├── .github
    └── workflows
    │   └── deploy.yml
├── LICENSE
├── README.md
└── _config.yml


/.github/workflows/deploy.yml:
--------------------------------------------------------------------------------
 1 | name: Deploy
 2 | 
 3 | on:
 4 |   push:
 5 |     branches: ["main"]
 6 |   workflow_dispatch:
 7 | 
 8 | permissions:
 9 |   contents: read
10 |   pages: write
11 |   id-token: write
12 | 
13 | concurrency:
14 |   group: "pages"
15 |   cancel-in-progress: false
16 | 
17 | jobs:
18 |   build:
19 |     runs-on: ubuntu-latest
20 |     steps:
21 |       - name: Checkout
22 |         uses: actions/checkout@v3
23 |       - name: Setup Pages
24 |         uses: actions/configure-pages@v3
25 |       - name: Build with Jekyll
26 |         uses: actions/jekyll-build-pages@v1
27 |         with:
28 |           source: ./
29 |           destination: ./_site
30 |       - name: Upload artifact
31 |         uses: actions/upload-pages-artifact@v1
32 | 
33 |   deploy:
34 |     environment:
35 |       name: github-pages
36 |       url: ${{ steps.deployment.outputs.page_url }}
37 |     runs-on: ubuntu-latest
38 |     needs: build
39 |     steps:
40 |       - name: Deploy to GitHub Pages
41 |         id: deployment
42 |         uses: actions/deploy-pages@v2
43 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2024 dhruvsol
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | <img width="1280" alt="validator Jumpstart" src="https://github.com/user-attachments/assets/9412f361-d281-4af5-a061-0acc87905945">
  2 | 
  3 | # 🛑 Deprecated: Validator Setup Guide
  4 | 
  5 | > ⚠️ **This repository is deprecated and no longer maintained.**  
  6 | > 👉 The updated and active version of this guide now lives at:  
  7 | > [https://github.com/brewlabshq/validator-jumpstart](https://github.com/brewlabshq/validator-jumpstart)
  8 | 
  9 | ---
 10 | 
 11 | ## About This Guide (Archived)
 12 | 
 13 | This was a personal, opinionated guide for setting up Solana validators—designed to be blazingly fast and practical. It documents my experience with switching validator machines, optimizing hardware, and tuning system settings.
 14 | 
 15 | While still potentially useful for reference, it is no longer updated.  
 16 | Please visit the new repo for the latest practices, configurations, and scripts.
 17 | 
 18 | 
 19 | ## Basic Overview
 20 | System recommendation refer to [Solanahcl](https://solanahcl.org) list by [ferric](https://x.com/ferric) / [StakeWare](https://www.stakeware.xyz)
 21 | 
 22 | Three or more disks are required with the following configuration:
 23 | 1. SSD primary OS (~500 GB)
 24 | 2. NVMe Ledger (≥2TB)
 25 | 3. NVMe Accounts and snapshot (≥2TB)
 26 | 
 27 | Base OS: Ubuntu 22.04
 28 | 
 29 | ## Disk Setup
 30 | 
 31 | Directory structure:
 32 | - Ledger Disk → `/mnt/ledger`
 33 | - Account & Snapshot Disk → `/mnt/extras`
 34 |   - `/mnt/extras/snapshot` (For Snapshots)
 35 |   - `/mnt/extras/accounts` (For Accounts)
 36 | 
 37 | ### Setup Steps
 38 | 
 39 | 1. Format the block
 40 | ```bash
 41 | sudo mkfs -t ext4 /dev/nvme0n1
 42 | ```
 43 | 
 44 | 2. Spin up directory + give sol user permission
 45 | ```bash
 46 | sudo chown -R sol:sol <PATH TO DIR>
 47 | ```
 48 | 
 49 | 3. Mount to the directory
 50 | ```bash
 51 | sudo mount /dev/nvme0n1 <PATH TO DIR>
 52 | ```
 53 | 
 54 | ## Ports Opening
 55 | 
 56 | Note: RPC port remains closed, only SSH and gossip ports are opened.
 57 | 
 58 | For new machines with UFW disabled:
 59 | 1. Add OpenSSH first to prevent lockout if you don't have password access
 60 | 2. Open required ports:
 61 | ```bash
 62 | sudo ufw allow 8000:8020/tcp
 63 | ```
 64 | ```bash
 65 | sudo ufw allow 8000:8020/udp
 66 | ```
 67 | 
 68 | 
 69 | # System Tuning and Validator Setup
 70 | 
 71 | ## System Performance Optimization
 72 | 
 73 | ### Kernel and Network Tuning
 74 | Create and run the following script to optimize system performance:
 75 | 
 76 | ```bash
 77 | #!/bin/bash
 78 | 
 79 | # Set sysctl performance variables
 80 | cat >> /etc/sysctl.conf <<- EOM
 81 | # TCP Buffer Sizes (10k min, 87.38k default, 12M max)
 82 | net.ipv4.tcp_rmem=10240 87380 12582912
 83 | net.ipv4.tcp_wmem=10240 87380 12582912
 84 | 
 85 | # TCP Optimization
 86 | net.ipv4.tcp_congestion_control=westwood
 87 | net.ipv4.tcp_fastopen=3
 88 | net.ipv4.tcp_timestamps=0
 89 | net.ipv4.tcp_sack=1
 90 | net.ipv4.tcp_low_latency=1
 91 | net.ipv4.tcp_tw_reuse=1
 92 | net.ipv4.tcp_no_metrics_save=1
 93 | net.ipv4.tcp_moderate_rcvbuf=1
 94 | 
 95 | # Kernel Optimization
 96 | kernel.timer_migration=0
 97 | kernel.hung_task_timeout_secs=30
 98 | kernel.pid_max=49152
 99 | 
100 | # Virtual Memory Tuning
101 | vm.swappiness=30
102 | vm.max_map_count=2000000
103 | vm.stat_interval=10
104 | vm.dirty_ratio=40
105 | vm.dirty_background_ratio=10
106 | vm.min_free_kbytes=3000000
107 | vm.dirty_expire_centisecs=36000
108 | vm.dirty_writeback_centisecs=3000
109 | vm.dirtytime_expire_seconds=43200
110 | 
111 | # Solana Specific Tuning
112 | net.core.rmem_max=134217728
113 | net.core.rmem_default=134217728
114 | net.core.wmem_max=134217728
115 | net.core.wmem_default=134217728
116 | EOM
117 | 
118 | # Reload sysctl settings
119 | sysctl -p
120 | 
121 | # Set CPU governor to performance mode
122 | echo 'GOVERNOR="performance"' | tee /etc/default/cpufrequtils
123 | echo "performance" | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
124 | 
125 | # Set performance governor for bare metal (ignore errors)
126 | echo "performance" | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor || true
127 | ```
128 | 
129 | ### Session File Limits
130 | Choose one of the following configurations:
131 | 
132 | 1. Service-specific limits in `/etc/systemd/system.conf`:
133 | ```ini
134 | [Service]
135 | LimitNOFILE=1000000
136 | ```
137 | 
138 | 2. System-wide limits in `/etc/systemd/system.conf`:
139 | ```ini
140 | [Manager]
141 | DefaultLimitNOFILE=1000000
142 | ```
143 | 
144 | ## Validator Setup
145 | 
146 | ### Installing Agave/Jito Client
147 | 
148 | 1. Grant execution permissions to the install script:
149 | ```bash
150 | chmod +x bin/ice-staking/start/init.sh
151 | ```
152 | 
153 | 2. Run the installation with specific version tag:
154 | ```bash
155 | bin/ice-staking/start/init.sh -t v1.18.23-jito
156 | ```
157 | 
158 | ### Post-Installation Setup
159 | 
160 | 1. Create symlink for Jito client (if used):
161 | ```bash
162 | ln -sf /home/sol/.local/share/solana/install/releases/v1.18.15-jito/bin /home/sol/.local/share/solana/install/active_release/
163 | ```
164 | 
165 | 2. Add the following to your `.bashrc` or `.bash_profile`:
166 | ```bash
167 | # Environment Setup
168 | . "$HOME/.cargo/env"
169 | export PATH="/home/sol/.local/share/solana/install/active_release/bin:$PATH"
170 | 
171 | # Helpful Aliases
172 | alias catchup='solana catchup --our-localhost'
173 | alias monitor='solana-validator --ledger /mnt/ledger monitor'
174 | alias logtail='tail -f /home/sol/solana-validator.log'
175 | ```
176 | 3. Start script
177 | Use the start script [here](https://github.com/dhruvsol/ice-staking/blob/main/start/start.sh), specifically configured for a voting validator node. Note that the configuration includes modifications to support RPC functionality.
178 | additional flag for RPC node [here](https://docs.anza.xyz/operations/setup-an-rpc-node)
179 | 
180 | 
181 | ### Additional Resources
182 | - Installation script source: [ice-staking repository](https://github.com/dhruvsol/ice-staking)
183 | 
184 | 
185 | # Hot-Swap Validator Setup Guide
186 | 
187 | ## Overview
188 | This guide describes how to set up two servers for hot-swapping to maintain 100% uptime during system changes. The process follows the [Identity Transition](https://pumpkins-pool.gitbook.io/pumpkins-pool) methodology by Pumpkin.
189 | 
190 | ## Identity Keypair Configuration
191 | 
192 | ### Required Keypairs
193 | 1. **Unstaked Keypair** (`unstaked.json`)
194 |    - Functions as a burner keypair
195 |    - Maintains zero SOL balance to prevent voting capabilities
196 | 
197 | 2. **Staked Keypair** (`staked.json`)
198 |    - Serves as the primary staked keypair
199 |    - Used for validator transitions when needed
200 | 
201 | ### Transferring Keypairs
202 | Transfer the keypairs to your validator server using SCP:
203 | ```bash
204 | scp <source_files> ice-ams:
205 | ```
206 | > **Note**: Customize the SSH configuration according to your setup. Ensure proper permissions are set for the `sol` user after transfer.
207 | 
208 | ## Log Rotation Configuration
209 | 
210 | Create and implement log rotation for validator logs:
211 | 
212 | ```bash
213 | cat > logrotate.sol <<EOF
214 | /home/sol/solana-validator.log {
215 |     rotate 7
216 |     daily
217 |     missingok
218 |     postrotate
219 |         systemctl kill -s USR1 sol.service
220 |     endscript
221 | }
222 | EOF
223 | 
224 | sudo cp logrotate.sol /etc/logrotate.d/sol
225 | systemctl restart logrotate.service
226 | ```
227 | 
228 | ## Systemd Service Configuration
229 | 
230 | Create a systemd service file for the Solana validator:
231 | 
232 | ```ini
233 | [Unit]
234 | Description=Solana Validator
235 | After=network.target
236 | StartLimitIntervalSec=0
237 | 
238 | [Service]
239 | Type=simple
240 | Restart=always
241 | RestartSec=1
242 | User=sol
243 | LimitNOFILE=1000000
244 | LogRateLimitIntervalSec=0
245 | Environment="SOLANA_METRICS_CONFIG=host=https://metrics.solana.com:8086,db=mainnet-beta,u=mainnet-beta_write,p=password"
246 | Environment="PATH=/home/sol/bin:/home/sol/.local/share/solana/install/active_release/bin:/home/sol/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin"
247 | ExecStart=/home/sol/bin/ice-staking/start/start.sh mainnet-beta
248 | 
249 | [Install]
250 | WantedBy=multi-user.target
251 | ```
252 | 
253 | ## Service Management Commands
254 | 
255 | ### Start Service
256 | ```bash
257 | sudo systemctl enable --now sol
258 | ```
259 | 
260 | ### Stop Service
261 | ```bash
262 | sudo systemctl stop sol
263 | ```
264 | 
265 | ### Restart Service
266 | ```bash
267 | sudo systemctl restart sol
268 | ```
269 |   
270 | After this check the log file snapshot download should have started
271 | 
272 | ```
273 | tail -f solana-validator.log 
274 | ```
275 | 
276 | # Solana Validator Operations Guide
277 | 
278 | ## Metrics & Monitoring Solutions
279 | 
280 | ### 1. Built-in Dashboard Options
281 | - **Solana Metrics Dashboard**
282 |   - Official solution from Solana Labs
283 |   - Access via URL specified in service file
284 |   - Provides real-time validator performance metrics
285 | 
286 | ### 2. Third-Party Solutions
287 | - **Stakeconomy's SolanaMonitoring**
288 |   - Repository: [github.com/stakeconomy/solanamonitoring](https://github.com/stakeconomy/solanamonitoring)
289 |   - Community-maintained monitoring solution
290 |   - Features:
291 |     - Performance tracking
292 |     - Health checks
293 | 
294 | ### 3. Custom Monitoring Stack
295 | - **Grafana + InfluxDB Setup**
296 |   - Fully customizable metrics visualization
297 |   - Time-series data storage
298 |   - Benefits:
299 |     - Custom dashboards
300 |     - Historical data analysis
301 | 
302 | ## Active Monitoring Tools
303 | 
304 | ### 1. Solana Watcher
305 | - Official monitoring tool by Solana Labs
306 | - Documentation: [docs.solanalabs.com/operations/best-practices/monitoring](https://docs.solanalabs.com/operations/best-practices/monitoring)
307 | - Features:
308 |   - Automated health checks
309 |   - System alerts
310 | 
311 | ### 2. Stakewiz Update bot Integration
312 | - Telegram notification system
313 | - Real-time alerts and updates
314 | 
315 | ## Security Best Practices
316 | 
317 | ### 1. Firewall Configuration
318 | - Only open required ports
319 | - Implement port-specific rules
320 | - Regular audit of open ports
321 | - Use UFW (Uncomplicated Firewall) for simple management
322 | 
323 | ### 2. User Management
324 | - ✅ Run validator with non-root user
325 | - ❌ Avoid running as root
326 | - ❌ Validator user should not have sudo privileges
327 | - Create a dedicated service account for validator operations
328 | 
329 | ### 3. SSH Security
330 | - Disable password authentication
331 | - Use SSH keys exclusively
332 | - Consider:
333 |   - Custom SSH port
334 |   - Key-based authentication only
335 |   - Rate limiting for failed attempts
336 | 
337 | ### 4. Keypair Security
338 | - Secure storage of validator keypairs
339 | - Best practices:
340 |   - Encrypted backups
341 |   - Access control logs
342 | 
343 | 
344 | # Credits 
345 | - Solana Labs / [docs](https://docs.solanalabs.com/operations/setup-a-validator)
346 | - Tim Garcia / [youtube](https://www.youtube.com/playlist?list=PLilwLeBwGuK6jKrmn7KOkxRxS9tvbRa5p)
347 | - Overclock / [setup guide](https://github.com/overclock-Validator/autoclock-validator/)
348 | - Ferric / [StakeWare](https://www.stakeware.xyz)
349 | - Pumpkin's Pool / [Pumpkin's pool](https://pumpkins-pool.gitbook.io/pumpkins-pool)
350 | 
351 | 
352 | 
353 | 
354 | 


--------------------------------------------------------------------------------
/_config.yml:
--------------------------------------------------------------------------------
 1 | plugins:
 2 |   - jekyll-github-metadata
 3 |   - jekyll-remote-theme
 4 | 
 5 | remote_theme: pages-themes/cayman@v0.2.0
 6 | 
 7 | title: "Speed Up Validator Setup"
 8 | description: "A simple guide to setting up a validator"
 9 | show_downloads: false
10 | google_analytics: false  # If you have an analytics ID, replace `false` with your ID, e.g., 'UA-XXXXX-Y'
11 | 
12 | # Optimize for mobile
13 | mobile_optimization: true
14 | 


--------------------------------------------------------------------------------