Getting a Bitcoin Full Node Up and Running on Azure in No Time with Bicep

Bitcoin, which requires no introduction, the world’s first crypto currency, is more than just wallets and balances. Like other blockchain technologies, such as Ethereum which was discussed in some of my other articles, it is a network of nodes both communicating with each other and allowing end users to perform and read transactions.

In this article, we will be using Microsoft’s new declarative domain specific language (DSL) for deploying Azure resources, Bicep, to deploy and start a Bitcoin full node on an Azure VM.

Prerequisites

To deploy resources with scripts written in Bicep, we just need to have the latest version of the Azure CLI that can be found here: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest

Example Repository

A complete Bicep script for deploying a Bitcoin full node on an Azure VM can be found in the following GitHub repository:

GitHub - ItayPodhajcer/bicep-bitcoin-azure-vm

The Script

Our script will be divided into four parts:

• Main entry point which also includes the creation of a resource group.
• Creation of the virtual network for the VM.
• Creation of the network interface the VM.
• Creation of the VM.

We will start by creating the Bicep script for creating the virtual network with one subnet:

Next, we will create the Bicep script that creates the public IP, network security group and network interface:

Note that the network security group has ports 22 for SSH, so we can open a remote shell on the VM, and 8333, for Bitcoin internode communication, opened.

Now we can use the virtual network and network interface to create the VM:

This script expects a public key for SSH connections and a password for the Bitcoin node, which will be supplied when the script is executed using the Azure CLI.

As we need to install and start the Bitcoin node app on the VM, we also have two additional files that are injected by the Bicep script to the VM.

One is the systemd service file:

And the second one is the script that will be run when the VM starts, which mounts a volume, grants permissions, installs the Bitcoin app and sets up the Bitcoin service:

Lastly, we create the main entry point Bicep script, which connects all the previous pieces together:

Running The Script

First, we need to generate a key pair that can be used for SSH connections, and we will do that by running the following command:

ssh-keygen -m PEM -t rsa -b 4096

Now that we have a key, when can run the command that executes our script and deploys the resources:

az deployment sub create --name dep-bitcoinvm --location eastus --template-file main.bicep --parameters 'sshPublicKey=****' 'bitcoinPassword=****'

Make sure you set sshPublicKey to the contents of the .pub file that was generated in the previous step, and bitcoinPassword to whatever value you want to use as the password for your Bitcoin full node.

Once the execution of the script is complete, the Bitcoin full node will start synchronizing with the network (also called the initial block download), which might take a while. You can use SSH to connect to your VM, so you can check the node’s status and interact with it.

Conclusion

The Bitcoin node can be configured further to allow JSON RPC connections, which allow other apps and systems to communicate with it from outside the VM, but it is recommended that other restrictions and safety mechanisms are in place before doing so (such as local virtual network restrictions, source IP restrictions, etc.).