How to install IOTA node with docker

INTRODUCTION

IOTA has a official full node project named iri. It is a java open-source project (github)

Today there are 2 versions of iri:

• 1.5.x STABLE with full snapshot feature
• 1.6.x RELEASE CANDIDATE with local snapshot feature

Into this tutorial we will install STABLE version

REQUIREMENTS

There are two common solutions to install IOTA node:

• playbook
• docker

I prefer docker installation. So you must have docker into your 64-bit system.

Docker official installation guide links:

• Windows
• Linux (Ubuntu)
• Mac OsX

After that you must install docker compose tool

DOCKER-COMPOSE

Docker compose is a yaml file with docker container declarations, we must use follow file named docker-compose.yml:

version: "2"

services:
  iri:
    image: iotaledger/iri:latest
    restart: unless-stopped
    volumes:
      - ./data/iri/iri.ini:/iri/conf/iri.ini:ro
      - ./data/iri/ixi:/iri/ixi:rw
      - ./data/iri/db:/iri/data:rw
      - /etc/localtime:/etc/localtime:ro
    environment:
      - JAVA_MAX_MEMORY=4096m
      - JAVA_MIN_MEMORY=256m
      - DOCKER_IRI_MONITORING_API_PORT_ENABLE=1
      - DOCKER_IRI_REMOTE_LIMIT_API="addNeighbors, removeNeighbors"      
    ports:
      - "14600:14600/udp"
      - "15600:15600/tcp"
    command: ["-c", "/iri/conf/iri.ini"]       
  iota-pm:
    image: michaelermer/iota-peer-manager
    restart: unless-stopped
    ports:
      - "8888:8888"
    environment:
       - IRI=http://iri:14265
  proxy:
    image: nginx
    volumes:
      - ./data/nginx/ssl/fullchain.pem:/etc/nginx/ssl/fullchain.pem:ro
      - ./data/nginx/ssl/privkey.pem:/etc/nginx/ssl/privkey.pem:ro
      - ./data/nginx/default.conf:/etc/nginx/conf.d/default.conf:ro
    command: [nginx-debug, '-g', 'daemon off;']
    ports:
      - "80:80"
      - "443:443"

FOLDER DATABASE & FILE

Before to run, we must create folder, download tangle database and create iri and proxy configuration files.

Create the folder

mkdir ~/data
mkdir ~/data/iri
mkdir ~/data/iri/ixi
mkdir ~/data/iri/db
mkdir ~/data/nginx
mkdir ~/data/nginx/ssl

Download database

IOTA node is a peer to peer node, to increase init time i suggest you to download database and extract it into folder ~/data/db

curl https://global.iota.partners/iri-mainnetdb.tar.gz | tar xz -C ~/data/iri/db/

IRI configuration file

The IRI configuration file should be located into ~/data/iri/iri.ini and it must contains port configuration and neighbors node list.

There are two neighbors connection type:

• TCP
• UDP

Your node must be have enough TCP (reciprocal) connection to be able to be synced. 

[IRI]
PORT = 14265
TCP_RECEIVER_PORT = 15600
UDP_RECEIVER_PORT = 14600
IXI_DIR = /iri/ixi/
NEIGHBORS = ....
HEADLESS = true
DEBUG = false
TESTNET = false
DB_PATH = /iri/data/
API_HOST = 0.0.0.0
REMOTE = true
REMOTE_LIMIT_API = "addNeighbors, removeNeighbors"
ZMQ_ENABLED = false

You can find your neighbors into telegram (italian) / discord group

Proxy configuration file

The Nginx proxy configuration file should be located into ~/data/nginx/default.conf

server {
    listen       80;
    location / {
      return 404;
    }
}

server {
    listen 443 ssl;
    ssl_certificate /etc/nginx/ssl/fullchain.pem;
    ssl_certificate_key  /etc/nginx/ssl/privkey.pem;
    ssl_trusted_certificate /etc/nginx/ssl/fullchain.pem;

    # cache ssl sessions 
    ssl_session_cache  builtin:1000  shared:SSL:10m;    

    # prefer server ciphers (safer)
    ssl_prefer_server_ciphers on;

    # important! protects your website against MITM attacks.
    add_header Strict-Transport-Security "max-age=604800";

    location / {

       if ($request_method = OPTIONS ) {
          add_header Access-Control-Allow-Origin *;
          add_header Access-Control-Allow-Methods "GET, OPTIONS";
          add_header Access-Control-Allow-Headers "origin, authorization, accept";
          add_header Access-Control-Allow-Credentials "true";
          add_header Content-Length 0;
          add_header Content-Type text/plain;
          return 200;
      }

       # these headers contains information about original request
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header Host $http_host;

       proxy_pass http://iri:14265;
    }

    error_page   500 502 503 504  /index.html;
    location = /index.html {
        root   /usr/share/nginx/html;
    }
}

RUN & CHECK

Last thing is to start iri using follow command:

docker-compose up -d

Once start you can open the browser to check your installation ( http://MYIP:8888 )

You can also check your IRI node using Official Node Check

Best regards

Fabrizio Spataro