Setup Private P12 Key
You are ready to setup your Node's wallet which will be done directly on our instance.
Instructions
Log into your node
From your local system, log into your cloud instance's terminal as nodeadmin using your Apple terminal, Window's PuTTY, or your terminal application of choice.
Update node
Bring our Node up to date
sudo apt -y update && sudo apt -y upgrade
You will be prompted for your nodeadmin password.
warning
Your screen will not react and your password will not show as you type.
Reminder: [...] in the output command examples means that there is a bunch of output that has been redacted to eliminate confusion.
[sudo] password for nodeadmin:
[...]
Create Tessellation directory
Create a directory in your user's home directory to hold some Tessellation files.
cd ~
mkdir tessellation
Let's remind ourselves what our Node's external IP address is (copy it for later).
curl -s https://ipv4.icanhazip.com/
IMPORTANT
It is NOT RECOMMENDED to use a p12 file that is already in use for other purposes. You should create a new clean p12.
If you still insist, and you have an existing .p12 file, you can SFTP the file over to your Node.
Transfer existing P12
Place your existing .p12 file in your tessellation directory.
/home/nodeadmin/tessellation
Create a new P12 private key
DANGER
Do not use the same passphrases of existing Nodes on Constellation, or any other Nodes from other projects. This is dangerous and bad practice.
You need to store your passphrases securely.
If you lose your p12 credentials, there is nothing that can be done.
Click here to get an explanation of passphrases verses passwords.
Create passphrase
We now need to create our passphrase for our .p12 wallet on our Node.
IMPORTANT
Our passphrase should be at least 10 or more characters.
tip
IMPORTANT
IMPORTANT
Do not use the same passphrase (or other details) in the example below ๐! But, you can use something similar to the example below ๐
Create environment variables
We need to create some environment variables that will be used during the lifetime of the node. We will create a bash script for this purpose, and give it the name cn-node. We will come back to this script to update it later on during our configuration process.
For ease of usage, we will use Linux Nano Editor for this process, if you are a more advanced user, you can use Vim, or any other editor of your choice.
sudo nano /usr/local/bin/cn-node
info
How to use the nano text editor is out of scope of this document; however, you can read up on how to create, edit and save a document at this link: How to Use Nano, the Linux Command Line Text Editor
You will need:
- Your
external IP addressof your Node. (Marked down at the beginning steps above ๐) - You will create a
namethat you would like to call yourp12file. - You will create a
passphraseyou came up with using requirements above ๐. - You will create an
aliasthat you would like to use against your.p12file and the life of your Node. Your alias is public facing.
Developer Note
The Key passphrase CL_KEYPASS has been changed to CL_PASSWORD, for the .p12 creation process.
REMINDER
Do not use the same passphrase, alias, or p12 files name as in the examples here.
We have created our Node with the nodeadmin username. If you agreed and used the same, that is the only variable that should be kept the same as the examples below.
Environment variables chart
| Variable | Value | Instructions |
|---|---|---|
| Node Username | nodeadmin | If you used this name for your user while you followed these instructions, that is perfect, no need to change this variable in the example below . You will use this in the path of CL_KEYSTORE variable line. |
| CL_EXTERNAL | 113.113.113.113 | Our Node's remote IP address |
| CL_KEYSTORE | myconstellation.p12 | This will be placed at the end of the path CL_KEYSTORE line in the file. |
| CL_KEYALIAS | myConstellationAlias | Do not use this example, come up with your own. |
| CL_EXTERNAL | 113.113.113.113 | Our Node's (remote) external IP address. We reminded ourselves about this early on this page... See above |
MainNet Dual Layer Requirements
| Variable | Value | Instructions |
|---|---|---|
| CL_L0_PEER_HTTP_HOST | IP address | This is recommended to be your Node's external IP address. Your Node will be participating on both Layer0 and Layer1. The Layer1 should link through your Layer0 connection. Your Node will be the most reliable Node to be UP at the time your attempt to join the Hypergraph. |
| CL_L0_PEER_ID | abcde...abcde | The Node ID of the Node you will be linking with on Layer0. |
| CL_L0_PEER_HTTP_PORT | 9000 | The public port of the Node you are linking to through Layer0. |
Create bash shell script
Create a text file that will be saved as a bash shell script. When executed this will add some environment variables to your local environment where the script was run, these environment variables are ephemeral per user session.
note
This process may be deprecated in the near future; however, it is good to have in place for now.
You can use a text editor that comes standard with most flavors of Debian nano.
Change directories to /usr/local/bin
cd /usr/local/bin
We will be creating our cn-node file as super user (sudo)
Nano Quick Notes
sudo nano cn-cnodewill start the program- use your keyboard arrows to navigate (not your mouse)
- ctrl-o or command-o ( letter o ) will save the contents of the file
- give the file a name (
cn-node) - ctrl-x or command-x to exit the editor
Add the following to our cn-node text file
#!/bin/bash
export CL_EXTERNAL_IP=113.113.113.113
export CL_KEYALIAS="myConstellationAlias"
export CL_KEYSTORE="/home/nodeadmin/tessellation/myconstellation.p12"
export CL_APP_ENV="testnet"
export CL_PUBLIC_HTTP_PORT=9000
export CL_P2P_HTTP_PORT=9001
When your file looks mostly similar to the above ๐. You will use Nano Quick Notes above ๐ to save the file out.
We want to make this file executable.
sudo chmod +x /usr/local/bin/cn-node
Run bash script
Run the bash script we just created by sourcing with the . so that it runs in our environment.
note
In this example we are connecting to testnet
. cn-node
Let's check that the environment variables were added to our current shell environment. Your results may not be the in the same order, this doesn't matter.
env | grep CL_
Result
CL_EXTERNAL_IP=113.113.113.113
CL_KEYALIAS=myConstellationAlias
CL_KEYSTORE=/home/nodeadmin/tessellation/myconstellation.p12
CL_APP_ENV=testnet
CL_PUBLIC_HTTP_PORT=9000
CL_P2P_HTTP_PORT=9001
Create a temporary env variable
IMPORTANT
We do not want to have our p12 passphrase added to a static plain text file. Our p12 file is our private key file that stores valuable information. If the passphrase is exposed, you can have access to the MainNet, metagraph, TestNet, etc. compromised, including access to wallets. This is a bad idea.
Instead, we will create a temporary environment variable prior to building our p12 file. The export we do below will only survive the current working session, and it will be lost after we log out.
export CL_PASSWORD="place_your_passphrase_here"
REMEMBER
Please be sure to follow the passphrase guidelines above ๐ and place your passphrase between the " (quotes).
Create your .P12 file
Change directories to our dedicated tessellation folder.
cd ~/tessellation
Generate your P12 private key
note
We will not use the sudo command here. This will create our p12 file with the ownership belonging to nodeadmin
java -jar /var/tessellation/cl-keytool.jar generate
Verify P12 file
Let's verify that we have a .p12 file.
DO NOT WORRY
The size and dates may not match, this doesn't matter.
note
The 2 l are the lower-case letter L not the number 1 (ls -l)
ls -l
Result
[...]
-rw-rw-r-- 1 nodeadmin nodeadmin 1110 Oct 28 21:38 myconstellation.p12
[...]
Update permissions
Important
Change the permissions of this file so only you can read and write to it.
chmod 600 ~/tessellation/myconstellation.p12
ls -l
Result
[...]
-rw------- 1 nodeadmin nodeadmin 1110 Oct 28 21:38 myconstellation.p12
[...]
After a good amount of work and effort, we have our .p12 file!