# Node Deployment

### Server Configuration

It is recommended to use Ubuntu 20 and above or CentOS 8 and above, and ensure a stable public IPv4 connection.

#### Recommended Configuration

* CPU: 2 Cores
* Memory: 4 GB
* Storage: 40 GB

### Quick Deployment

```shell
# Log in to the remote server
ssh root@xxx.xxx.xxx.xx
```

```shell
# See below for environment variable configuration requirements
export NEXUS_CONFIG_HOST=http://<Your-Server-IP>:28610
export NEXUS_CONFIG_BTC_ADDRESS=tb1qmlp2ghv2xfv6h2ypmg9gt58uhmegse6c3tyhzq
export NEXUS_CONFIG_BTC_PRIVATE_KEY=853ac0c5ba7f629c20a8df8a86ae98e18a47c1262502e8a6ad0d074f3c2cf1af
export NEXUS_CONFIG_ETH_ADDRESS=0xfcee6a01ab86479aa18ed2c46dd0da8a16863a2c
export NEXUS_CONFIG_ETH_PRIVATE_KEY=18324232f8f131fac4025d79d8c458baacada677d2737462d47c6367e2ad93e4

curl -fsSL https://get.docker.com | bash -s docker
curl -fsSL https://images.hodlfi.app/hodlfi_dex/docker-compose-publictest.yml | docker compose -p hodlfi-dex -f - up --wait --force-recreate
```

```shell
# If you need to run with sudo privileges, use the following script
sudo curl -fsSL https://get.docker.com | sudo bash -s docker
sudo curl -fsSL https://images.hodlfi.app/hodlfi_dex/docker-compose-publictest.yml | sudo -E docker compose -p hodlfi-dex -f - up --wait --force-recreate
```

{% hint style="info" %}
Remember to use your own address/private key/mnemonics
{% endhint %}

### Manual Deployment

#### Docker Installation

The recommended way to deploy Hodlfi Nexus is using Docker. To install Docker, please refer to Docker's [Installation Guide](https://docs.docker.com/get-started/get-docker/). For questions regarding Docker installation, please refer to [Docker's Troubleshooting Guide](https://docs.docker.com/desktop/troubleshoot-and-support/troubleshoot/).

```shell
# Install Docker
curl -fsSL https://get.docker.com | bash -s docker
```

#### Get Deployment Script

Download the publictest configuration file `docker-compose.yml` from [HODLFI](https://images.hodlfi.app/hodlfi_dex/docker-compose-publictest.yml).

#### Environment Variable Configuration

Before running Nexus, you need to modify the following environment variables in `docker-compose.yml`:

* `NEXUS_CONFIG_HOST`: The host or public endpoint where the Nexus service runs.
* `NEXUS_CONFIG_BTC_ADDRESS`: The Bitcoin address used for sending and receiving BTC transactions.
* `NEXUS_CONFIG_BTC_PRIVATE_KEY`: The private key corresponding to the Bitcoin address, used for withdraw BTC in the Nexus service.
* `NEXUS_CONFIG_ETH_ADDRESS`: The Ethereum address used for sending and receiving ETH Transaction.
* `NEXUS_CONFIG_ETH_PRIVATE_KEY`: The private key corresponding to the Ethereum address, used for signing ETH transactions.

**Configuration Example**

Pay attention to the indentation level of the YAML configuration to ensure it is correct. If the value of a configuration item is a multi-line string, use `|` or `>` correctly to maintain the format and follow YAML's indentation rules.

```dotenv
services:
  service:
    environment:
      NEXUS_CONFIG_HOST: http://<Your-Server-IP>:28610
      NEXUS_CONFIG_BTC_ADDRESS: tb1qmlp2ghv2xfv6h2ypmg9gt58uhmegse6c3tyhzq
      NEXUS_CONFIG_BTC_PRIVATE_KEY: 853ac0c5ba7f629c20a8df8a86ae98e18a47c1262502e8a6ad0d074f3c2cf1af
      NEXUS_CONFIG_ETH_ADDRESS: 0xfcee6a01ab86479aa18ed2c46dd0da8a16863a2c
      NEXUS_CONFIG_ETH_PRIVATE_KEY: 18324232f8f131fac4025d79d8c458baacada677d2737462d47c6367e2ad93e4
```

#### Start Service

Check the `docker-compose` version; it needs to be greater than `1.21.0`.

```shell
docker-compose -v
# docker-compose version 1.17.1 ❌
# or
docker compose verison  # Note: There is a typo in the original document, "verison" should be "version"
# Docker Compose version v2.32.4 ✅
```

Execute the following command in the terminal to start Hodlfi Nexus:

```shell
# Execute in the command line
docker compose -f docker-compose.yml up --wait 
# or 
docker-compose -f docker-compose.yml up --wait
```

**Access Service**

After successful startup, you can access it via [http://:28610](https://github.com/DotSwap-Org/hodlfi-nexus-doc/blob/main/getting-started/http:/%3CYour-Server-IP%3E:28610/README.md).

**Security Operations**

```shell
# Clear environment variables
unset NEXUS_CONFIG_BTC_PRIVATE_KEY
unset NEXUS_CONFIG_ETH_PRIVATE_KEY

# Clear command history
history -c 
```

**Security Hardening**

After you have confirmed that your node is deployed and running stably, you **must perform the following critical step**:

* **Remove SSH Access Rule:** Return to your firewall settings and **delete or disable** the rule allowing SSH (port 22) access that you created in Stage 1.

<figure><img src="https://images.hodlfi.app/web_restrict/gitbook_api_img/image%20(2-1).png" alt=""><figcaption></figcaption></figure>

* **How to manage the server after closing SSH?** You will no longer connect via public SSH. Instead, you should **rely exclusively on the secure, in-browser management tools provided by your cloud provider** (e.g., AWS Session Manager, Linode Lish Console), which is the industry-recommended best practice.

<figure><img src="https://images.hodlfi.app/web_restrict/gitbook_api_img/image%20(7).png" alt=""><figcaption></figcaption></figure>

{% hint style="danger" %}
Never expose your private keys/mnemonics. And take the security of your server seriously.
{% endhint %}