How To Deploy an Indra Node¶
Lets say you want to deploy an Indra payment node to
https://indra.example.com (we’ll call this url
First step: get a server via AWS or DigitalOcean or hardware at home. For best results, use the most recent LTS version of Ubuntu & make sure it has at least 32GB of disk space. If using DigitalOcean, make sure you toggle on the VPC network when instantiating a droplet. Note this new server’s IP address (we’ll call it
$SERVER_IP). Make sure it’s able to connect to the internet via ports 80, 443, 4221, and 4222 (no action required on DigitalOcean, Security Group config needs to be setup properly on AWS).
Set up DNS so that
$DOMAINNAME points to this server’s IP address. If you’re using CloudFlare name servers, turn on CloudFlare’s built-in SSL support & make sure it’s set to “Full (strict)”.
We won’t need to ssh into this server right away, most of the setup will be done locally. Start by cloning the repo to your local machine if you haven’t already and
cd into it.
git clone firstname.lastname@example.org:connext/indra.git cd indra
Every Indra node needs access to a hot wallet, you should generate a fresh mnemonic for your node’s wallet that isn’t used anywhere else. You can generate a new mnemonic from a node console with ethers by doing something like this:
require('ethers').Wallet.createRandom(). Alternatively, you can generate one here.
Save this mnemonic somewhere safe and copy it to your clipboard. From your local machine, run:
SSH_KEY=$HOME/.ssh/id_rsa bash ops/setup-ubuntu.sh $SERVER_IP
$HOME/.ssh/id_rsa is the default
SSH_KEY, if this is the key you’ll use to access
$SERVER_IP then you don’t need to supply it explicitly)
If this is a fresh Ubuntu server from DigitalOcean or AWS then the
ops/setup-ubuntu.sh script should ssh into your server using the specified ssh key and go through the following steps:
create & configure an “ubuntu” user and disable root login (if root login was enabled to begin with)
give an additional ssh public key login access if key specified by the
PUB_KEYenv var is available (defaults to
install docker & make & other dependencies
upgrade everything to the latest version
save your mnemonic in a docker secret called
Note: this script is idempotent aka you can run it over and over again w/out causing any problems. In fact, re-running it every month or so will help keep things up-to-date (you can skip inputting the mnemonic on subsequent runs).
For convenience’s sake, we recommend adding an entry to your ssh config to easily access this server. Add something that looks like the following to
Host new-indra Hostname $SERVER_IP User ubuntu IdentityFile ~/.ssh/id_rsa ServerAliveInterval 120
Now you can login to this server with just
We need to add a couple env vars before logging in and launching our indra node. We’ll be pulling from the public default prod-mode env vars in your local cloned repo & updating a couple as needed.
cp prod.env .env
Ensure you’ve added correct values for two important env vars:
INDRA_CHAIN_PROVIDERS env var is a tricky one, there is no default provided as it’s value depends entirely on which chains you want to support (if this env var is not provided, a local testnet will be started up & Indra will use this). The format is very specific: it must be valid JSON where the key is a chain id (eg
"4") and the value is that chain’s provider url (eg
"https://eth-rinkeby.alchemyapi.io/v2/abc123"). The double quotes within this env var must be preserved, this is accomplished most reliably by both single-quoting the env var value and escaping the double quotes with back slashes. When you’re done, you should have a line in your
.env file that looks something like this:
Upload the prod env vars to the indra server. If you’re using a custom address book, upload that too:
scp .env new-indra:~/indra/ scp address-book.json new-indra:~/indra/
Now, it’s finally time to login to your prod server using
ssh new-indra (or whichever host you’ve specified in your ssh config file).
Once you’ve ssh’d into your new server, run the following to launch your Indra node:
cd indra git checkout master # staging is the default branch. It's cutting edge but maybe buggy. make restart-prod
The above will download & run docker images associated with the commit/tag you have checked out. If you want to launch a specific version of indra, checkout that version’s tag & restart:
git checkout indra-7.3.8 && make restart-prod
Before you are able to start sending payments, you will have to make sure to properly collateralize your node. The signer address is available as
accounts off of your mnemonic and can also be found by querying the
/config endpoint under
signerAddress. Node’s should have collateral in all supported tokens, as well as sufficient eth to pay for all transactions from the wallet to the channels. By default, the supported token addresses will include ETH and the
Token address from the network context of your node (available in