Installing Whirlpool CLI & Firewall Config
Cover

Part 5. Installing Whirlpool CLI & Firewall Config

December 20, 2023

Prerequisites.

Completed “Dojo Node Guide,” Parts 1, 2, 3, 4.

Introduction #

Whirlpool CLI is a command-line tool that operates silently in the background of personal Dojo-backed Bitcoin nodes. This CLI tool automates the remixing process of postmix UTXOs 24/7, ensuring you never miss a remix so long as the node is active.

Download Whirlpool #

If not already, SSH into the node as the user “dojo.”

Create a directory for Whirlpool.

mkdir ~/whirlpool

Enter the directory.

cd ~/whirlpool

Visit the Whirlpool CLI release page and copy the link for the latest “run.jar” file, downloading it with “wget.” At the time of writing, the latest version is 0.10.17, so modify commands accordingly.

torsocks wget https://code.samourai.io/whirlpool/whirlpool-client-cli/uploads/63621e145967f536a562851853bd0990/whirlpool-client-cli-0.10.16-run.jar

Install Java.

sudo apt install openjdk-19-jre-headless -y

Before initializing Whirlpool, have the Samourai Wallet’s passphrase and pairing code ready for pasting into the terminal.

The pairing code is in Samourai Wallet under Settings > Transaction > Pair to Whirlpool GUI.

Pair Samourai Wallet #

Initiate Whirlpool, entering the pairing code and passphrase when prompted.

java -jar whirlpool-client-cli-*-run.jar --init

Connecting may take a minute, but the pairing is successful once logs start printing for the wallet’s Postmix account. If returned to the command prompt, the pairing has failed and must be rerun until successful.

Once paired, exit the logs with “control+c.”

System File #

Create a system file to start Whirlpool on boot.

sudo nano /etc/systemd/system/whirlpool.service

Paste the following lines, ensuring to edit if the Whirlpool version differs.

[Unit]
Description=Whirlpool
After=tor.service
[Service]
WorkingDirectory=/home/dojo/whirlpool
ExecStart=/usr/bin/java -jar whirlpool-client-cli-0.10.16-run.jar --server=mainnet --tor --auto-mix --mixs-target=0 --listen
User=dojo
Group=dojo
Type=simple
KillMode=process
TimeoutSec=60
Restart=always
RestartSec=60
[Install]
WantedBy=multi-user.target

Save and exit the file.

Reload “systemctl.”

sudo systemctl daemon-reload

Enable the Whirlpool service.

sudo systemctl enable whirlpool

Start the Whirlpool service.

sudo systemctl start whirlpool

Whirlpool CLI is now operational.

Whirlpool GUI #

Whirlpool GUI is a simple-to-use graphical user interface for Whirlpool CLI, which allows you to monitor and interact with the Whirlpool service in a user-friendly manner.

Whirlpool GUI can be downloaded directly from the Samourai Wallet website.

Pair Whirlpool GUI #

Upon opening the GUI for the first time, “Remote CLI” should be selected.

In the CLI Address field, replace “my-cli-host” with your node’s IP.

Next, select “Configure API Key,” and a box will appear. Return to your node’s terminal via SSH and run the following command to find the key.

nano ~/whirlpool/whirlpool-cli-config.properties

The API key is the string of numbers that follows “cli.apiKey=” at the top of the file.

Once the CLI and API addresses are entered, select “Connect.”

After a few seconds, a prompt will appear requesting the wallet’s passphrase. Once entered, the pairing is complete.

Uncomplicated Firewall (UFW) #

The Uncomplicated Firewall, or UFW, is a simple-to-use, command-line application for working with a Linux firewall.

Install UFW.

sudo apt install ufw -y

To ensure that the only ports open are those essential to the node’s regular operation, the following UFW rules should be applied in the terminal.

Default Settings #

sudo ufw default deny incoming
sudo ufw default allow outgoing

Allow SSH #

sudo ufw allow ssh

Allow Whirlpool GUI #

sudo ufw allow 8899/tcp

Allow BITCOIND_ZMQ_BLK_HASH #

sudo ufw allow 28334/tcp

Allow BITCOIND_ZMQ_RAWTXS #

sudo ufw allow 28333/tcp

Allow BITCOIND_RPC_PORT #

sudo ufw allow 8332/tcp

Allow Fulcrum SSL #

sudo ufw allow 50002/tcp

Allow Mempool GUI #

sudo ufw allow 4080/tcp

Enable UFW #

sudo ufw enable

When enabling UFW, a warning may appear informing that enabling UFW may cause connection issues with the session. Since a rule allowing SSH was already applied, confirming with “y is safe.”


Подключитесь к нашему релею, чтобы оставить комментарий. Подробнее.