Set-up a Nym-enabled node
To connect to through nym
network we use the socks5
proxy provided
by Nym
Note: This page is a general guide for nym
nodes in the
DarkFi ecosystem and is applicable to other apps such as taud
and
darkfid
. We use darkirc
as our main example throughout this guide.
Commands such as ./darkirc
and configuration filenames need to be
adjusted if using different apps. If you're using another app, the
network configurations remain the same except for the seed nodes you
connect to.
Note: Currently, we can set up only outbound nodes with
Nym
.
Generating configuration files
After compiling, you can start the application so it can spawn its
configuration file. We use darkirc
as the application example going
forward.
% ./darkirc
darkirc
creates a configuration file darkirc_config.toml
by default
in ~/.config/darkfi/
. You will review and edit this configuration
file for your preferred network settings.
Configure network settings
Modify the network settings located in the ~/.config/darkfi
directory. This configuration allows your node to send and receive
traffic only via Nym
.
Note: As you modify the file, if you notice some settings are missing, simply add them. Some settings may be commented-out by default.
First, download nym-socks5-client. Then initialize it:
./nym-socks5-client init --id [YOUR_ID] --provider [YOUR_PROVIDER]
Replace [YOUR_ID]
with your own preferred id and [YOUR_PROVIDER]
with a Nym network requester
provider address. You can find a list of
network requester providers from
Nym Harbour Master. Make sure the
provider you select is able to connect to non-standard ports used by
darkirc nodes.
After you initialize it, run the socks5 client:
./nym-socks5-client run --id [YOUR_ID]
Outbound node settings
These outbound node settings for your nym
node configuration is only
for connecting to the network. You will not advertise an external
address. Make sure nym-socks5-client
is running, and it's socks5
proxy is listening on 127.0.0.1:1080
before running darkirc
.
To be able to route our darkirc connections through the socks5
proxy
provided by Nym
, we need to enable the socks5 proxy transport in our
settings:
## connection settings
outbound_connect_timeout = 60
channel_handshake_timeout = 55
channel_heartbeat_interval = 90
outbound_peer_discovery_cooloff_time = 60
## Whitelisted transports for outbound connections
allowed_transports = ["socks5+tls", "tcp+tls"]
## Transports to be mixed
mixed_transports = ["tcp+tls"]
## Seed nodes to connect to
seeds = [
"tcp+tls://lilith1.dark.fi:5262"
]
## Outbound connection slots
outbound_connections = 8
## Nym Socks5 proxy
nym_socks5_proxy = "socks5://127.0.0.1:1080"
Connect and test your node
Run ./darkirc
. Welcome to the dark forest.
You can test if your node is configured properly on the network. Use Dnet and the ping-tool to test your node connections. You can view if your node is making inbound and outbound connections.
Troubleshooting
Refer to Network troubleshooting for further troubleshooting resources.
Running a Nym Network Requester
You can run a Nym Network Requester
to support the Darkfi P2P
network
A Nym
network requester serves as an exit gateway in the Nym
network, an equivalent of an exit node in the Tor network. You can
provide your Nym
network requester address to others so that they
can use your node as an exit gateway. To set it up you need a VPS with
a good internet connection.
First, download nym-network-requester. Then initialize it:
./nym-network-requester init --id [YOUR_ID]
You will see some configuration output along with the address of your
Nym Network Requester
, make sure to record it. It is the address you
will share with others.
With it's default configuration the Nym Network Requester
will not
allow connections to pass through non-standard ports, like the one used
by darkirc nodes. By default it uses this
exit policy.
To override this behavior you need to modify the config file found in
~/.nym/service-providers/network-requester/testing/config/config.toml
.
Go to the line with upstream_exit_policy
and set it to your exit
policy url:
upstream_exit_policy_url = 'http://localhost/YOUR_EXIT_POLICY.txt'
Run nginx
or a simple http server
to host your exit policy.
This is a sample exit policy
that whitelists a node with the ip
address NODE_IP_ADDRESS
and rejects any other connections. Note that
the exit policy
requires an ip address to be set, it doesn't accept a
domain name:
ExitPolicy accept [NODE_IP_ADDRESS]:*
# reject everything else not covered by any of the previous rules
ExitPolicy reject *:*