⚠️ This post is archived from my phlog in Gopherspace. Please read my post on the Gopher Protocol to get started!
Actually own your BTC by running bitcoind on your (Debian, Linux) server.
This is in preperation for another project I’m working on, too.
I like to use the prune
Installing Bitcoin Core on Debian
Install the depends:
sudo apt update
sudo apt install software-properties-common
sudo apt install wget gpg
Download from the official Bitcoin Core website: https://bitcoincore.org/en/download/
Verify the download using GPG to ensure it wasn’t tampered with.
export VERSION="28.0"
wget "https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS"
wget "https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS.asc"
wget "https://bitcoincore.org/bin/bitcoin-core-${VERSION}/bitcoin-${VERSION}-x86_64-linux-gnu.tar.gz"
sha256sum --ignore-missing --check SHA256SUMS
To go further with verification, namely to find an author to trust and verify the GPG signature, read the instructions on the Bitcoin Core website.
https://bitcoincore.org/en/download/
tar -xvf "bitcoin-${VERSION}-x86_64-linux-gnu.tar.gz"
cd "bitcoin-${VERSION}"
Copy binaries:
sudo install -m 0755 -o root -g root -t /usr/local/bin bin/*
Create the data dir:
mkdir -p ~/.bitcoin
Configuring
Edit ~/.bitcoin/bitcoin.conf:
# Run as a server
server=1
# Enable pruning (size in MB)
prune=550
# RPC username and password (set these to something secure)
rpcuser=yourusername
rpcpassword=yoursecurepassword
# Reduce disk space and bandwidth usage
maxconnections=20
# Optionally, run only on Tor for enhanced privacy
onlynet=onion
proxy=127.0.0.1:9050
# Enable logging (optional)
debug=1
First run
Run as background daemon:
bitcoind -daemon
Monitor sync process:
bitcoin-cli getblockchaininfo
Autostart with systemd
Create systemd service file:
sudo vi /etc/systemd/system/bitcoind.service
Service file contents (use YOUR username):
# Install this in /etc/systemd/system/
# See below for more details and options
# https://raw.githubusercontent.com-/bitcoin/bitcoin/76deb30550b2492f9c8d9f0302da32025166e0c5/contrib/init/bitcoind.service
# Then run following to always start:
# systemctl enable bitcoind
#
# and the following to start immediately:
# systemctl start bitcoind
[Unit]
Description=Bitcoin daemon
After=network.target
[Service]
ExecStart=/usr/local/bin/bitcoind-start.sh
TimeoutStartSec=600
# Process management
####################
Type=forking
PIDFile=/home/baudrillard/.bitcoin/bitcoind.pid
Restart=on-failure
# Directory creation and permissions
####################################
# Run as bitcoin:bitcoin or <youruser>
User=youruser
Group=youruser
# Hardening measures
####################
# Provide a private /tmp and /var/tmp.
PrivateTmp=true
# Use a new /dev namespace only populated with API pseudo devices
# such as /dev/null, /dev/zero and /dev/random.
PrivateDevices=true
# Deny the creation of writable and executable memory mappings.
MemoryDenyWriteExecute=true
[Install]
WantedBy=multi-user.target
Create script and set the permissions:
sudo vi /usr/local/bin/bitcoind-start.sh
The file:
#!/bin/bash
# Just a simple wrapper to start bitcoind.
#
# If using systemd, simply create a file (e.g. /etc/systemd/system/bitcoind.service)
# from example file below and add this script in ExecStart.
# https://raw.githubusercontent.com-/bitcoin/bitcoin/76deb30550b2492f9c8d9f0302da32025166e0c5/contrib/init/bitcoind.service
#
# Then run following to always start:
# systemctl enable bitcoind
#
# and the following to start immediately:
# systemctl start bitcoind
# If you are mounting a secondary disk, find the UUID of your
# disk and a line entry in /etc/fstab e.g.
#
# UUID=foo-bar-1234 /path-to-dir/.bitcoin ext4 defaults 0 0
set -e
# Let's wait for 30 seconds in case other processes need to come up first.
sleep 30
echo "Starting bitcoind..."
bitcoind --daemon --server -pid=/home/baudrillard/.bitcoin/bitcoind.pid -conf=/home/baudrillard/.bitcoin/bitcoin.conf
echo "Done!"
sudo chmod +x /usr/local/bin/bitcoind-start.sh
Enable:
sudo systemctl enable bitcoind
sudo systemctl start bitcoind
sudo systemctl status bitcoind
Check logs too:
sudo journalctl -u bitcoind.service
Wallet setup
See which wallets are available:
% bitcoin-cli listwallets
[
]
I have none, so I’ll create one and encrypt it:
bitcoin-cli createwallet "main_2024-11-23" false false "your-strong-passphrase" false true true false
Check new wallet status:
bitcoin-cli -rpcwallet="main_2024-11-23" getwalletinfo
Ensure it’s added to startup in ~/.bitcoin/bitcoin.conf:
wallet=main_2024-11-23
To ensure the wallet starts on startup:
sudo systemctl restart bitcoind
bitcoin-cli listwallets
Also check to make sure the wallet is actually encrypted, with a bogus password:
bitcoin-cli -rpcwallet="main_2024-11-23" walletpassphrase "asdf" 10
Backup your wallet
Create /home/baudrillard/.bitcoin/backups.
Let’s create this backup script below ~/.bitcoin/backup_script.sh:
#!/bin/bash
# Backup bitcoin
timestamp=$(date +"%Y-%m-%d_%H-%M-%S")
backup_dir="/home/baudrillard/.bitcoin/backups"
wallet_name="main_2024-11-23"
backup_file="${backup_dir}/${wallet_name}_backup_${timestamp}.dat"
mkdir -p "${backup_dir}" && bitcoin-cli -rpcwallet="${wallet_name}" backupwallet "${backup_file}"
find "${backup_dir}" -name "${wallet_name}_backup_*.dat" -type f | sort | head -n -5 | xargs -r rm -f
Mark as executable chmod +x ~/.bitcoin/backup_script.sh and also add to user cron weekly backup (crontab -e):
0 2 * * 0 /home/baudrillard/.bitcoin/backup_script.sh
Be sure to actually try running this backup script and test if the backup is valid:
bitcoind -datadir=/tmp/bitcoin-test -daemon && sleep 5 && bitcoin-cli -datadir=/tmp/bitcoin-test loadwallet "/path/to/backup/wallet.dat" && bitcoin-cli -datadir=/tmp/bitcoin-test getwalletinfo && bitcoin-cli -datadir=/tmp/bitcoin-test stop
Basic usage
Mining
Original content in gopherspace: gopher://gopher.someodd.zip:70/0/phlog/bitcoin-server.gopher.txt