# Create Your Own Spee.ch on Ubuntu 16.x 18.x VPS
# Overview
## Prerequisites
* Ability to use SSH (putty + public key for windows users)
* Ubuntu 16.04 or 18.04 VPS with root access
* Your login info ready
* Exposed ports: 22, 80, 443, 3333, 4444
* Domain name with @ and www pointed at your VPS IP
* _alternatively, specify http://localhost:3000 as domain during speech configuration_
* Ability to send 5+ LBRY credits to an address
* Noncommercial use
* _alternative configuration examples for nginx and certbot are [here](https://github.com/lbryio/spee.ch/tree/master/docs/setup/conf/nginx)_
## You'll be installing:
* MySQL DB version 5.7 or higher
* Default Port 3306
* mysql_native_password plugin
* NodeJS v8+
* Caddy - https reverse proxy server
* automatically obtains tls certificate
* Redirects 80 (http) to 443 (https) to Speech on 3000
* Lbrynet DAEMON started on ports 3333 and 4444
* Spee.ch started on port 3000
_note: throughout this guide you'll be replacing `{{xyz}}` with `yourvalue` omitting the brackets_
# 1. Setup OS and install dependencies
## OS
### Secure your server by creating a non-root sudoer.
As root# _create user and add to sudo group_
```
adduser username
usermod -aG sudo username
su - username
```
As username: *paste public key in authorized\_keys*
`cd`
`mkdir .ssh`
`nano ~/.ssh/authorized_keys`
### Prep
ssh to username@domainname or username@ip_address
```
sudo apt-get update -y
ulimit -n 8192
wget -qO- https://deb.nodesource.com/setup_8.x | sudo -E bash -
```
## Git, Curl, Unzip, ffmpeg, imagemagick, Node
`sudo apt-get install git curl unzip ffmpeg nodejs imagemagick -y`
## Clone speech either from your own fork, or from the lbryio/spee.ch repo.
* For Developers - our master branch
`git clone https://github.com/lbryio/spee.ch`
* For Developers - your fork
`git clone https://github.com/{{youraccount}}/spee.ch.git`
`git clone git@github.com:{{youraccount}}/spee.ch`
* For Publishers and Content creators - stable release
`git clone -b release https://github.com/lbryio/spee.ch`
## Prepare the scripts
`chmod 750 -R ~/spee.ch/docs/setup`
# 2 Secure the UFW firewall
## UFW
`sudo ~/spee.ch/docs/setup/scripts/firewall.sh`
_if your distro isn't vanilla ubuntu 16 or 18, you may have to install it_
# 3 Install Caddy to handle https and reverse proxy
## Get Caddy
`curl https://getcaddy.com | sudo bash -s personal`
## Set up Caddy reverse proxy and ssl
_Make Caddy's folders, copy the template, edit the Caddyfile, copy the caddyfile to its folder._
```
sudo mkdir -p /opt/caddy/logs/
sudo mkdir -p /opt/caddy/store/
cp ~/spee.ch/docs/setup/conf/caddy/Caddyfile.template ~/spee.ch/docs/setup/conf/caddy/Caddyfile
nano ~/spee.ch/docs/setup/conf/caddy/Caddyfile
```
( Change {{EXAMPLE.COM}} to YOURDOMAIN.COM )
`sudo cp ~/spee.ch/docs/setup/conf/caddy/Caddyfile /opt/caddy/`
## Set up Caddy to run as systemd service
```
sudo cp ~/spee.ch/docs/setup/conf/caddy/caddy.service /etc/systemd/system/caddy.service
sudo chmod 644 /etc/systemd/system/caddy.service
sudo chown -R www-data:www-data /opt/caddy/
sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy
sudo systemctl daemon-reload
sudo systemctl start caddy
sudo systemctl status caddy
```
`q` exits
At this point, navigating to yourdomain.com should give you a 502 bad gateway error. That's good!
Now you can make sure caddy starts when the machine starts:
`sudo systemctl enable caddy`
# 4 Set up MySQL
## Install MySQL
`sudo apt-get install mysql-server -y`
( During install, enter blank password each time if prompted. We'll set one during secure setup.)
`sudo systemctl status mysql` (q to exit)
## Secure Setup
`sudo mysql_secure_installation`
* Password your_mysql_password
* No to password validation
* Y to all other options
## Login to mysql from root to complete setup:
`sudo mysql` to enter mysql> console
mysql>
`ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'yourpassword123';`
mysql>
`FLUSH PRIVILEGES;`
`Control+D` to exit
Verify:
`mysql -u root -p` and then entering your_mysql_password should give you the mysql> shell
# 5 Get Lbrynet SDK Daemon
## Get the SDK
We'll be putting it in /opt/lbry.
`sudo mkdir /opt/lbry`
`sudo wget -O /opt/lbry/latest_daemon.zip https://lbry.io/get/lbrynet.linux.zip`
`sudo unzip -o -u /opt/lbry/latest_daemon.zip -d /opt/lbry`
## Set up lbrynet to run as systemd service
We'll soon update the setup scripts. Meanwhile, here's an example lbrynet.service file. Again, fully replace {{USERNAME}}
```
[Unit]
Description="LBRYnet daemon"
After=network.target
# Replace {{USERNAME}} with your username, e.g. `bob` or `speechuser`
[Service]
Environment="HOME=/home/{{USERNAME}}"
ExecStart=/opt/lbry/lbrynet start
User={{USERNAME}}
Group={{USERNAME}}
Restart=on-failure
KillMode=process
[Install]
WantedBy=multi-user.target
```
`sudo nano /etc/systemd/system/lbrynet.service`
Then paste the above into the file and edit replacing {{USERNAME}} with yours.
Finally do the following.
```
sudo chmod 644 /etc/systemd/system/lbrynet.service
sudo systemctl daemon-reload
sudo systemctl start lbrynet
sudo systemctl status lbrynet
```
You'll find your lbrynet logs in ~/.local/share/lbry/lbrynet/lbrynet.log
Let's make our lives easier and link /opt/lbry/lbrynet in /usr/local/bin
`sudo ln -s /opt/lbry/lbrynet /usr/local/bin/lbrynet`
Now we can `lbrynet` without `/opt/lbry`. Let's make sure we're back in our home directory. `cd`
## Customize SDK settings
These settings will prevent you and your users from spending your server's LBC on paid content. Full documentation is [here](https://lbry.tech/resources/daemon-settings).
~$
`cd ~/.local/share/lbry/lbrynet`
`nano daemon_settings.yml`
copy and paste in the following code (Ctrl+Shift V)
_upnp is unnecessary for a vps but may be useful behind a properly configured NAT_
```
run_reflector_server: false
max_key_fee: {amount: 0, currency: LBC}
use_upnp: false
auto_re_reflect_interval: 0
```
`CONTROL+O` then `CONTROL+X` to save and exit
Restart lbrynet sdk:
`sudo systemctl restart lbrynet`
`sudo systemctl status lbrynet`
## Display wallet address to which to send 5+ LBC.
_note: These commands work when `lbrynet` is already running_
`lbrynet commands` to check out the current commands
`lbrynet address list` to get your wallet address
`Ctrl + Shift + C` after highlighting an address to copy.
Use a LBRY app or daemon to send LBC to the address. Sending LBC may take a few seconds or longer.
`lbrynet account balance` to check your balance after you've sent LBC.
# 6 Set up spee.ch
## Build it
`cd spee.ch`
~/spee.ch:
`npm install`
_note: if you have installed your own local chainquery instance, you will need to specify it in your own /site/config/chainqueryConfig.json_
Once your wallet has a balance, run this:
`npm run configure`
The script will ask for the following values:
* Database: lbry
* Username: root
* Password: your_mysql_password
* Port: 3000
* Site Title: Your Site Name
* Enter your site's domain name: https://example.com or http://localhost:3000
* Enter a directory where uploads should be stored: (/home/{{username}}/Uploads) *
_* if you're not sure, `pwd`_
`npm run build` (or `npm run dev` to build for developing)
`npm run start`
## Try it
Navigate to example.com!
# 7 Production
## pm2 to keep your speech app running
If your server is running in the terminal from the last section, `Control+C` it.
`sudo npm install -g pm2` _There are tutorials online for avoiding sudo for npm i -g_
`cd spee.ch`
`pm2 start npm --name speech -- run start`
While pm2 installed this way will restart the server, it will not rebuild it on changes. You'll do that manually as discussed before.
### 7 Maintenance Procedures
#### Update sdk daemon
* Backup wallet (private keys!) to a safe place. It should be in ~/.local/share/lbry/lbryum/wallets.
* `lbrynet stop`
* Following the instructions in 5: Get the SDK will rename the old daemon and give you the new one.
* `lbrynet start`
* `lbrynet version`
* `lbrynet account balance`
#### Update speech
* Read the release notes to see if there are any breaking changes, address them
* `pm2 stop speech`
* `git pull origin release` (assuming you cloned release)
* `npm i` if necessary
* `npm run build`
* `pm2 start speech`
* Have an exotic energy drink