The 'Participation Plugin' is released as part of the upgrade to Hornet 1.1.0
If you wish to enable the plugin (disabled dy default) and have used SWARM then do this in SWARM:
Hornet menu, Hornet configurations, Hornet configuration, Enable plugins

Installing an Iota Hornet node on a Netcup virtual server using SWARM

last change to this doc - 11 Dec 2021

NB TangleDust.com is not an 'official' Iota site but see below for lots of Iota official links. Please note also that Hornet is regularly being updated so these instructions may be out of date. See the official Iota Wiki for the latest and best information. If you want to give feedback then the author of these notes is @dumdave on the Iota Discord server.

If you wish to contribute to the preparation and improvement of this guide and others coming on the TangleDust.com website then please demonstrate the efficiency of the Iota network by donating 2 or 3 Mi to this Iota address, but remember that most credit should go to the clever creators of SWARM, and of Hornet itself, not the maker of a guide to using SWARM!

iota1qp2fgd7nn00x09lnru7lzya3a72khuqrw25yafc3ehhuz2ucykpgk8m0hum

Iota Hornet and Iota Bee nodes

An Iota node is software that runs on a server and is connected to the internet. It maintains a database recording the state of the Iota network and it gives access for transactions on that network. Some transactions are just simple data messages, some transactions are financial using the Miota token that has a value and may be purchased at exchanges.

Hornet and Bee both carry out the same function. They are connected to the existing Iota network. Bee is designed for use on smaller devices (maybe a Raspberry PI) and Hornet is designed primarily for relatively more powerful servers. Note that all Iota servers use comparatively inexpensive hardware, certainly as compared to those needed for many 'crypto' networks.

There is another node, Goshimmer, which is connected to the future Iota network, but these notes concern themselves only with the existing network, and in particular the Hornet node. If you wish to install Goshimmer then please see the guide elsewhere on this site.

Guide 1. Notes on installing an Iota Goshimmer Node with SWARM
Guide 2. Notes on installing an Iota Bee Node with SWARM
Guide 3. Notes on installing an Iota Wasp Node with SWARM

SWARM Script

SWARM is an interactive shell script written using 'whiptail'. This provides a user-friendly menu to perform virtually all of the necessary actions. it is produced by TangleBay. For interest, you can see their Github at the following address, though please follow the guide below for installation etc.

Please note that SWARM can also install the two other Iota nodes, Goshimmer and Bee, as well as Wasp which is for Iota Smart Contracts.

github.com/TangleBay/swarm

Support by Iota and TangleBay

If you are planning to install an Iota node then you are strongly advised to join the Iota Discord which has channels covering each and every aspect of the Iota project and hundreds of enthusiastic members who will give you advice. Tanglebay also has a Discord for more specific issues to do with SWARM - they also offer other useful services. The Iota website is also a good starting point.

www.iota.org

Netcup Virtual Server

These notes are based on an installation on a Netcup virtual server running Ubuntu, but obviously are applicable to other similar server setups. Why Netcup, located in Karlsruhe, Germany? The cost for a one year contract was Euro 72.61 (including VAT) as at Oct 2021 - about £62.

www.netcup.eu/vserver/vps.php


Netcup virtual server offering

You may find the process of ordering a little different because of their 'know your customer' procedures. So (a) place your order online. Be sure to complete all of the requested details inc. phone numbers. (b) be contacted while they check who you are. (c) receive an invoice and access to your Customer Control Panel (d) pay the invoice (e) get access to your Server Control Panel. They are quite used to dealing with English speakers so no need to brush up on your German first. All interfaces are naturally available in English!

NB The Server Control Panel is also useful later if you need to reboot the server because you cannot get access. It has a Powercycle option that does the trick! Use the Control option on the left menu.

Netcup Server Control Panel

Installing Ubuntu is trivial. Select the server, go to Media on the lefthand menu then Images on the top menu. On the main screen select the Distribution 'Ubuntu 20.04 LTS' then follow the menu options.

There are many steps needed after that to set up a secure SSH connection, but notes on that are available in many places. These notes continue on from a situation where SSH has already been setup

Uncomplicated Firewall

One thing that is worth mentioning is the need for a firewall, in this case 'ufw'. The key commands at the Terminal are in this form:

sudo apt install ufw => the installation

sudo ufw status => see which ports are allowed and disallowed

sudo ufw allow 22/tcp => or just sudo ufw allow 22 (or deny)

The Iota Wiki has various information for ports for Hornet, so please check whether the information below is correct there.

hornet.docs.iota.org/post_installation/post_installation

p2p: 15600

autopeering: 14626

80/tcp

NB If you are using the reverse proxy (see below) with Hornet on port 444 then that also needs to be open.

Installing SWARM

Check with the SWARM Github site Readme for the latest information if in doubt. That currently suggests using:

curl -sL https://raw.githubusercontent.com/tanglebay/swarm/master/installer.sh | sudo bash -

After that, simply typing 'swarm' (quote marks not needed) at any time in Terminal while connected to your server should trigger the script and give you the menu below. Just use the arrow keys and Enter to navigate around. To exit a screen usually you use right arrow to get to Cancel and then press Enter.

Note that this is v0.9.9 but you can expect SWARM to be rapidly evolving. The first option on the main menu 'SWARM Menu' and then option 4 for 'Manage SWARM' allows you to update it as necessary.

SWARM Main Menu

Installing an Iota Hornet Node using SWARM

As these notes are concerned with installing an Iota Hornet node, select 2 on the front page of the SWARM Menu to get to this:

SWARM Hornet Menu

The first step is to Install Hornet, so select option 4 to get to this menu.

SWARM Hornet Install Menu

Finally, select Option 2 to trigger the installation of Hornet. Once that is done, back at the Hornet menu shown above select option 1 'Hornet Info' which should confirm that there is now a running Hornet installation by showing a screen like this one - though this one has been running for a while so you may have to wait for your node to synchronise etc.

SWARM Hornet Info screen

The Iota Hornet Dashboard

Although it cannot be accessed easily yet on a remote server, it is worth looking at the Iota Hornet dashboard to show why it is useful. There is usually a login screen first, which looks like this:

Hornet dashboard 1



Once logged in there are a lot more options and information screens.

Hornet dashboard 1



Setting up Reverse Proxy with SWARM

If you plan to set up other Iota nodes like Bee and Goshimmer then it is best to set up their Reverse Proxy at the same time as the Hornet one. SWARM goes through a process that includes using 'letsencrypt' to set up the SSL certificate for the domain you are using, which it ideally only needs to do once if you are using a single host name as below.

For example, if the Netcup setup being used for these notes was given the host name: v2202110158313xxxxxx.ultrasrv.de and if Bee, Hornet, Goshimmer and Wasp were setup on the server they could be accessed by different ports as below.

In other words, the reverse proxy needs to use just the port number to distinguish where to redirect to. More information on this is below, but SWARM will arrange it all with no further input once you have supplied your choice of port numbers and told it the host name.

Hornet dashboard: https://v2202110158313xxxxxx.ultrasrv.de:444/dashboard

Bee dashboard: https://v2202110158313xxxxxx.ultrasrv.de:445/dashboard

Wasp dashboard: https://v2202110158313xxxxxx.ultrasrv.de:446/dashboard

Goshimmer dashboard: https://v2202110158313xxxxxx.ultrasrv.de:447/dashboard

NB If you are installing Wasp then there will be a 5th port needed for the Wasp API (e.g. 448)

Returning to SWARM, from the home page of the menu, select Proxy Menu. Be sure to have listed a port number for each of the items that you plan to install. If it is only Hornet then you need only one port number.

SWARM Reverse Proxy

IMPORTANT. You first need to configure the port settings before you deploy the reverse proxy, so be sure to first select Option 2 as below.

SWARM Configure Proxy

That takes you to this page, where you repeat the same procedure for any item you have installed or plan to install

SWARM Configure Proxy Hornet

For example, for Hornet you have this menu page which asks you in turn for the Hornet domain and the Hornet port. In this case the domain is: v2202110158313xxxxxx.ultrasrv.de and the port is:444

SWARM Configure Proxy Hornet settings

Note that there is also a Proxy Settings option for the Landing Page - which is where SWARM can install the following. Note that it is dynamic with three options: Green=active Red=inactive Grey=not installed. Clicking on any of the images should take you to the Dashboard of the relevant node.

SWARM Landing Page 1

Deploying the Reverse Proxy

Now that you have entered the port settings etc, the reverse proxy can be deployed by SWARM. It uses 'nginx' for which the docs are here if you need to dig into what is happening. Further below there is more detail on the relevant files used etc but be aware that if you use SWARM it will reset any changes you make to fit the settings you entered through SWARM.

https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/

Returning to the SWARM menu, select 4 for the Proxy Installer as in the screen below.

SWARM Proxy Installer

You then have a menu to select the actual install. If all goes well then this should run and do several things. (a) Get an SSL certificate, (b) Run nginx and set up the reverse proxy by putting files into the /etc/nginx/sites-enabled folder, (c) Set up a landing page to make it easy to navigate between the nodes and to monitor their condition.

SWARM Proxy Installer page 2

Congratulations. You should now have access to the dashboard of your Hornet node. There is some more useful information below on the config.json file and the nginx reverse proxy files, but there is also one more useful area of SWARM to note.

SWARM Watchdog

Watchdogs are used to monitor if a system is running and to take appropriate action if not. SWARM implements a watchdog system. Go to the SWARM menu home page and select 1 then you should find the following screen where you select 2 to Configure SWARM.

Configure SWARM page

This page lets you decide whether to enable or disable Watchdog, and if you do enable it then to decide on the settings you'd prefer for various aspects of the installation. It is a very powerful tool so it is wise to spend a little time looking around here, particularly if you wish to make edits of some settings and do not want SWARM resetting them for you.

Configure SWARM Watchdog

This is a typical Watchdog 'info' page on SWARM v0.9.9 which shows just how much Watchdog is able to do.

Typical SWARM Watchdog info

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

End notes on Iota Hornet Node Installation with SWARM

IMPORTANT. DO NOT MAKE CHANGES DIRECTLY TO THE CONFIG FILE IF USING SWARM - SWARM WILL USUALLY OVERRIDE THEM

The Hornet Config.json file

The config file for the installation of Hornet is at: /var/lib/hornet. The config file looks like this (NB various random changes made to seeds, keys etc out of habit so do not rely on those). Note that the dashboard is on local port 8081, relevant for the nginx reverse proxy file lower down.

 
{
  "restAPI": {
    "bindAddress": "0.0.0.0:14265",
    "jwtAuth": {
      "enabled": false,
      "salt": "HORNET"
    },
    "excludeHealthCheckFromAuth": false,
    "permittedRoutes": [
      "/health",
      "/mqtt",
      "/api/v1/info",
      "/api/v1/tips",
      "/api/v1/messages/:messageID",
      "/api/v1/messages/:messageID/metadata",
      "/api/v1/messages/:messageID/raw",
      "/api/v1/messages/:messageID/children",
      "/api/v1/messages",
      "/api/v1/transactions/:transactionID/included-message",
      "/api/v1/milestones/:milestoneIndex",
      "/api/v1/milestones/:milestoneIndex/utxo-changes",
      "/api/v1/outputs/:outputID",
      "/api/v1/addresses/:address",
      "/api/v1/addresses/:address/outputs",
      "/api/v1/addresses/ed25519/:address",
      "/api/v1/addresses/ed25519/:address/outputs",
      "/api/v1/treasury"
    ],
    "whitelistedAddresses": [
      "127.0.0.1",
      "::1"
    ],
    "powEnabled": true,
    "powWorkerCount": 1,
    "limits": {
      "bodyLength": "1M",
      "maxResults": 1000
    }
  },
  "dashboard": {
    "bindAddress": "localhost:8081",
    "dev": false,
    "auth": {
      "sessionTimeout": "72h",
      "username": "notReallyme",
      "passwordHash": "6ecee1171010b9dd68464d9ea4gylVVesecd129e7ed66f1715a7",
      "passwordSalt": "48471099fc98d4dsƒhgbbbvfdd391e640cf10a1d602ceae49e"
    }
  },
  "db": {
    "engine": "rocksdb",
    "path": "mainnetdb",
    "autoRevalidation": false
  },
   "snapshots": {
    "depth": 50,
    "interval": 8640,
    "fullPath": "snapshots/mainnet/full_snapshot.bin",
    "deltaPath": "snapshots/mainnet/delta_snapshot.bin",
    "deltaSizeThresholdPercentage": 50,
    "downloadURLs": [
      {
        "full": "https://chrysalis-dbfiles.iota.org/snapshots/hornet/latest-full_snapshot.bin",
        "delta": "https://chrysalis-dbfiles.iota.org/snapshots/hornet/latest-delta_snapshot.bin"
      },
      {
        "full": "https://cdn.tanglebay.com/snapshots/mainnet/full_snapshot.bin",
        "delta": "https://cdn.tanglebay.com/snapshots/mainnet/delta_snapshot.bin"
      }
    ]
  },
  "pruning": {
    "milestones": {
      "enabled": false,
      "maxMilestonesToKeep": 60480
    },
        "size": {
      "enabled": true,
      "targetSize": "142GB",
      "thresholdPercentage": 10,
      "cooldownTime": "5m"
    },
    "pruneReceipts": false
  },
  "protocol": {
    "networkID": "chrysalis-mainnet",
    "bech32HRP": "iota",
    "minPoWScore": 4000,
    "milestonePublicKeyCount": 2,
    "publicKeyRanges": [
      {
        "key": "a9b46fe743df7kodV0c95449d75bed3aafd65e4cd",
        "start": 0,
        "end": 777600
      },
      {
        "key": "365fb85e7568b9b3YHnad32d77beaf5dd9e84c6ba",
        "start": 0,
        "end": 1555200
      },
      {
        "key": "ba6d07d1a1aea969e7e435fYUngf855dba7f2a57e947",
        "start": 552960,
        "end": 2108160
      },
     {
        "key": "760d88e112c0fd210cYHTRfb9646cabb2e13e367569",
        "start": 1333460,
        "end": 2888660
      },
      {
        "key": "7bac2209b576ea223553935YHT663c760449e65eba9f8a6e7",
        "start": 2111060,
        "end": 3666260
      },
      {
        "key": "edd9c639a7193UJY53460b7d476dd87fc949c0e8df516f9954",
        "start": 2888660,
        "end": 4443860
      }
    ]
  },
  "pow": {
    "refreshTipsInterval": "5s"
  },
  "requests": {
    "discardOlderThan": "15s",
    "pendingReEnqueueInterval": "5s"
  },
   "receipts": {
    "backup": {
      "enabled": false,
      "path": "receipts"
    },
    "validator": {
      "validate": false,
      "ignoreSoftErrors": false,
      "api": {
        "address": "http://localhost:14266",
        "timeout": "5s"
      },
      "coordinator": {
        "address": "UDYXTZBE9GZGPM9SSQV9LTZNDLJIfQWvPVBLIEUHLSEWFTKZZLXYRHC9D9UZWZ",
        "merkleTreeDepth": 24
      }
    }
  },
  "tangle": {
    "milestoneTimeout": "30s"
  },
  "tipsel": {
    "maxDeltaMsgYoungestConeRootIndexToCMI": 8,
    "maxDeltaMsgOldestConeRootIndexToCMI": 13,
    "belowMaxDepth": 15,
    "nonLazy": {
      "retentionRulesTipsLimit": 100,
      "maxReferencedTipAge": "3s",
      "maxChildren": 30,
     "spammerTipsThreshold": 0
    },
    "semiLazy": {
      "retentionRulesTipsLimit": 20,
      "maxReferencedTipAge": "3s",
      "maxChildren": 2,
      "spammerTipsThreshold": 30
    }
  },
  "node": {
    "alias": "HORNET",
    "profile": "auto",
    "disablePlugins": [],
    "enablePlugins": [
      "autopeering"
    ]
  },
  "p2p": {
    "bindMultiAddresses": [
      "/ip4/0.0.0.0/tcp/15600",
      "/ip6/::/tcp/15600"
    ],
    "connectionManager": {
      "highWatermark": 10,
      "lowWatermark": 5
    },
    "gossip": {
      "unknownPeersLimit": 2,
     "streamReadTimeout": "1m0s",
      "streamWriteTimeout": "10s"
    },
    "db": {
      "path": "p2pstore"
    },
    "reconnectInterval": "30s",
    "autopeering": {
      "bindAddress": "0.0.0.0:14626",
      "entryNodes": [
        "/dns/vvvfff.ch/udp/14826/autopeering/4H6WV54tB29u8xCcEaMGQMn37LFvM1ynNpp27TTXaqNM",
        "/dns/entry-hornet-0.h.chrysalis-mainnet.iotaledger.net/udp/14626/autopeering/iotaPHdAnddeBnXtikZM>
        "/dns/entry-hornet-1.h.chrysalis-mainnet.iotaledger.net/udp/14626/autopeering/iotaJdqwCQvv1A61coSQ>
        "/dns/entry-mainnet.tanglebay.com/udp/14626/autopeering/iot4By1FD4pFLrGJ6AAe7YEeSSWcoPW9xnPUmxMdQe"
      ],
      "entryNodesPreferIPv6": false,
      "runAsEntryNode": false
    }
  },
  "logger": {
    "level": "info",
    "disableCaller": true,
    "encoding": "console",
    "outputPaths": [
      "stdout"
    ]
  },
   "warpsync": {
    "advancementRange": 150
  },
  "spammer": {
    "message": "IOTA - top network",
    "index": "HORNET Site Spammer",
    "indexSemiLazy": "HORNET Spammer Semi-Lazy",
    "cpuMaxUsage": 0.8,
    "mpsRateLimit": 0,
    "workers": 0,
    "autostart": false
  },
  "faucet": {
    "amount": 10000000,
    "smallAmount": 1000000,
    "maxAddressBalance": 20000000,
    "maxOutputCount": 127,
    "indexationMessage": "HORNET FAUCET",
    "batchTimeout": "2s",
    "powWorkerCount": 0,
    "website": {
      "bindAddress": "localhost:8091",
      "enabled": true
    }
  },
  "mqtt": {
    "bindAddress": "0.0.0.0:1883",
        "wsPort": 1888,
    "workerCount": 100
  },
  "profiling": {
    "bindAddress": "localhost:6060"
  },
  "prometheus": {
    "bindAddress": "localhost:9311",
    "fileServiceDiscovery": {
      "enabled": false,
      "path": "target.json",
      "target": "localhost:9311"
    },
    "databaseMetrics": true,
    "nodeMetrics": true,
    "gossipMetrics": true,
    "cachesMetrics": true,
    "restAPIMetrics": true,
    "migrationMetrics": true,
    "coordinatorMetrics": true,
    "debugMetrics": false,
    "goMetrics": false,
    "processMetrics": false,
    "promhttpMetrics": false
  },
  "debug": {
    "whiteFlagParentsSolidTimeout": "2s"
  }
}
                

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



IMPORTANT. DO NOT MAKE CHANGES DIRECTLY TO THE REVERSE PROXY FILE IF USING SWARM - SWARM WILL USUALLY OVERRIDE THEM

The Hornet Reverse Proxy File

As described above, the reverse proxy setup by SWARM uses nginx so the files are in: /etc/nginx/sites-enabled where there is one for each different port setting on the main domain. If you have all of the nodes set by SWARM then it will contain all of these

bee default goshimmer hornet wasp-api wasp-dashboard

An example Hornet file is below with a few lines removed to make the remainder clearer. Notice that at the top there is the domain name, and at the bottom it is listening on port 444 which was defined earlier in SWARM as the Hornet reverse proxy port. The next most important areas are the 'location' sections. The one with 'dashboard' in does a 'proxy pass' to local port 8081. That was the port set in the config.json file above for the dashboard.

Also see the third location section which redirects the default request on port 444 to the SWARM landing page at /var/www/html/swarm-nodes/ NB This one may not be in the SWARM settings

server {
        server_name v2202110158313xxxxxx.ultrasrv.de;

        server_tokens off;
        ssl_session_cache shared:SSL:32m;
        add_header Strict-Transport-Security 'max-age=63072000; includeSubdomains' always;
        add_header X-Content-Type-Options "nosniff";
        add_header X-XSS-Protection "1; mode=block";
        add_header Access-Control-Allow-Origin $http_origin;
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,U>
        add_header 'Access-Control-Allow-Methods' 'GET,HEAD,PUT,PATCH,POST,DELETE';
        proxy_headers_hash_max_size 512;
        proxy_headers_hash_bucket_size 128;

        location /health {
                auth_basic off;
                proxy_pass http://localhost:14265/health;
                proxy_pass_request_headers on;
                proxy_set_header        Host $host;
                proxy_set_header        X-Real-IP $remote_addr;
                proxy_set_header        X-Forwarded-Port  $server_port;
        }
       location ~ ^/api/v1/(info|tips|messages|treasury|transactions|milestones|outputs|addresses) {
                auth_basic off;
                proxy_pass http://localhost:14265;
                default_type  application/json;
                proxy_pass_request_headers on;
                proxy_set_header        X-Forwarded-Host  $host;
                proxy_set_header        X-Forwarded-Port  $server_port;
        }

        location ~ ^/(static|auth|branding|ws|dashboard|explorer|visualizer|analytics|peers|settings) {
                proxy_pass http://localhost:8081;
                proxy_http_version  1.1;
                proxy_cache_bypass  $http_upgrade;
                proxy_pass_request_headers on;
                proxy_set_header        X-Forwarded-Port  $server_port;
                proxy_set_header Connection "keep-alive";
        }

        location / {
                gzip off;
                alias /var/www/html/swarm-nodes/;
                index index.html;
                try_files $uri $uri/ =404;
        }

    listen [::]:444 ssl http2;
    listen 444 ssl http2;
    ssl_certificate /etc/letsencrypt/live/v2202110158313xxxxxx.ultrasrv.de/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/v2202110158313xxxxxx.ultrasrv.de/privkey.pem;
}


        

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

While you are here, why not also visit the main area of the TangleDust.com website. We are always keen to hear about more International projects to list.

Iota Smart Cities
Iota Identity and Trust
Iota Climate and eHealth
Iota Transport and Mobility