Steps for creating a node

tech reticulum
https://garden.seedytilde.eu/steps-for-creating-a-node/

Set up a VPS, VM, SBC

Decide how you want to run a static node: you can use a cheap single-board computer (SBC), run a VM or container on an existing desktop or server or spin up a virtual private server (VPS) with the hosting company of your choice.

I chose Debian as a reasonable Linux server choice.

Set up python/etc.

sudo apt update && sudo apt upgrade -y
sudo apt install -y python3 python3-pip

Set up a user (service account, personal account, etc.)

Install rnsd

pip3 install rns

Generate an example config

rnsd --exampleconfig > ~/.reticulum/config

Tweak for basic use

[reticulum]
enable_transport = Yes
share_instance = Yes

[interfaces]

  [Public Interface Name](/stub/public-interface-name/)
  type = TCPServerInterface
  enabled = yes
  listen_ip = 0.0.0.0
  listen_port = 4242

Run the node to check for errors

rnsd

See if the identity was created, interface started OK and that it’s listening on TCP.

Control-C to get back to the shell.

Add to systemd to autostart

sudo vi /etc/systemd/system/rnsd.service

Contents:

[Unit]  
Description=Reticulum Network Stack  
After=network.target  
  
[Service]  
ExecStart=/usr/local/bin/rnsd  
Restart=always  
User=root  
  
[Install]  
WantedBy=multi-user.target

Enable, start and check the daemon:

sudo systemctl daemon-reexec  
sudo systemctl enable rnsd  
sudo systemctl start rnsd
sudo systemctl status rnsd

To configure a client to use this node

Add the following to your client’s reticulum config:

[Interface Name](/stub/interface-name/)
type = TCPClientInterface
enabled = yes
target_host = your.ip.or.dns.here
target_port = your_port

Further tweak for adding a private interface

Adding a couple of fields to an interface’s configuration allows us to share a private key to make access limited to those with the key. Anyone expecting to connect will need the network_name and passphrase.

On the server:

  [Private Interface Name](/stub/private-interface-name/)
  type = TCPServerInterface
  enabled = yes
  listen_ip = 0.0.0.0
  listen_port = 9999
  network_name = private_network_name
  passphrase = SomeHashOrSomething

On the client in the interface section:

[Interface Name](/stub/interface-name/)
type = TCPClientInterface
enabled = yes
target_host = your.ip.or.dns.here
target_port = your_port
network_name = private_network_name
ifac_key = SomeHashOrSomething

In MeshChatX, you can copy and paste the above into Interfaces -> Add Interface -> Quick Import. It won’t apply the network_name or ifac_key; those go in the Advanced Parameters drop-down.

Restart your interfaces and you should be able to access the private network.

Harden the VPS/SBC/etc. as you normally would

Lock down SSH (forbid plaintext passwords, forbid root login, etc.), implement a firewall (and make sure your reticulum interface ports are open), etc.

For additional Reticulum functionality, we add propagation

Adding propagation to a Reticulum transport node

While writing this, I was listening to Voodoo Child - Comandante - Tom Morello