How to Deploy an IPFS Node on Digital Ocean
An IPFS Tutorial
There are plenty of easy options out there for accessing an IPFS node in the cloud. However, some of you working on your dapps may want to host your own node in the cloud but don’t know where to start. I wrote this guide on how to deploy an IPFS node on Digital Ocean so you don’t have to go through the undocumented struggles I did. This guide will cover the following:
- Setting up a Digital Ocean account
- Creating a droplet
- Securing your droplet
- Installing GoLang / IPFS / IPFS-Update
- Setting up a service to keep the IPFS daemon online at all times
Step One — Sign Up
If you don’t have an account, feel free to use our referral link for some free sign-up credits!
Step Two — Creating a droplet
Droplets are the name Digital Ocean uses for its virtual machines. You’ll be creating one for the purposes of this tutorial. Go ahead and click “Get Started with a Droplet” to be taken to the droplet creation page.
This guide will use the following options for your droplet:
Distribution and specs
I’m using the least expensive specifications here. Feel free to choose a faster option if you’d like.
Backups are optional. If you want to backup your node, feel free to do so.
To keep this tutorial simple, you won’t be enabling block storage. If you’re building a larger application you may eventually outgrow the 25GB SSD that’s provided with the base droplet. You can always upgrade your droplet to other options as your node starts to receive more traffic. However, eventually you’ll likely reach a point where you don’t need a faster machine, you just need more storage.
This is where block storage shines. Utilizing block storage as your main storage option for IPFS in your droplet allows you to periodically increase your data storage capabilities without needing to increase your general machine specs. I’ll be writing a guide on how to utilize block storage for your IPFS node in the near future. For now, you can read about block storage here.
Choose whichever datacenter you’d like. For quick access during this tutorial, choose the one that’s closest to you.
The two options I select here are “IPv6” and “Monitoring”. I chose “IPv6” because IPFS performs better with IPv6 enabled. I chose “Monitoring” because it’s free and I like to see how my Droplet is doing from time to time.
Adding an SSH Key
While this is technically optional, I would highly recommend utilizing an SSH key. I will be utilizing one for this tutorial. If you have an SSH key already, add it here. If not, I would recommend reading through this documentation on how to create one. It’s something you won’t regret learning.
Once you have all your settings in place, name your droplet (or use the one provided), and click “Create”. Your droplet should start the creation process. Once finished, you should see something like this:
(FYI, I may sometimes include things such as IP addresses in this guide to make it easier to follow, but the node will have been deleted upon guide publication)
Step Three — Updating the new droplet
First, you’ll need to connect your droplet to start setting things up. You can do this by entering the following in your local machine’s console.
You should be greeted with some fun messages saying that you have a few packages you can update. Let’s do that right now.
A reboot may or may not be necessary after updating your droplet:
shutdown -r 0
(You’ll be disconnected from the SSH connection to your droplet when your droplet restarts)
Step Four — Setting up your non-root user (Optional)
This step is optional but highly recommended. Setting up and utilizing a non-root user for interacting with a linux instance is much safer than utilizing the root user. I’ve included this in my guide because I want you to have the knowledge to set up a more secure node if desired.
SSH back into your Droplet as root:
Create a new user:
For this example, let’s use my name as the new non-root user.
Enter in a new password for your user. You can leave the rest of the information blank by hitting enter.
Give your user root privileges
Running the following command allows you to execute root commands on your new user by adding “sudo” before your commands.
usermod -aG sudo matt
Enable your SSH key for your new non-root user
Still have your public SSH key from before? Great. Temporarily switch over to your new user.
su - matt
Create a new directory called .ssh and restrict permissions for it
chmod 700 ~/.ssh
Open a file in your new directory called “authorized_keys”
Copy and paste your public ssh key from earlier into this file and then hit CTRL+x to exit the file. Hit y to save the changes and then ENTER to confirm.
Restrict the permissions of your new file
chmod 600 ~/.ssh/authorized_keys
Exit your SSH instance
Exit the instance for both SSH users by typing this command TWICE
Try logging into your new user via SSH
You should now be connected to your droplet as your new non-root user.
Step Five — Secure your machine
You’ll want to set up some security on your machine. This will help keep the bad guys away.
Go to the “networking menu” of your node
Click on “Manage Firewalls”
Click on “Create Firewall”
My firewall looks like this:
A brief description of the inbound ports you’ve opened:
TCP 22 — This is so you can SSH into your Droplet
TCP 4001 — This is the primary port that your IPFS node will use to communicate to other IPFS nodes
Optional ports you can enable depending on your needs:
TCP 5001 — This port can be opened up if you want to access your IPFS node API remotely. Disclaimer! If you do this, the entire world can access your IPFS node unless you add further safety features such as restricting which external IP addresses can access port 5001.
TCP 8080 — This is needed if you want to run your node as a gateway node. IPFS gateways are essentially web interfaces where users who aren’t running their own IPFS node can go and retrieve content from. So, people could retrieve content without running a node by visiting:
For example, you can retrieve an image of my dog without running a node through your public gateway: Photo of Winston
If you want to learn more about how to set up public gateways using your own custom domain, Carson Farmer from Textile has a great guide on setting up your own gateway node with NGINX that I would highly recommend.
TCP 8081 — This is needed if you want to run pubsub capabilities on your node. You can read more about pubsub functionality here.
You shouldn’t really care about what’s leaving your node so feel free to keep this open as shown.
Step Six— Installing GoLang
GoLang is needed for running IPFS.
(At the time of this guide, the current version of GoLang is 1.12.5. You may want to replace the version of GoLang if a newer version becomes available)
Extract GoLang to /usr/local
sudo tar -C /usr/local -xzf go1.12.5.linux-amd64.tar.gz
Open up your .profile
Add these lines to the bottom of the file
If you’d like to define a specific path for IPFS instead of the default ~/.ipfs path, please include the following line at the end of the file:
Exit with CTRL+x, save with y, and hit ENTER to confirm.
Reload your profile
Check that your installation was successful
You should be greeted with something like: “go version go1.12.1 linux/amd64”. If you received this message, congrats! GoLang was successfully installed.
Step Seven — Installing IPFS
First, you’ll want to install ipfs-update. This handy package allows you to easily update your ipfs client whenever there are new updates without having to go through a bunch of manual upgrade headaches.
go get -u github.com/ipfs/ipfs-update
Once this is complete, go ahead and run this command:
Take note of whatever version is the latest and run something like this:
ipfs-update install v0.4.19
You should receive a message that says “Installation complete!”
ipfs init --profile server
You should receive a message that looks something like this:
If you’re seeing this, congrats! You’ve successfully installed IPFS on your droplet!
Last thing for this section. Since your droplet has 25GB in storage, you might as well use it. Let’s increase your IPFS repo size from the default 10GB to 20GB.
ipfs config Datastore.StorageMax 20GB
Step Eight — Making sure IPFS is running all the time.
At this point you can run:
Your IPFS node will now be officially running.
However, if you exit your SSH session with the droplet, IPFS will shut down.
You can fix this by creating an ubuntu systemd service to keep things running.
sudo nano /etc/systemd/system/ipfs.service
Enter the following code into your editor.
*Note* — If you chose a custom path for IPFS in Step Six, you’ll want to use that in the environment instead of the default IPFS path.
[Unit]Description=IPFS Daemon[Service]Type=simpleExecStart=/home/matt/go/bin/ipfs daemon --enable-gcGroup=mattRestart=alwaysEnvironment="IPFS_PATH=/home/matt/.ipfs"[Install]WantedBy=multi-user.target
Save your new file by hitting CTRL+x, y, and then confirming by hitting ENTER.
Run these lines in the terminal to enable your new service:
sudo systemctl daemon-reload
sudo systemctl enable ipfs
sudo systemctl start ipfs
Check and see if this worked by running:
sudo systemctl status ipfs
You should see something like this:
Reboot your machine as one final test that everything worked:
sudo shutdown -r 0
Once the reboot is complete, SSH back into your droplet and run the following to see if you have an IPFS node up and running:
ipfs swarm peers
You should see a few peers your node is connected to. This list will grow the longer your node is online!
You now have an IPFS node up and running on Digital Ocean! Hopefully this guide was helpful. If you have any questions about this tutorial or IPFS in general, please reach out!