
# Ropsten
ExecStart=/usr/bin/geth --testnet --fast --rpc --rpcapi "eth,net,web3,debug,personal" --bootnodes "enode://20c9ad97c081d63397d7b685a412227a40e23c8bdc6688c6f37e97cfbc22d2b4d1db1510d8f61e6a8866ad7f0e17c02b14182d37ea7c3c8b9c2683aeb6b733a1@52.169.14.227:30303,enode://6ce05930c72abc632c58e2e4324f7c7ea478cec0ed4fa2528982cf34483094e9cbc9216e7aa349691242576d552a2a56aaeae426c5303ded677ce455ba1acd9d@13.84.180.240:30303"
[Install]
WantedBy=default.target
# Start service
sudo systemctl start geth
# Stop service
sudo systemctl stop geth
# View all logs
sudo journalctl -u geth
# Tail log
sudo journalctl -f -u geth
geth attach rpc:http://localhost:8545
> eth.syncing
{
currentBlock: 1246169,
highestBlock: 1671614,
startingBlock: 0,
warpChunksAmount: null,
warpChunksProcessed: null
}
> eth.blockNumber
1246490
> eth.getBlock("latest")
{
author: "0x007bd4ee4528cc703e779aa5ae01cb433e771b1e",
difficulty: 526071604,
extraData: "0xd5830106088650617269747986312e31372e30826c69",
gasLimit: 4704624,
gasUsed: 93773,
hash: "0x61344fa9100bcd7bc06f3f9527f6e44e51bd8f687d041e9bf330841deb991145",
logsBloom: "0x00000000000000000000000000000000000000000000000000000004000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000008000000040000000008000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000800000000000000000000000000000000000000000000100000000000001000000000000000000000000000000000000000000000000000000000002000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000",
miner: "0x007bd4ee4528cc703e779aa5ae01cb433e771b1e",
mixHash: "0x29cdc2a36fb407470f096ce889b149e63e1983ce1b18c9a85c899667a31756ac",
nonce: "0x689f4466087eddda",
number: 1246768,
parentHash: "0x450995985c777bc9b92d3ba0195c1198b0e3143a35422d16e7baa56fa377f14c",
receiptsRoot: "0xb1d1aebbdde4a34776fb7942438893d66b2bac49b55f6455e227dfc62e1d8565",
sealFields: ["0xa029cdc2a36fb407470f096ce889b149e63e1983ce1b18c9a85c899667a31756ac", "0x88689f4466087eddda"],
sha3Uncles: "0x1dcc4de8dec75d7aab85b567b6ccd41ad312451b948a7413f0a142fd40d49347",
size: 942,
stateRoot: "0x5236ca80f66cc5635cbda2e877e27eca8c2bf00a6333981052d302598a0ffe7b",
timestamp: 1499306308,
totalDifficulty: 849573643257611,
transactions: ["0x06af7c91ad06a5a3279dd11eb55f3b6def28443eaeebb8cb471d837d347a494a", "0xc3f24371335bfabd176e06932b0715c54af8746d421e69d3b77d0d1a1c79863e", "0xcf95bd9af08368a24269d370c251690c8217b0e904334689afe549336759c223"],
transactionsRoot: "0x7daab3610008c0eb12726113fb1fdfd6237ad5d5d9bf783e19316dcb652fe517",
uncles: []
}
> eth.syncing
false
> eth.blockNumber
4272289
> eth.getBlock("latest")
{
author: "0x829bd824b016326a401d083b33d092293333a830",
difficulty: 2288477945824471,
extraData: "0xe4b883e5bda9e7a59ee4bb99e9b1bc",
gasLimit: 6738666,
gasUsed: 4148659,
hash: "0x5fe0743e95339fbcb5df38f6b9b5178508b08aee9787559918f7e0a1092e90b3",
logsBloom: "0x2140...4000",
miner: "0x829bd824b016326a401d083b33d092293333a830",
mixHash: "0x0cfd9216c0174a9991a0bcc6186f1cf2f1a6711e015b55873bd1a159a7a27f51",
nonce: "0x4306bf140450c273",
number: 4272289,
parentHash: "0x8bd3d9d2fedac89b413010f7211770c72adbab2d42df14e5afb4573e4a70755e",
receiptsRoot: "0xc947de7603468b520c5da43780cd0f70bdfad63a1b2bbaa67321ebd7b4a32793",
sealFields: ["0xa00cfd9216c0174a9991a0bcc6186f1cf2f1a6711e015b55873bd1a159a7a27f51", "0x884306bf140450c273"],
sha3Uncles: "0x1dcc4de8dec75d7aab85b567b6ccd41ad312451b948a7413f0a142fd40d49347",
size: 19088,
stateRoot: "0xa6a684968f1cea57435cfab9ccd4c5004928bf5c8738b7557a09ecf30819eb0b",
timestamp: 1505373561,
totalDifficulty: 927392860016645793913,
transactions: ["0x9c9370a5edd5d448f21f2d870cb3202505fda016a94325def3bc6204a2f36c90", "0x250c25860a681b286ac2c6f55ffd19a851fddefbefcf1aa5d7bb36a286d2f536", "0xe747a0e320df4b5e5616ca6e547ff425520cf9b6c7bacb8776580800106df727", ..., "0x8923499cf9abe9f46696cbc89cadb2f7ee561c1feaff5f125c3ca757636e2c86"],
transactionsRoot: "0x291f1259aa7970b9194cfc922ec508d6370195899d217813f01c91c25e26f4a7",
uncles: []
}
See:
- How To Create a Self-Signed SSL Certificate for Apache in Ubuntu 16.04 Ignore the self-signed SSL certificate in this article as the Let's Encrypt certificate will be installed in the next step
- How To Secure Apache with Let's Encrypt on Ubuntu 16.04
- How To Setup a Firewall with UFW on an Ubuntu and Debian Cloud Server
- Nov 11 2017 -
# sudo certbot --apache -d ethvoter.thedao.fund -d www.EtherDevSwamp.org -d EtherDevSwamp.org
Enjoy. (c) BokkyPooBah / Bok Consulting Pty Ltd and other contributors - 2018. The MIT Licence.