HOWTO Run Sia host on headless Linux server (Ubuntu)
What is the way to auto-unlock the hosting wallet?
My siad is working fine on the headless box. But to be a good host it needs to come up as soon as possible after a reboot or downtime. Sometimes it happens that I even do not notice that there was a power outage, as the server comes up and all services are started.
So, how to automate the wallet unlocking for the hosting service to be operational after starting?
One way to to it would be to put a watch into cron like evry 5 minute or so using siac,
If ! wallet unlocked
My question was more about feeding the password to siac...
Can I do it on command line (in batch file/shell script)?
sure easy peasy
(echo "lakes romance ... ) | siac wallet unlock
Oh, thanks. It works this way.
I thought there should be a command line parameter for siac such as siac wallet unlock -p <password> .
From the other side it wouldn't be more secure as echoing from a script.
As I don't like storing cleartext passwords in script files, there should be a more elegant way to do this.
I know, most of database accessing software is storing the cleartext db access password in a conf file and it may be even less secure than storing it in the startup script.
So, perhaps, when the devs have more time... Could a key file be generated from something machine specific and the wallet password? So the user should generate such key file from his wallet password when the wallet is moved to another machine.
Or better, the hosting process should be capable to run on a "partially locked" wallet, as no user approval is needed for from the hosting process originating transactions anyway. The collateral would be locked at the moment the user makes changes to his hosting parameters -price, size etc or/and turns accepting contracts on (which can happen only when the wallet is already unlocked). And these locked SC are accessible for the hosting process even if the wallet is locked.
I dont know if an attacker is in he (or she) is in. Imo best to do here is to make sure the online wallet always have pretty limited funds and you make a process of refilling/draining it when needed.
Also it a general bad practice to send passwds as arguments, anyone can see them using tools like top then ( my echo just as bad) better would be to read it from a file or env variable on ly accessable to current user.
Hello @brisk thanks for your thoughts,
can you explain how an attacker, which overtook a local (non root) user, could read the echo from your suggested command line?
Would it make a difference wheather script is executed by root or a non-root user?
Could not announce host: insufficient balance
when trying to annouce ?
Me and a few others who read the Github Gist and this (https://gist.github.com/pmknutsen/7521a29fe8125c24eb3e/) are getting this error:
Starting the service fails with status=203/EXEC
@chanakyabtc Only thing I can think of is that its a permissions issue. Check that the user you're running
siadas has permissions to run
siadand read/write permissions to the data directory (
Awesome tutorial, thanks for making this!
I ended up using this for setting up sia.pixeldrain.com.
I modified the service file slightly, to fit my requirements better:
Description=Sia Daemon After=network.target [Service] Type=simple ExecStart=/home/sia/Sia/siad -M gctwr ExecStop=/home/sia/Sia/siac stop WorkingDirectory=/home/sia/Sia/ Restart=always RestartSec=10 User=sia Nice=2 [Install] WantedBy=multi-user.target Alias=siad.service
nicevalue is so it doesn't end up eating all resources of the pixeldrain server. It also causes
siadto get eaten first if the server happens to run OOM.
This also contains a clean shutdown sequence for Sia, to reduce risks of data corruption when the server needs to reboot.
type=simpleline indicates that this is not a forking service, and that it should be started in a new process.
And I added
After=network.targetto make sure it doesn't start before the network driver is initialized.
I learned a lot about systemd from this, thanks for that :)