Samourai Dojo

There is no greater solitude than that of a samurai, unless it is that of the tiger in the jungle...perhaps...

A guide for running Samourai Dojo with an external full node.

Why an external full node?

I am running a full node on my bare metal box. I understand it and am not quite ready to migrate it to Dojo's docker-compose managed image. I like the idea of modularity and I have other services which depend on the full node. Dojo can expose it managed full node, but that is a project for another day.

Configurations

Dojo has some advanced docs on running an external full node, but there are a few missing tips which tripped me up.

The complexities boil down to full node configurations (e.g. /etc/bitcoin/bitcoin.conf) to make sure the Dojo docker images can talk to the node. The Dojo docker images are on their own "bridged" docker network, so its not as simple as always putting 127.0.0.1.

Here is my real life working configuration with the password changed:

rpcport=8332
rpcuser=bitcoin
rpcpassword=topsecretpassword
rpcallowip=192.168.1.0/24
rpcallowip=172.28.1.2/16
rpcallowip=172.28.1.7/16
rpcbind=0.0.0.0
rpcthreads=4
rpctimeout=300
txindex=1
server=1
dbcache=300
zmqpubhashblock=tcp://0.0.0.0:9502
zmqpubrawtx=tcp://0.0.0.0:9501
  1. rpcallowip
    • There are three entries: 192.168.1.0/24 for LAN access, 172.28.1.2/16 for Dojo node (nodejs) access , and 172.28.1.7/16 for Dojo explorer access
  2. rpcbind
    • The node needs to listen on all interfaces (0.0.0.0) not just the local loopback 127.0.0.1
  3. zmqpubhashblock and zmqpubrawtx
    • Similar to rpcbind, the zmq settings also need to listen on all interfaces with 0.0.0.0
    • You know there is a problem with Dojo listening to the zmq updates when the nodejs logs keep mentioning 0 transactions processed (zmq is where it gets this info)

It should be noted that these network settings are more open than the standard 127.0.0.1 and extra precautions should be taken in your router and firewall settings to make sure access is not granted to things which shouldn't have it (e.g. the internet).

System manager

While not a great fit with docker-compose, I am using Systemd to control starting and stopping Dojo.

[Unit]
Description=Samourai Dojo
Requires=docker.service
# Using external full node
After=bitcoind.service docker.service

[Service]
# the dojo script used the -d parameter in docker-compose
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/lib/dojo/docker/my-dojo/dojo.sh start
ExecStop=/usr/lib/dojo/docker/my-dojo/dojo.sh stop
User=dojo
Group=dojo

[Install]
WantedBy=multi-user.target

One quirk that I am not sure if is a big issue, the docker-compose process appear as whatever user has UUID 1001 when viewing from the host (e.g. running ps aux)


More fromĀ yonson