You may want to fork this repository and replace ssh keys in
`setup-scripts/support/authorized_keys` and optionally edit the `setup-scripts/support/tmux.conf` and `setup-scripts/support/bashrc` configurations to fit your needs.
### Step 0: stack overview
- dockerized services inside `docker-compose.yml`
- [docker-host](https://github.com/qoomon/docker-host) ([docker hub](https://hub.docker.com/r/qoomon/docker-host)): service that exposes server ip to docker container so we could access siad from within the nginx container
- [caddy](https://caddyserver.com) ([docker hub](https://hub.docker.com/r/caddy/caddy)): reverse proxy (similar to nginx) that handles ssl out of a box and acts as an entry point
- [openresty](https://openresty.org) ([docker hub](https://hub.docker.com/r/openresty/openresty)): nginx custom build, acts as a cached proxy to siad (we only use it because caddy doesn't support proxy caching, otherwise we could drop it)
- health-check: this is a simple service that runs periodically and collects health data about the server (status and response times) and exposes `/health-check` api endpoint that is deliberately delayed based on the response times of the server so potential load balancer could prioritize servers based on that (we use it with cloudflare)
- siad setup: we use "double siad" setup that has one node solely for download and one for upload to improve performance
- we use systemd to manage siad services
- siad is not installed as docker service for improved performance
- discord integration
- [funds-checker](funds-checker.py): script that checks wallet balance and sends status messages to discord periodically
- [log-checker](log-checker.py): script that scans siad logs for critical errors and reports them to discord periodically
- [blacklist-skylink](blacklist-skylink.sh): script that can be run locally from a machine that has access to all your skynet portal servers that blacklists provided skylink and prunes nginx cache to ensure it's not available any more (that is a bit much but that's the best we can do right now without paid nginx version) - if you want to use it, make sure to adjust the server addresses
### Step 1: setting up server user
1. SSH in a freshly installed Debian machine on a user with sudo access (can be root)
1.`apt-get update && apt-get install sudo` to make sure `sudo` is available
1.`adduser user` to create user called `user` (creates `/home/user` directory)
1.`usermod -a -G sudo user` to add this new user to sudo group
1.`usermod -a -G systemd-journal user` to add this new user to systemd-journal group
1. run setup scripts in the exact order and provide sudo password when asked (if one of them fails, you can retry just this one before proceeding further)
At this point we have almost everything set up. We have 2 siad instances running as services and we need to set up the wallets and allowance on those.
1. Create new wallet for both siad instances (remember to save the seeds)
1.`siac wallet init` to init download node wallet
1.`siac-upload wallet init` to init upload node wallet
1. Unlock both wallets
1.`siac wallet unlock` to unlock download node wallet (use seed as password)
1.`siac-upload wallet unlock` to unlock upload node wallet (use seed as password)
1. Generate wallet addresses for both siad instances (save them for later to transfer the funds)
1.`siac wallet address` to generate address for download node wallet
1.`siac-upload wallet address` to generate address for upload node wallet
1. Set up allowance on both siad instances
1.`siac renter setallowance` to set allowance on download node
1. 10 KS (keep 25 KS in your wallet)
1. default period
1. default number of hosts
1. 8 week renewal time
1. 500 GB expected storage
1. 500 GB expected upload
1. 5 TB expected download
1. default redundancy
1.`siac-upload renter setallowance` to set allowance on upload node
1. use the same allowance settings as download node
1. Run `siac renter setallowance --payment-contract-initial-funding 10SC` so that your download node will start making 10 contracts per block with many hosts to potentially view the whole network's files
1. Copy over apipassword from `/home/user/.sia/apipassword` and save it for the next step
1. Edit environment files for both siad instances
1.`/home/user/.sia/sia.env` for the download node
1.`SIA_API_PASSWORD` to previously copied apipassword (same for both instances)
1.`SIA_WALLET_PASSWORD` to be the wallet seed
1.`PORTAL_NAME` xxxxed part to some meaningful name like `warsaw.siasky.net`
1.`DISCORD_BOT_TOKEN` for discord health check scripts integration
1.`/home/user/.sia/sia-upload.env` for the upload node
1.`SIA_API_PASSWORD` to previously copied apipassword (same for both instances)
1.`SIA_WALLET_PASSWORD` to be the wallet seed
1.`PORTAL_NAME` xxxxed part to some meaningful name like `warsaw.siasky.net`
1.`DISCORD_BOT_TOKEN` for discord health check scripts integration
### Step 4: configuring docker services
1. generate and copy sia api token `printf ":$(cat /home/user/.sia/apipassword)" | base64`
1. edit `/home/user/skynet-webportal/.env` and configure following environment variables
-`DOMAIN_NAME` is your domain name
-`EMAIL_ADDRESS` is your email address used for communication regarding SSL certification
-`SIA_API_AUTHORIZATION` is token you just generated in the previous point
-`CLOUDFLARE_AUTH_TOKEN` if using cloudflare as dns loadbalancer (just for siasky.net)
1. only for siasky.net domain instances: edit `/home/user/skynet-webportal/docker/caddy/Caddyfile`, uncomment `import siasky.net` and comment out `import custom.domain`
1.`sudo docker-compose up -d` to restart the services so they pick up new configuration
