Running your own Monero node enhances privacy, supports the network, and allows you to verify transactions independently.
Warning: Syncing the Monero blockchain requires significant resources: ~100 GB disk space (pruned), and a stable internet connection. Initial sync may take days, but with NVMe drives it takes around a day. Exposing RPC publicly (as in this script below) requires strong authentication—use a secure password within the script and consider firewall rules.
Steps to Set Up and Prepare OS (Debian in my case): Download and Extract Monero CLI:
Go to https://www.getmonero.org/downloads/ and copy link for the Linux CLI package (e.g., monero-linux-x64-v0.x.x.x.tar.bz2).
wget https//.... # download via cli
mkdir -p ~/monero
tar -xvf monero-linux-x64-v0.x.x.x.tar.bz2 -C ~/monero
This places monerod in ~/monero/monerod. Make it executable:
chmod +x ~/monero/monerod
Save the following modified script as run_monero_node.sh in your home directory (or anywhere convenient).
READ THE SCRIPT CAREFULLY
#!/bin/bash
set -euo pipefail
# --- Configuration ---
# Base directory for Monero files (adjust if needed)
MONERO_BASE_DATA_DIR="${HOME}/monero"
MONERO_DATA_DIR="${MONERO_BASE_DATA_DIR}/.bitmonero"
MONERO_BIN="${MONERO_BASE_DATA_DIR}/monerod" # Path to the monerod binary
# RPC credentials, used in wallets (CHANGE THESE to secure values!)
RPC_USER="your_rpc_username" # e.g., "monero_user"
RPC_PASS="your_strong_password" # Use a long, random password
# Create data directory if it doesn't exist
mkdir -p "${MONERO_DATA_DIR}"
# Check if monerod binary exists
if [ ! -f "${MONERO_BIN}" ]; then
echo "Error: The Monero binary could not be located at: ${MONERO_BIN}"
echo "Please download the Monero CLI from getmonero.org, extract it to ${MONERO_BASE_DATA_DIR}, and try again."
exit 1
fi
# Check if monerod is executable
if [ ! -x "${MONERO_BIN}" ]; then
echo "Error: The Monero binary at ${MONERO_BIN} does not have execute permissions."
echo "To fix this, run the command: chmod +x \"${MONERO_BIN}\" and then retry."
exit 1
fi
# Command to run monerod with optimized settings
# - Pruned blockchain to save space (~1/3 full size)
# - RPC exposed on all interfaces (0.0.0.0) with auth—secure your firewall!
# - Priority nodes for faster sync
# - ZMQ for tools like P2Pool
# - In/out peers tuned for performance
MONEROD_COMMAND=(
"${MONERO_BIN}"
--data-dir "${MONERO_DATA_DIR}"
--rpc-login "${RPC_USER}:${RPC_PASS}"
--rpc-restricted-bind-ip=0.0.0.0
--rpc-restricted-bind-port=18089
--add-priority-node=p2pmd.xmrvsbeast.com:18080
--add-priority-node=nodes.hashvault.pro:18080
--disable-dns-checkpoints
--confirm-external-bind
--enable-dns-blocklist
--check-updates=disabled
--no-igd # Disable UPnP port mapping
--in-peers=64
--out-peers=32
--zmq-pub="tcp://127.0.0.1:18084" # For P2Pool integration
--prune-blockchain
# Notes:
# - Default P2P port: 18080 (firewall: allow inbound if public)
# - Default unrestricted RPC port: 18081 (not used here)
)
# Run the command
exec "${MONEROD_COMMAND[@]}"
If you planning to use p2pool, use it on the same server, --zmq-pub="tcp://127.0.0.1:18084" only exposes the port on locahost.
Make the Script Executable:
chmod +x run_monero_node.sh
To run in background: Use screen, tmux, or nohup ./run_monero_node.sh &.
Secure Your Server with UFW
sudo apt update
sudo apt install ufw
Deny all incoming traffic by default (blocks everything unless explicitly allowed) and allow all outgoing traffic (your node needs to connect out to peers):
sudo ufw default deny incoming
sudo ufw default allow outgoing
Allow ssh port (22) and any other port you plan to use:
sudo ufw allow 22/tcp
sudo ufw allow 18080/tcp # recommended to contribute to the Monero network
sudo ufw allow 18089/tcp # Optionally allow restricted RPC (port 18089) if you need remote access
# enable firewall:
sudo ufw enable
sudo ufw status verbose
If you have RPC enabled now you can also connect wallets by pointing to http://your_server_ip:18089 with RPC credentials.
NOTE: If you want to host the node on a remote server I recommend to use Datalix servers, they offer top ups via Monero!
I’m on Boost package ( 6.95 € Monthly ) and works perfectly on pruned node, they use nvme drives: https://datalix.eu/a/monerotown
You must log in or # to comment.
nice tutorial, thanks
Some questions; Why disable updates?
Would you still want to set a user name and password if you don’t want remote access?
What is ZMQ and why bind it to localhost?
Why not set restricted bind port to something really obscure, or even at all if you might not want to open that port?I noticed this is just for the CLI, not the GUI. How much of the advice transfers over?
You need to manually download and unpack
monerodbinary, see no point to check version, you can keep enabled though. No need if firewall will block 18089 access. ZMQ is used byp2pool, again, remove the parameter if not using p2poolYou can set some random port for RPC, but it’s password protected anyway, feel free to change if you prefer so.
it’s cli because it’s mostly for servers, you setup monerod there along with p2pool and connect your local miners to it for gui try Gupax, very easy to use
