▪️Configuration

Validator Node Settings and Misc. Server Configurations

Configuring the Node Using app.toml and config.toml​

• config.toml: used to configure the Tendermint

• app.toml: used to configure your app, such as state pruning strategies, telemetry, state sync, gRPC and REST servers configuration

Both files are heavily commented, please refer to them directly to tweak your node.

Table of Contents:

1. Update Minimum Gas Prices

2. Define Pruning Strategy

3. Register as a Validator

4. Unjailing your Validator

5. Unbonding

6. Installing and Configuring Nginx for HTTPS

7. Port Configuration

1. Update Minimum Gas Prices

Open app.toml and check the current configuration:

cat ~/.vagachain/config/app.toml

The minimum-gas-prices field inside app.toml defines the minimum gas price the validator node is willing to accept to process a transaction. Change the setting by running the following command:

sed -i 's/minimum-gas-prices = "0vaga"/minimum-gas-prices = "0.01uvaga"/g' ~/.vagachain/config/app.toml

Recommended setting: minimum-gas-prices = "0.01uvaga"

2. Define Pruning Strategy

Open app.toml and check the current configuration:

cat ~/.vagachain/config/app.toml

In this file, you can set your pruning strategy by choosing between default, nothing, and everything depending on how much historical state you wish to store.

To reduce hard drive storage, choose everything or default.

To run an archival node, chose nothing. Custom settings are also possible.

# Default Pruning Strategy Setting
pruning = "default"

default: the last 100 states are kept in addition to every 500th state; pruning at 10 block intervals

nothing: all historic states will be saved, nothing will be deleted (i.e. archiving node)

everything: all saved states will be deleted, storing only the current and previous state; pruning at 10 block intervals

custom: allow pruning options to be manually specified through 'pruning-keep-recent', 'pruning-keep-every', and 'pruning-interval'

3. Register as a Validator

In order to be added to the address book, you need to set your server IP by configuring the external_address parameter in the config.toml file. The default P2P port is 26656.

sed -i -e 's/external_address = \"\"/external_address = \"'$(curl httpbin.org/ip | jq -r .origin)' :26656\"/g' ~/.vagachain/config/config.toml

Open config.toml and check the newly added IP address in the external_address field:

cat ~/.vagachain/config/config.toml

4. Unjailing your Validator

If your validator gets jailed, you can fix it with the following command:

Mainnet

# Unjail transaction
vagachaind tx slashing unjail <validator-address> --chain-id=frankfurt-1 --from=<key-name>

Testnet

vagachaind tx slashing unjail <your-moniker> --chain-id=porto-1 --from=<key-name>

Check your validator again to see if your voting power is back:

# Check validator status
vagachaind status
# "VotingPower":"xx"

Common reasons for your validator being jailed​ The most common reason for your validator being jailed is that your validator is out of memory because of bloated syslogs. Running the command df -H will return the size of the various partitions of your VPS.

A validator node must also be unique on the chain, so only a node can sign with its private key. If there is another node with the same private key, this will result in a double signature, and therefore immediately jail your validator.

5. Unbonding

Validators can submit an unbounding transaction to remove their staked coins. Once the transaction is processed the staked coins will enter an unbonding period of 21 days.

During the unbonding period, the staked coins will not earn any validator income, but are still susceptible to slashing penalties. After the unbonding period, the coins will be fully released to the wallet where they will once again be available to carry out transactions with.

The 21-day unbonding process assists in the long-term stability of the VagaChain protocol. The unbonding period discourages volatility by locking staked VAGA in the system for at least 21 days.

To perform an unbond transaction use the follow command:

# Unbond transaction
vagachaind tx staking unbond <validator-address> <stake-amount>uvaga --chain-id=frankfurt-1 --from=<key-name>

6. Installing and Configuring Nginx for HTTPS

6.1 Setup

Nginx is an open source software used for operating high-performance web servers. It allows you to set up reverse proxying on your validator server to improve performance and security.

Install nginx and allow the 'Nginx Full' rule in your firewall:

Debian / Ubuntu

sudo apt update
sudo apt -y upgrade
sudo apt -y install nginx
sudo ufw allow 'Nginx Full'

CentoOS / Fedora / Red Hat

sudo yum makecache
sudo yum -y update
sudo yum -y install nginx
sudo ufw allow 'Nginx Full'

Check nginx is running via systemctl:

sudo systemctl status nginx

Which should return:

# Sample Output
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2023-01-06 12:05:10 UTC; 2 days ago
     Docs: man:nginx(8)
 Main PID: 2369 (nginx)
    Tasks: 2 (limit: 1153)
   CGroup: /system.slice/nginx.service
           ├─2369 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           └─2380 nginx: worker process

6.2 Configuration

Proxying your validator's port 26657 to nginx port 80 can then be done by creating a file /etc/nginx/conf.d/<name-of-file>.conf with the following configurations :

# Example nginx configuration
server {
  listen 80;
  listen [::]:80;
  server_name <domain>;
  return 302 https://$server_name$request_uri;
  }

# SSL configuration
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    ssl on;
    ssl_certificate         /etc/ssl/cert.pem;
    ssl_certificate_key     /etc/ssl/key.pem;

    ssl_client_certificate  /etc/ssl/<name-of-file>.crt;
    ssl_verify_client on;

    server_name <domain>;

    root /var/www/<domain>/html;
    index index.html index.htm index.nginx-debian.html;
        
# Proxy validator port 26657 to nginx port 80
  location / {
          proxy_pass http://127.0.0.1:26657;
          proxy_http_version  1.1;
          proxy_cache_bypass  $http_upgrade;

          proxy_set_header Upgrade           $http_upgrade;
          proxy_set_header Connection        "upgrade";
          proxy_set_header Host              $host;
          proxy_set_header X-Real-IP         $remote_addr;
          proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto $scheme;
          proxy_set_header X-Forwarded-Host  $host;
          proxy_set_header X-Forwarded-Port  $server_port;
          }
  }

7. Port Configuration

vagachaind uses several TCP ports for different purposes:

• 26656: The default port for the P2P protocol. Use this port to communicate with other nodes. While this port must be open to join a network, it does not have to be open to the public. Validator nodes should configure persistent_peers and close this port to the public.

• 26657: The default port for the RPC protocol. This port is used for querying / sending transactions and must be open to serve queries from vagachaind. DO NOT open this port to the public unless you are planning to run a public node.

• 1317: The default port for Lite Client Daemon (LCD), which can be enabled in ~/.vagachain/config/app.toml. The LCD provides an HTTP RESTful API layer to allow applications and services to interact with your vagachaind instance through RPC. Check the VagaChain REST API for usage examples. Don't open this port unless you need to use the LCD.

• 26660: The default port for interacting with the Prometheus database. You can use Promethues to monitor an environment. This port is closed by default.

Caution:

Do not open port 26657 to the public unless you plan to run a public node.