Intersango HowTo
This procedure will guide you through the steps toward the installation and configuration of a Ubuntu server to host your Intersango Bitcoin Exchange.
We'll utilize the domain "bitcoinexample.com" as a example.
All of my Linuxes are Virtual Machines (ParaVirtual) on top of XenServer, and are minimal installations (F4 option at the server CD boot menu).
Yes, host your wallet.dat within a Xen virtual machine is pretty safe, because the manager of the physical machine can't access your portion of RAM memory. That's because the Xen provides a security through isolation. Do not believe if somebody says that virtual machine are unsafe, this affirmation can be true for vmware and for virtualbox, but not for Xen. NOTE: Before putting your Xen virtual machine in a production environment, you
must convert your virtual machine from HVM to PVM domain.
NOTE 2: It is highly recommended to encrypt your entire Linux partition, using a LVM2 encrypted volume powered by LUKS, for a production environment.
Procedure
1- Install a Ubuntu 11.04 server (can be the minimum virtual machine).
- Chose the hostname "intersango"
- Chose the domain "bitcoinexample.com"
- After the installation, the output of the command "hostname -f" should be "intersango.bitcoinexample.com"
2- Still during the installation, setup a user called "Administrative Intersango" with login "administrative".
- The "administrative" user can become "root" via "sudo -i" command, it must be used only for the server daily management.
- Finish the installation and reboot.
3- Login with "administrative" and install the following packages:
sudo -i
aptitude install screen vim ssh postfix dovecot-imapd git-core build-essential apache2 apache2-mpm-prefork php5 mysql-server mysql-client zip unzip php5-mcrypt php5-gmp php5-cli php5-mysql libgtk2.0-dev libssl-dev libdb4.7-dev libdb4.7++-dev libboost-all-dev
- Setup a password for the MySQL root user
- Setup the Postfix with: "Internet Site" and "bitcoinexample.com"
Note: You can enable the Proposed Ubuntu repository to install more newly packages versions by adding the following lines to your /etc/apt/sources.list file:
deb http://us.archive.ubuntu.com/ubuntu/ natty-proposed main restricted universe multiverse
# deb-src http://us.archive.ubuntu.com/ubuntu/ natty-proposed main restricted universe multiverse
And run:
aptitude update; aptitude safe-upgrade
reboot
4- Login as "administrative" and make the following users: "intersango", "bitcoin" and "support".
sudo -i
adduser --gecos "Intersango Web App User" intersango
adduser --gecos "Bitcoin Wallet Manager" bitcoin
adduser --gecos "Intersango Support" support
5- Login as "administrative" to create the Intersango MySQL database:
sudo -i
mysqladmin create intersango_devel -p
Enter password: MySQL_ROOT_PASSWORD
mysql -u root -p
Enter password: MySQL_ROOT_PASSWORD
mysql> GRANT ALL PRIVILEGES ON `intersango_devel`.* TO 'intersango_user'@'localhost' IDENTIFIED BY 'PassW0rd';
mysql> FLUSH PRIVILEGES;
mysql> exit
logout
6- Become the "intersango" user from "administrative" user:
6.1- Get the Intersango Web Application
mkdir ~/src ; cd ~/src
git clone git://gitorious.org/intersango/intersango.git
6.2- Edit the file "intersango/htdocs/config.php" and setup the $abspath variable:
vim intersango/htdocs/config.php
$abspath = '/home/intersango/src/intersango';
6.3- Import the DATABASE to MySQL:
mysql -u intersango_user -p intersango_devel < intersango/DATABASE
Enter password: PassW0rd
6.4- Prepare the CRON jobs by creating 3 litle scripts:
6.4.1- Script 1 - process_orders.sh - does the order matching
vim intersango/cron/process_orders.sh
#! /bin/sh
cd /home/intersango/src/intersango/cron
php5 process_orders.php
chmod +x intersango/cron/process_orders.sh
6.4.2- Script 2 - verify_deposits.sh - changes the verifying deposits to finalised
vim intersango/cron/verify_deposits.sh
#! /bin/sh
cd /home/intersango/src/intersango/cron
php5 verify_deposits.php
chmod +x intersango/cron/verify_deposits.sh
6.4.3- Script 4 - verify_withdrawals_bitcoin.sh - withdraws all the bitcoins
vim intersango/cron/verify_withdrawals_bitcoin.sh
#! /bin/sh
cd /home/intersango/src/intersango/cron
php5 verify_withdrawals_bitcoin.php
chmod +x intersango/cron/verify_withdrawals_bitcoin.sh
6.4.4- Prepare the crontab with the following (all commented for now):
run:
# Begin tasks for: Intersango
#*/2 * * * * /home/intersango/src/intersango/cron/process_orders.sh >/dev/null 2>&1
#*/1 * * * * /home/intersango/src/intersango/cron/verify_deposits.sh >/dev/null 2>&1
#*/3 * * * * /home/intersango/src/intersango/cron/verify_withdrawals_bitcoin.sh >/dev/null 2>&1
# End tasks for: Intersango
6.4.5- Back to the "administrative" user:
7- As administrative user, make the file /var/db.intersango.inc with the following content:
sudo vim /var/db.intersango.inc
<?php
mysql_connect('localhost', 'intersango_user', 'PassW0rd') or die(mysql_error());
mysql_select_db('intersango_devel') or die(mysql_error());
function connect_bitcoin()
{
disable_errors_if_not_me();
$bitcoin = new jsonRPCClient('http://intersango:BitPass2011@127.0.0.1:8332/');
enable_errors();
return $bitcoin;
}
?>
8- Become the "bitcoin" user from "administrative" user:
8.1- Download and compile the Bitcoind:
git clone git://gitorious.org/intersango/bitcoind.git
cd bitcoind/src
make -f Makefile bitcoind
8.2- Make the ~/.bitcoin/bitcoin.conf file with the following content:
mkdir ~/.bitcoin ; vim ~/.bitcoin/bitcoin.conf
rpcuser=intersango
rpcpassword=BitPass2011
8.3- Run the bitcoind:
/home/bitcoin/bitcoind/src/bitcoind
8.4- Check the bitcoin instance by running the following commands:
/home/bitcoin/bitcoind/src/bitcoind help
/home/bitcoin/bitcoind/src/bitcoind getinfo
/home/bitcoin/bitcoind/src/bitcoind getconnectioncount
NOTE: If your server was installed behind a firewall, it is higly recommended setup a DNAT rule, redirecting the incoming TCP connections to port 8333 to your Intersango/Bitcoind server. This will be increase the number of connections, you can check if by running the "getconnectioncount" bitcoind command option, it should be more than 7 or 8.
8.5- Get the Bitcoin Address of your "default account" of your Intersango Exchange House:
8.5.1- List your account(s):
/home/bitcoin/bitcoind/src/bitcoind listaccounts
You should see (this is your "default account"):
8.5.2- Get the Bitcoin Address of your Intersango Exchange House:
/home/bitcoin/bitcoind/src/bitcoind getaccountaddress ""
You should see the Bitcoin Address (This is my one):
1B25DjRb6AQApEkLo7UtNLpKKqGUD1ar3L
WARNING! WARNING!!
You must send at least 1 BTC to your "default account", if you do not, and your first user make a 1 BTC deposit and tries to just withdraw its 1 BTC, you, and your user, will be in trouble... So, before starts your Intersango operation, just send 1 BTC to your "default account to pay the Bitcoin withdraw fees of your users.
This first 1 BTC should be enough for ~200 withdraws...
8.6- Back to the "administrative" user:
9- Prepare the Apache Web Server environment, become the "root" user from "administrative" user:
sudo -i
cd /var
rm -fr www
ln -s /home/intersango/src/intersango/htdocs www
service apache2 restart
10. Mark /var/tmp/error-reports.log as rw for users:
touch /var/tmp/error-reports.log
chmod 666 /var/tmp/error-reports.log
11. Access your own Intersanto Bitcoin Exchange web service:
http://bitcoinexample.com/
12. Test the CRON scripts (as intersango user) by running each script:
/home/intersango/src/intersango/cron/process_orders.sh
/home/intersango/src/intersango/cron/verify_deposits.sh
/home/intersango/src/intersango/cron/verify_withdrawals_bitcoin.sh
If you see no errors, enable these scripts at crontab:
# Begin tasks for: Intersango
*/2 * * * * /home/intersango/src/intersango/cron/process_orders.sh >/dev/null 2>&1
*/1 * * * * /home/intersango/src/intersango/cron/verify_deposits.sh >/dev/null 2>&1
*/3 * * * * /home/intersango/src/intersango/cron/verify_withdrawals_bitcoin.sh >/dev/null 2>&1
# End tasks for: Intersango
13. Disable the root login via ssh:
change:
to:
14. The DNS and mail settings:
This server will also send and receive e-mail for the domain bitcoinexample.com, so you need to point the MX DNS entry to it. The Bind9 zone file can be something like this:
sudo aptitude install bind9
vim /etc/bind/named.conf.local
zone "bitcoinexample.com" {
type master;
file "bitcoinexample.com.db";
};
vim /var/cache/bind/bitcoinexample.com.db
;
; BIND data file for BitcoinExample
;
$TTL 604800
@ IN SOA bitcoinexample.com. administrative.bitcoinexample.com. (
2011080801 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS intersango.bitcoinexample.com.
@ IN MX 0 mail.bitcoinexample.com.
@ IN A 200.1.2.3
mail IN A 200.1.2.3
intersango IN A 200.1.2.3
Now, open your Thunderbird mail client and setup the address "mail.bitcoinexample.com" as your IMAP and SMTP server.
WELL DONE!