Running Bitcoin on my server

  ___                        _               
 | _ \  _  _   _ _    _ _   (_)  _ _    __ _ 
 |   / | || | | ' \  | ' \  | | | ' \  / _` |
 |_|_\  \_,_| |_||_| |_||_| |_| |_||_| \__, |
                                       |___/ 

  ___   _   _                _        
 | _ ) (_) | |_   __   ___  (_)  _ _  
 | _ \ | | |  _| / _| / _ \ | | | ' \ 
 |___/ |_|  \__| \__| \___/ |_| |_||_|
                                      

             
  ___   _ _  
 / _ \ | ' \ 
 \___/ |_||_|
             

               
  _ __    _  _ 
 | '  \  | || |
 |_|_|_|  \_, |
          |__/ 

                                   
  ___  ___   _ _  __ __  ___   _ _ 
 (_-< / -_) | '_| \ V / / -_) | '_|
 /__/ \___| |_|    \_/  \___| |_|  
                                   

╔─*──*──*──*──*──*──*──*──*──*──*──*──*──*──*──*─╗
║1   ........................................   1║
║2*  ........................................  *2║
║3   ........................................   3║
║1   ...........Posted: 2024-11-26...........   1║
║2*  ......Tags: sysadmin linux crypto ......  *2║
║3   ........................................   3║
║1   ........................................   1║
╚────────────────────────────────────────────────╝

Actually own  your BTC by running `bitcoind` on your (Debian, Linux) server.

This is in preperation for another project I'm working on, too.

I like to use the `prune`

## Installing Bitcoin Core on Debian

Install the depends:

```
sudo apt update
sudo apt install software-properties-common
sudo apt install wget gpg
```

Download from the official Bitcoin Core website:
https://bitcoincore.org/en/download/

Verify the download using GPG to ensure it wasn't tampered with.

```
export VERSION="28.0"
wget "https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS"
wget "https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS.asc"
wget "https://bitcoincore.org/bin/bitcoin-core-${VERSION}/bitcoin-${VERSION}-x86_64-linux-gnu.tar.gz"
sha256sum --ignore-missing --check SHA256SUMS
```

To go further with verification, namely to find an author to trust and verify
the GPG signature, read the instructions on the Bitcoin Core website.

https://bitcoincore.org/en/download/

```
tar -xvf "bitcoin-${VERSION}-x86_64-linux-gnu.tar.gz"
cd "bitcoin-${VERSION}"
```

Copy binaries:

```
sudo install -m 0755 -o root -g root -t /usr/local/bin bin/*
```

Create the data dir:

```
mkdir -p ~/.bitcoin
```

## Configuring

Edit `~/.bitcoin/bitcoin.conf`:

```
# Run as a server
server=1

# Enable pruning (size in MB)
prune=550

# RPC username and password (set these to something secure)
rpcuser=yourusername
rpcpassword=yoursecurepassword

# Reduce disk space and bandwidth usage
maxconnections=20

# Optionally, run only on Tor for enhanced privacy
onlynet=onion
proxy=127.0.0.1:9050

# Enable logging (optional)
debug=1
```

## First run

Run as background daemon:

```
bitcoind -daemon
```

Monitor sync process:

```
bitcoin-cli getblockchaininfo
```

## Autostart with systemd

Create systemd service file:

```
sudo vi /etc/systemd/system/bitcoind.service
```

Service file contents (use YOUR username):

```
# Install this in /etc/systemd/system/
# See below for more details and options
# https://raw.githubusercontent.com-/bitcoin/bitcoin/76deb30550b2492f9c8d9f0302da32025166e0c5/contrib/init/bitcoind.service
# Then run following to always start:
# systemctl enable bitcoind
#
# and the following to start immediately:
# systemctl start bitcoind

[Unit]
Description=Bitcoin daemon
After=network.target

[Service]
ExecStart=/usr/local/bin/bitcoind-start.sh
TimeoutStartSec=600

# Process management
####################

Type=forking
PIDFile=/home/baudrillard/.bitcoin/bitcoind.pid
Restart=on-failure

# Directory creation and permissions
####################################

# Run as bitcoin:bitcoin or <youruser>
User=youruser
Group=youruser

# Hardening measures
####################

# Provide a private /tmp and /var/tmp.
PrivateTmp=true

# Use a new /dev namespace only populated with API pseudo devices
# such as /dev/null, /dev/zero and /dev/random.
PrivateDevices=true

# Deny the creation of writable and executable memory mappings.
MemoryDenyWriteExecute=true

[Install]
WantedBy=multi-user.target
```

Create script and set the permissions:

```
sudo vi /usr/local/bin/bitcoind-start.sh
```

The file:

```
#!/bin/bash

# Just a simple wrapper to start bitcoind.
#
# If using systemd, simply create a file (e.g. /etc/systemd/system/bitcoind.service)
# from example file below and add this script in ExecStart.
# https://raw.githubusercontent.com-/bitcoin/bitcoin/76deb30550b2492f9c8d9f0302da32025166e0c5/contrib/init/bitcoind.service
#
# Then run following to always start:
# systemctl enable bitcoind
#
# and the following to start immediately:
# systemctl start bitcoind

# If you are mounting a secondary disk, find the UUID of your
# disk and a line entry in /etc/fstab e.g.
#
# UUID=foo-bar-1234 /path-to-dir/.bitcoin ext4 defaults 0 0

set -e

# Let's wait for 30 seconds in case other processes need to come up first.
sleep 30

echo "Starting bitcoind..."

bitcoind --daemon --server -pid=/home/baudrillard/.bitcoin/bitcoind.pid -conf=/home/baudrillard/.bitcoin/bitcoin.conf

echo "Done!"
```

```
sudo chmod +x /usr/local/bin/bitcoind-start.sh
```

Enable:

```
sudo systemctl enable bitcoind
sudo systemctl start bitcoind
sudo systemctl status bitcoind
```

Check logs too:

```
sudo journalctl -u bitcoind.service 
```

## Wallet setup

See which wallets are available:

```
% bitcoin-cli listwallets      
[
]
```

I have none, so I'll create one and encrypt it:

```
bitcoin-cli createwallet "main_2024-11-23" false false "your-strong-passphrase" false true true false
```

Check new wallet status:

```
bitcoin-cli -rpcwallet="main_2024-11-23" getwalletinfo
```

Ensure it's added to startup in `~/.bitcoin/bitcoin.conf`:

```
wallet=main_2024-11-23
```

To ensure the wallet starts on startup:

```
sudo systemctl restart bitcoind
bitcoin-cli listwallets
```

Also check to make sure the wallet is actually encrypted, with a bogus password:

```
bitcoin-cli -rpcwallet="main_2024-11-23" walletpassphrase "asdf" 10
```

## Backup your wallet

Create `/home/baudrillard/.bitcoin/backups`.

Let's create this backup script below `~/.bitcoin/backup_script.sh`:

```
#!/bin/bash
# Backup bitcoin 
timestamp=$(date +"%Y-%m-%d_%H-%M-%S")
backup_dir="/home/baudrillard/.bitcoin/backups"
wallet_name="main_2024-11-23"
backup_file="${backup_dir}/${wallet_name}_backup_${timestamp}.dat"
mkdir -p "${backup_dir}" && bitcoin-cli -rpcwallet="${wallet_name}" backupwallet "${backup_file}"
find "${backup_dir}" -name "${wallet_name}_backup_*.dat" -type f | sort | head -n -5 | xargs -r rm -f
```

Mark as executable `chmod +x ~/.bitcoin/backup_script.sh` and also add to user
cron weekly backup (`crontab -e`):

```
0 2 * * 0 /home/baudrillard/.bitcoin/backup_script.sh
```

Be sure to actually try running this backup script and test if the backup is
valid:

```
bitcoind -datadir=/tmp/bitcoin-test -daemon && sleep 5 && bitcoin-cli -datadir=/tmp/bitcoin-test loadwallet "/path/to/backup/wallet.dat" && bitcoin-cli -datadir=/tmp/bitcoin-test getwalletinfo && bitcoin-cli -datadir=/tmp/bitcoin-test stop
```

## Basic usage

## Mining