Samourai Dojo Bitcoin Full Node on Raspberry Pi

11 min readAug 14, 2019

Here are the steps we took to set up a Samourai Dojo on the most minimal hardware we could find.

Is it a good idea?
Probably not! Raspberry Pi is intentionally low-end hardware and this project was designed to look at putting Samourai Dojo onto exactly that. There are a few work-arounds to make this work, but is interesting as an experiment on minimal hardware. Having said that, it does work. With this configuration, the full blockchain sync took about 2 weeks and 2 days to complete. It would probably be possible to do a sync on a more powerful computer and copy it manually to the Pi, but we were interested to see what the Pi could accomplish on its own.

Hardware we used:
- Raspberry Pi 4 Model B 4GB RAM
- SanDisk Ultra 64GB MicroSD card
- Seagate 1TB Expansion+ USB drive (SSD would be better for performance)
Software we used:
- Raspbian Buster
- balenaEtcher (or equivalent SD card writer)
- Samourai Dojo (plus pre-requisites — see below)

Notes on older Raspberry Pi models:
Samourai Dojo minimum requirement is 4GB RAM. Despite this we did try the setup with a Raspberry Pi 3B+ but due to its 1GB RAM the initial block sync kept failing at around 100k height. We messed around with mempool and db size settings but still couldn’t get around it. It may be possible that copying the initial blockchain sync data manually to the drive for an older spec Raspberry Pi would work but this is not a scenario we’ve tested.. yet.

Approach:
Our approach was to do a completely headless setup of the Raspberry Pi, so no monitor or keyboard are used. We configure the Pi Micro SD card and boot it up to automatically connect to a WiFi network, then connect with ssh from a laptop to complete the configuration of the device.

The steps we used were:
A) MicroSD card config
B) Configure Raspberry Pi
C) Set up pre-requisite software
D) Secure Raspberry Pi
E) Install Dojo
F) Sync Bitcoin blockchain
G) Pair with Samourai Wallet
H) Sit back and enjoy contributing to the bitcoin community whilst gaining increased privacy for your bitcoin transactions

A) MicroSD Card config

1. Download the Rasbian Buster with desktop or lite image from raspberrypi.org

2. Use balenaEtcher (balena.io/etcher/) to flash the MicroSD card with Raspian Buster

3. Add an ssh file to boot folder on MicroSD card
(this is just an empty file with no file extension created using a text editor on whatever computer you’re using to prepare the MicroSD card). This will enable ssh connectivity — note, if you’re using a keyboard & monitor attached to your Pi, you won’t necessarily need this.

4. Add a wpa_supplicant.conf file to the boot folder on MicroSD card
Create a new file called wpa_supplicant.conf using a text editor on whatever computer you’re using to prepare the MicroSD card). The file needs to have the following information in it:

country=US
ctrl_interface=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
 ssid=”yourWIFIname”
 psk=”yourWIFIpassword”
}’’’

(note: change the values for the ISO 2 letter country code, your wifi name and password). If you have a less friendly WiFi, you might need to search for other wpa_supplicant.conf configurations or you can skip this and use an ethernet cable instead

B) Configure Raspberry Pi

5. SSH to the Raspberry Pi from your laptop
If you’re using Linux, you’ll know how to do this. From Mac, use the terminal app, from Windows use the PowerShell app. Type ssh pi@x.x.x.x (where x.x.x.x is your Pi’s IP address). Most people can probably just guess what IP address their Pi was assigned by their router, otherwise search online for ‘map my home network’ to find methods or tools suited to your scenario).

6. Then, log on with the default password for pi, which is raspberry

7. Change the password

passwd

8. Change the password for root also

sudo passwd root

9. Create a bitcoin user

sudo adduser bitcoin

Assign strong passwords and make a note of them.

10. Update the Raspberry Pi software

sudo apt update 
sudo apt -y upgrade

11. IMPORTANT: SD cards don’t handle swap files well and may be damaged as a result, so turn it off. To avoid damage to the MicroSD card, disable swap file usage entirely. (If you still want to enable swap file use for your HDD, search online for how to do this, but we don’t need it for this project).

sudo swapoff --all

12. Display the disk information

sudo lsblk -o NAME,MODEL

The output will look something like:

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 931.5G 0 disk
mmcblk0 179:0 0 59.5G 0 disk
├─mmcblk0p1 179:1 0 256M 0 part /boot
└─mmcblk0p2 179:2 0 59.2G 0 part /

sda is the usb disk
mmcblk0 is the MicroSD card with its two partitions.

13. Format the disk and give it a label (**note, all data on the disk will be deleted**)

sudo mkfs.ext4 /dev/sda -L BLOCK-STORAGE

14. Open a text editor and copy/paste the following

UUID=XXXX /mnt/hdd ext4 defaults 0 0

15. Get the UUID of the disk

sudo blkid | grep /dev/sda

Then copy the UUID for the disk. Replace the XXXX portion in the text editor with the entire UUID (without any quote marks)

16. Create a mount point to the disk

sudo mkdir /mnt/hdd

17. Edit the File Systems Table

sudo nano /etc/fstab

18. Add the line, that you constructed in your text editor, to the fstab file. It will look similar to this:

proc /proc proc defaults 0 0
PARTUUID=7478ce0d-01 /boot vfat defaults 0 2
PARTUUID=7478ce0d-02 / ext4 defaults,noatime 0 1
UUID=8ba37f42–5e81–420f-8dbe-426fa231a681 /mnt/hdd ext4 defaults 0 0
# a swapfile is not a swap partition, no line here
# use dphys-swapfile swap[on|off] for that

Ctrl-X, y and Enter to save the file.

19. Mount all disks

sudo mount -a

19. Verify that the disk has been mounted

ls -hal /mnt/hdd

The output will look similar to this:

total 340K
drwxr-xr-x 3 root root 4.0K Jul 30 17:33 .
drwxr-xr-x 3 root root 4.0K Jul 30 16:23 ..
drwx — — — 2 root root 16K Jul 30 16:23 lost+found

20. Grant rights to the drive to root and bitcoin

sudo chown -R root:root /mnt/hdd
sudo chown -R bitcoin:bitcoin /mnt/hdd

C) Set up pre-requisite software

21. Install Docker

curl -fSLs https://get.docker.com | sudo sh

(Note: this Docker install method worked fine for our installs, if it does fail, see appendix for an alternative approach that may help…)

22. Grant your user account rights to run Docker

sudo usermod pi -aG docker

23. Test the Docker installation

docker run hello-world

If Docker is installed correctly, the output should be similar to:

Hello from Docker!
This message shows that your installation appears to be working correctly.
(…along with some further details about Docker actions)

24. Create a file structure for the docker storage area on the external Hard Drive

sudo mkdir /mnt/hdd/docker-data

25. Edit the docker config file

sudo nano /etc/docker/daemon.json

Add the following to the file:

{
“data-root”: “/mnt/hdd/docker-data”
}

Then Ctrl-X, y & Enter to save the file.

26. Stop the Docker service

sudo systemctl stop docker

You can check that Docker has stopped using
ps aux | grep -i docker | grep -v grep

27. Copy the Docker data to the new location

sudo rsync -axPS /var/lib/docker/ /mnt/hdd/docker-data

28. Start the Docker service

sudo systemctl start docker

29. Confirm Docker is using the new location to store data

docker info | grep 'Docker Root Dir'

The output should include:
Docker Root Dir: /mnt/hdd/docker-data

You can check what Docker is running using
docker ps

30. Check pre-requisites are installed

sudo apt-get install libffi-dev
sudo apt-get install libcurl4-openssl-dev
sudo pip install --upgrade pip

31. Add Tor source to sources.list

sudo nano /etc/apt/sources.list

Add these lines to the file

deb http://deb.torproject.org/torproject.org buster main
deb-src http://deb.torproject.org/torproject.org buster main

Ctrl-X, y & Enter to save the file

32. Install dirmngr

sudo apt install dirmngr

33. Get the key for Tor

curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import

(Note: this command is all one line). Output will confirm 1 key has been imported

34. Add the key

gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

‘OK’ output will confirm the key has been added.

35. Install Tor

sudo apt update
sudo apt install tor tor-arm

36. Install Docker Compose

sudo pip install docker-compose

37. Test Docker Compose is installed correctly

docker-compose --version

Your output should be similar to
Docker version 19.03.1, build 74b1e89

Note: if there are any errors installing Docker Compose, try the following method to rectify it:
sudo pip uninstall docker docker-compose
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install docker docker-compose

38. Download mysql docker image

docker pull hypriot/rpi-mysql

Docker will pull the mysql image from https://hub.docker.com/r/hypriot/rpi-mysql. Note, if you prefer to compile your own mysql image or use an alternative, you can substitute it here.

39. Configure mysql

docker run --name pi-mysql -e MYSQL_ROOT_PASSWORD=<mysqlrootpassword> -d hypriot/rpi-mysql

Note: substitute <mysqlrootpassword> with a password of your choice and make a note of this password.

D) Secure Raspberry Pi

Note: this is basic security configuration and you should do your own research to determine the right security for your scenario.

40. Install Firewall

sudo apt install ufw
sudo ufw limit ssh
sudo ufw allow from 192.168.1.0/24 to any port 22
sudo ufw allow 8333 comment "Bitcoin mainnet"
sudo ufw status verbose

Note: update 192.168.1.0 with your IP address range

Install Fail2Ban

sudo apt install fail2ban
sudo fail2ban-client status

Output should look similar to

Status
|- Number of jail: 1
`- Jail list: sshd

E) Install Dojo

41. Download and unzip Samourai Dojo

cd /mnt/hdd
sudo wget https://github.com/Samourai-Wallet/samourai-dojo/archive/master.zip
sudo unzip master.zip
sudo mv samourai-dojo-master dojo_dir

42. Edit the bitcoind configuration file

cd dojo_dir/docker/my-dojo/conf
sudo nano docker-bitcoind.conf

Change the passwords of BITCOIND_RPC_USER and BITCOIND_RPC_PASSWORD, making a note of these.