Open in app

Sign in

Write

Sign in

The Nontechnical Guide to Onboarding An Ambrosus Masternode — DigitalOcean Edition

Jerome!
12 min readApr 16, 2021

This guide is targeted at non-technical users who are going through the process of onboarding an Ambrosus masternode. I have seen many community members struggling with setting up their masternode. This is usually because they do not understand the technical terminology used or have never worked with a unix terminal before. The goal of this guide is to break down the concepts for everyone to not only feel comfortable setting up their masternode, but also to understanding the reasoning for each step along the way.

To complement the existing guide on Hetzner, we will setup our node using DigitalOcean (DO).

Overview

  1. VPS Setup
  2. Setup Your Node
  3. Running Your Node
  4. Final Comments

VPS Setup

What is a VPS?

A virtual private server allows users the ability to run their own server on shared physical resources. As an analogy, think about it like renting office space in an large office building. We own our space and we can customize it to our needs, but at the same time the building is shared with other people.

The term virtual private server is named as such because virtualization is the technology used that allows the host (in our case DigitalOcean) to split up a single server into multiple ones. The word private means the server will only be accessible by you and resources will be dedicated for your server as specified during the VPS setup (i.e. RAM, CPU, Storage etc.)

Why do I need a VPS?

Our VPS will be where we setup and run our node from. Instead of running our nodes from our own desktop machines, hosting on a VPS will allow us benefits such as reliable availability, ease of setup & configuration, and future scalability

Step 1: Setup a DigitalOcean Droplet

To begin, first create an account at DigitalOcean. The link is my referral link to DO, you get $100 free cloud credits by using this link (valid 60 days). I would appreciate it when you use this tutorial for setting up your node you use the referral link to show some appreciation of this article to the author.

Next, login and create a new project. Call it whatever you’d like, I named mine “Ambrosus”. For the last field on this page, select Service or API. Skip to move any resources if it asks you about.

Create a project

Go to your new project. Now that we have our project, let’s add our VPS server to it. In DigitalOcean speak this is called a ‘Droplet’.

Click on the Get started with a Droplet or use the ‘Create droplet from the top of the page.

Create a droplet

Now we need to select the configuration and specs of our server. Assuming you are onboarding as an Atlas node we care about having enough space since our primary role in the network will be to store bundles.

This guide is also suitable for Apollo nodes, the only different will be in the firewall ports settings. If you are looking to setup an Apollo node, be aware the minimum is 250k AMB.

Select the following:

Ubuntu 22.04 x64. Please note this version is not selected by default. Recommended is to use the latest LTS release. More about Ubuntu versions if you are curious https://ubuntu.com/about/release-cycle

Basic Plan

Plan type

$15 / month with 2 CPU / 2 GB memory / 60 GB SSD storage — best bang for your buck since we will need to extra storage as an Atlas node.

Select any data center region — since the cryptoeconomics have been modified to use the DMP algorithm, location and latency should no longer be a major factor into your performance on the network. Yay for fairness.

Select any region

Add and select your SSH key — see below if you do not know how to setup SSH

Name the droplet and assign it to our project

Tip rename it something recognizable

Highly Recommended Step: Setup SSH Authentication

Instead of using a username and password we’ll opt to use a cryptographic SSH key-pair. This is more secure because a private key takes the place of a password, which is generally much more difficult to brute-force.

For Windows Users

You’ll need to install an application called PuTTY which will allow you to create and get your public key. See the following document https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/create-with-putty/

For Mac / Linux Users

Open your terminal application and type in the following command

ssh-keygen -t rsa

You will be prompted to select a location for the keys, leave it as the default this will generate two files in your ~/.ssh directory

id_rsa — your private key. Never share this key, this is for you and only you to see.

id_rsa.pub — your public key. This is the key you will share.

Next, enter a passphrase for your key. This password will be used whenever you are authenticating with the SSH key so keep it safe.

Now we need to add our public key to our Droplet. Navigate back to DigitalOcean, click New SSH Key and paste in the contents of id_rsa.pub.

One simple way to accomplish this is with the cat utility in our terminal

cat ~/.ssh/id_rsa.pub

This will output the contents of that file to our terminal window. From there we can simply copy and paste it.

Great! Your droplet is configured for SSH authentication, let’s continue.

Now submit the current page to create your droplet. You’ll be brought to another page where you can see the status of your server as it spins up.

The droplet is being deployed

Next, lets configure the firewall to our server. Click into your newly created droplet and go to Networking.

Create a new firewall with the settings below for Inbound Rules and assign it to your droplet.

Atlas and Hermes Firewall setup

Note: for Apollo nodes, please disregard the settings for HTTP. You will have 3 rows of rules configured instead of the 4 shown below.

For our server’s firewall we want to abide by the principle of least-privilege, which says that we should only allow access to information and resources that are necessary for the purposes we expect. Here the Ambrosus team has outlined these settings as requirements to allow the network to communicate with our node. For the outbound ports you can leave the DigitalOcean defaults.

Setup Your Node

Now that our server is running, we need to connect to it.

Step 2: Login into your VPS

For Windows Users

You’ll have to use PuTTY to connect to your VPS. Heres a good guide on how to do that in DigitalOcean https://www.digitalocean.com/docs/droplets/how-to/connect-with-ssh/putty/

If you’re familiar with Windows Subsystem for Linux (WSL) and have it set up you can follow the Mac / Linux steps below.

For Mac /Linux Users

Begin by copying the IP address of your droplet. You can find it by viewing your droplet in your browser. Simply click on it to copy it to your clipboard. Next, open your terminal and type in the following command

ssh root@<droplet_ip_address>

Replace “<droplet_ip_address>” with the address we had previously copied. This above command tells us we want to SSH into the root user at the following server IP address. If you setup a password for your SSH key, you’ll be prompted to enter it here. Say yes to any other prompts.

Note that root is a special superuser and is the default user who has all rights or permissions in our Linux operating system.

Just like that you’ll be connected to your VPS. You are now remotely accessing your private server!

If you recall, we setup our server with the Ubuntu OS. Other than the actual operating system, there is nothing else installed on our server. Time to change that.

Step 3: Retrieve and run the setup script

If you’ve been following the Ambrosus Github, you’ll notice a project called ambrosus-nop. This is the tool created by the Ambrosus Technical team to facilitate onboarding your masternode.

Let’s start by downloading this tool into our server. Run the following commands:

wget https://nop.ambrosus.io/setup.sh
chmod +x setup.sh

The first command beginning with wget is a utility that retrieves the content of the setup script and related files we’ll need.

The second command, chmod simply changes the permissions of the .sh file so that we’ll be able to run the script. The “x” is for executable

Now let’s run this script, its an interactive script so have you’ll be using your up/down arrows along with the enter key to make your selections.

./setup.sh

Options to select:

Main network

Network selection

Create a new key — we need to either provide an existing key to a wallet we’ve created elsewhere or more simply we can just let the script create the new public/private key for us. We will choose the latter.

Address Private Key generation

IMPORTANT: Do not enter the private key to your Ethereum cold wallet, you will be creating an entirely new wallet above to use with the network.

  • Select your node type and tier
Node type selection
Select your tier

Hint: The node tiers shown are Atlas tiers. For Apollo there are no tiers and a simple selection of Apollo will do. Important: in order to run a new Apollo node it requires a minimum stake of 1 million AMB.

Enter the URL/IP

For Atlas:
Enter the IP address of your server, example http://81.25.505.22
Don’t forget the “http://” prefix. This is how the network will be able to reach our node and used for the nodeinfo page. Do not use https:// as that is currently not supported.

Optionally: If you have an existing (sub)domain you can also use that and point the domain to the IP address. The benefit is that you can enter a URL for the nodeinfo page, instead of an IP but apart from that functionally there is no difference.

For Apollo:
Enter the IP address of your server without http, example 81.25.505.22

Email address

You have now finished the main installation. In the background the installer has created a file called state.json. This file stores the result of the script you just completed, in here you can find the private and public key to the wallet you had created. Do not share the private key with anybody!

View the contents with the following command
nano ./ambrosus-nop/state.json

Save your address and private key securely for example in a password manager ! You will need it later to import into the MetaMask wallet.

At the end of this section you have:

  • Downloaded the ambrosus-nop tool onto your VPS
  • Completed the initial setup steps
  • Stored your node address and private key safely
  • Sent a request for whitelisting (by completing the setup)

Setup MetaMask

First, download MetaMask to your browser if it is not already installed. https://metamask.io/

Recall the wallet we previously created in Step 3 as part of running the setup script. Let’s start with importing our new wallet into MetaMask.

First click on the MetaMask extension in your browser, it asks you to create a new wallet or import one with a seed phrase. Since we don’t have a seed phrase for our wallet, just create a new wallet to get to the next screen.

After creating an account, click on the Account button in the upper right corner, you’ll probably have a colorful image there, and select import account.

Here you’ll paste in the private key to your wallet. See below if you are unsure how to get that.

If you are looking for your private key, recall the state.json file that was created on our server. In that file you can find your private key. Paste that into the form and click import.

Now our wallet is imported into MetaMask. Theres one more step before we send our tokens over, we need to add the Ambrosus Network.

Complete Step 2 in Vlad’s post and return here https://medium.com/@vladtrifa/how-to-connect-to-amb-net-with-metamask-6964c71e217e

Step 4: Send tokens

With MetaMask configured and having native AMB already from Kucoin/P2PB2B/Binance, you can now send your stake for the masternode you are onboarding to the public address of your wallet from step 3.

For example, for Atlas Omega that’s 75k. To ensure we cover gas fees I would recommend 100 extra tokens (total of 75100).
For example, for Apollo that’s a mininum of 250k. To ensure we cover gas fees I would recommend 100 extra tokens (total of 250100).

Failing to do so may get the node up and running, but you will end up failing to receive bundles /validate blocks as it lacks the AMB to pay for gas fees.

Step 5: Whitelisting email

Once the transfer is completed you can send a whitelisting request to support@ambrosus.io (subject: Atlas / Apollo Whitelist Request).

Enter the output from the command below in the email, you can copy by selecting and right mouse click in the Putty window and paste in the email body.

cat ./ambrosus-nop/output/TOS.txt

And the following parts from state.json (do not share the private key!!!)

{
network: main,
address: 0x123456789
role: Atlas Omega
email: youremail@gmail.com
url: http://127.0.0.1

}

Afterwards wait until whitelisting confirmation by the tech team, usually it takes 24 hours (weekdays).

At the end of this section you have:

● Downloaded the ambrosus-nop tool onto your VPS

● Completed the initial setup steps

● Prepared a draft of your email for whitelisting

Running Your Node

Step 6: Finishing the setup

Once you’ve heard back from the team with your whitelist confirmation, you are ready to run your node!

Connect to your VPS and run the following script. Note this script is different than the one we previously ran. Refer to the previous steps if you forgot how to connect to your VPS.

./setup2.sh

Go through the interactive menu again and select any that apply to you. Once you are done with the script you’ll be officially onboarded!

The node will now start to sync the blockchain , which can take up to roughly 12–24 hours. You can monitor the sync process by going to http://stats.ambrosus.io and enter your node address. The block of your node must reach the same as the the last network block before it starts working (the nodeinfo page will only come up after sync has finished).

If you would like to see how many bundles you’ve successfully stored so far (Atlas) or to see your block rewards (Apollo) simply search your address in the explorer.

https://explorer.ambrosus.io/atlas
https://explorer.ambrosus.io/apollo

Congratulations, you’re officially an Ambrosus masternode operator!

Congrats!

Final Comments

Restrict access

As an extra security step, you can decide to restrict root access via SSH. This will prevent hackers from stealing our information and gaining access to our server. The first step to doing this is creating a new user that you will use to login, followed by restricting access to anyone trying to login to our server using a username and password. You will instead connect to the VPS using SSH keys as mentioned above.

Here is a good doc that covers the steps needed to take on our Ubuntu environment.

Backup Wallet/Key
Be sure to backup your private/public key to the address we created. If you have a password manager, create a secure note. Even better, store it securely offline on paper.

Monitor for Node software updates
Your node has an automatic update function. However keep an eye on slack and the telegram channel for required updates.

Monitor for OS Updates
Ubuntu regularly has OS updates that you need to install. Make sure to keep your VPS OS up to date using:

sudo apt update
sudo apt upgrade

Reboot the system if kernel was updated by typing sudo reboot command

Hall of fame
Thanks to subliminal-amb for creating the original guide.

Migration & Other providers
Not looking to host on DigitalOcean? There are more guides available for other cloud providers.

Already running a node on another cloud provider? Use this link on how to move your existing Atlas server. Apollo migration instructions here.

--

--

Jerome!

Written by Jerome!

7 Followers

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams