How to start a new Identity Server in BitDust network
Intro
You need to create new identity for your own to be able to communicate with other nodes and access BitDust community. Identity files are distributed across identity servers in the network, other nodes holding and exposing copies of your identity.
The third node can access that ID server and download your identity to be able to talk to you. So any node in the network can start own ID server and help to maintain network and make it more reliable.
Your global IDURL is formed based on your nickname and DNS name (or IP address) of the first ID server.
When one of your Identity servers is down, BitDust software will automatically find a fresh Identity server for you and "propagate" your identity there and also remove dead Identity server from the list of your sources. That process is called "identity rotate" and it is fully automated and decentralized.
Because of that BitDust network authentication is actually pretty reliable and fully independent for any single party.
Install and configure a web-server
To protect your BitDust node from outside we can use a web-server and re-route traffic internally to the bitdust process.
Here are two example configurations for well-known servers: Apache2 and Nginx.
But first, you need to setup a hostname on your machine if you did not do it before:
sudo hostname -b my-own-identity-server.com
Nginx setup
Install Nginx with Apt:
sudo apt-get update
sudo apt-get install nginx
Disable the default virtual host, that is pre-configured when Nginx is istalled via Ubuntu packet manager apt:
sudo unlink /etc/nginx/sites-enabled/default
Enter the directory /etc/nginx/sites-available and create a configuration file:
cd /etc/nginx/sites-available
sudo nano my-own-identity-server_com.conf
You can use bellow sample config:
server {
server_name my-own-identity-server.com www.my-own-identity-server.com;
listen 80;
listen [::]:80;
access_log /var/log/nginx/idserver-log.log;
error_log /var/log/nginx/idserver-error.log;
location / {
proxy_pass http://127.0.0.1:8084/;
}
}
Copy the configuration from /etc/nginx/sites-available to /etc/nginx/sites-enabled. It is recommended to use a symbolic link.
ln -s /etc/nginx/sites-available/my-own-identity-server_com.conf /etc/nginx/sites-enabled/my-own-identity-server_com.conf
Enable Nginx system service and start the web-server:
sudo systemctl enable nginx
sudo systemctl start nginx
sudo service nginx reload
Apache2 setup
Install Apache2 server if you do not have it yet on your machine:
sudo apt-get update
sudo apt-get install apache2
Edit Apache2 main config file:
sudo nano /etc/apache2/apache2.conf
You need to add a line to set your domain name:
ServerName my-own-identity-server.com
Create a new .conf file for Apache2:
sudo nano /etc/apache2/conf-available/my-own-identity-server_com.conf
Use that template to create Apache2 config, basically you can just copy & paste and only change domain name here:
<VirtualHost *:80>
ServerName my-own-identity-server.com
ServerAlias www.my-own-identity-server.com
ProxyPreserveHost on
ProxyRequests Off
RewriteEngine on
ProxyPass / http://localhost:8084/
ProxyPassReverse / http://localhost:8084/
Redirect / http://localhost:8084/
RewriteRule ^/(.*) http://localhost:8084/$1 [P,L]
</VirtualHost>
Enable this configuration in apache2, run command:
sudo a2enconf my-own-identity-server_com
Configure proxy_http and rewrite modes in apache2, run commands:
sudo a2enmod proxy_http
sudo a2enmod rewrite
Now restart apache2 server:
sudo service apache2 restart
Configure BitDust software
First you need to install BitDust on your machine.
Now configure BitDust on your node to set domain name for this new identity server, run commands:
bitdust set services/identity-server/host my-own-identity-server.com
bitdust set services/identity-server/enabled true
You can manually set a port number for incoming connections using such command:
bitdust set services/identity-server/web-port 8084
Run standalone Identity Server
Run this command to start Identity server process in current terminal:
bitdust identity server start
Now open your favority WEB browser and navigate to my-own-identity-server.com. You should see an empty page with title "Identities on my-own-identity-server.com".
Congratulations! You are running your own identity server now and able to register your own identity there or help other people by hosting their identity files on your machine.
Run Identity Server as daemon process
Be sure network service identity_server is enabled in settings (check configuration above) and start BitDust software in "daemon" mode:
bitdust daemon
Be sure ID server is up and running:
bitdust states | grep id_server
36: id_server(LISTEN)
Open your browser and go to my-own-identity-server.com to check server status.
To make life easier you can also configure BitDust to start automatically when your machine reboots. For example on Debian system you can use crontab tool for that:
crontab -e
@reboot /usr/local/bin/bitdust daemon
Create dedicated identity
Normally, when you creating a new identity, software will do all stuff for you automatically and just select few random ID servers, ping them and "propagate" your new identity to those nodes.
But you can decide which ID servers you prefer, in case if you would like to control where your identity will be distributed exactly, and modify your "known" ID servers:
bitdust set services/identity-propagate/known-servers first-server.com:80:6661,second-host.net:8080:6661
Now if you create a new identity with such commands:
bitdust id erase
bitdust id create my_dedicate_identity
it will be automatically "propagated" to first-server.com and second-host.net and your global IDURL should look like that: "http://first-server.com/my_dedicate_identity.xml"
Support BitDust network
Contact with BitDust team to notify about this new ID server was started on your machine and we will add your domain name in the file known_servers.py storing list of all known BitDust identity servers:
You can Fork BitDust development repository and open a Pull Request to modify the list of known servers in place.