Is it complicated? everything discussed in this thread so far was outside of a storage node and not specific to storj.
Node setup is two commands, if you use their containers, or a few more if you don’t; both workflows are documented on the web site: CLI Install - Storj Docs
Choosing to run it on windows, configuring windows services, messing with firewall, DHCP and DNAT, DDNS, and all the rest of the stuff – it’s completely outside of storj and entirely specific to your environment.
For example, if your router was made by people who know what they are doing, you would not have to “lock port forwarding to Mac” – this is backwards. Your DHCP server would have issued the same IP the same client by default, and port forwarding would just work. (btw turn of uPNP if you have it on)
I, on the contrary, found the setup very straightforward: download binaries, create identity, add path to storage, start the services.
My only minor suggestion would be to have node self-register with a service manager (or at least to generate service wrappers) but this is not a such a big deal. if the user is expected to run a service – they should be able to do these things, otherwise it’s a non-starter. And besides, podman can generate service wrappers, so with Storj-provided containers it’s super simple.
I’m thinking there’s an error to do with certificates. I’m getting the following error:
2023-08-11T13:21:29-07:00 ERROR contact:service ping satellite failed {“Satellite ID”: “12EayRS2V1kEsWESU9QMRseFhdxYxKicsiFmxrsLZHeLUtdps3S”, “attempts”: 3, “error”: “ping satellite: failed to ping storage node, your node indicated error code: 0, rpc: tcp connector failed: rpc: tls peer certificate verification: not signed by any CA in the whitelist: CA cert”, “errorVerbose”: “ping satellite: failed to ping storage node, your node indicated error code: 0, rpc: tcp connector failed: rpc: tls peer certificate verification: not signed by any CA in the whitelist: CA cert\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatelliteOnce:209\n\tstorj.io/storj/storagenode/contact.(*Service).pingSatellite:157\n\tstorj.io/storj/storagenode/contact.(*Chore).updateCycles.func1:87\n\tstorj.io/common/sync2.(*Cycle).Run:99\n\tstorj.io/common/sync2.(*Cycle).Start.func1:77\n\tgolang.org/x/sync/errgroup.(*Group).Go.func1:75”}
My config file calls out the following two lines for certificates:
I resolved the issue myself by uninstalling the program, and when reinstalling it, pointing the calls for the certificate folder to an empty folder in order for the program to give me a dialog box telling me which EXACT FILE NAME it wants to load. I repeated this for each file name it needed for setup.
DEVELOPERS: IT IS NOT ENOUGH TO CALL FOR ONLY A FOLDER. YOU MUST CALL FOR THE EXACT FILE NAME YOU NEED FOR SETUP! YOU ARE CONFUSING USERS BY BEING VAGUE IN WHAT YOU ARE ASKING FOR!
Network environment Resolved by Setting a DHCP Reservation rule in the router. When setting a port forwarding rule, The router doesn’t lock to the hostname but only to the IP Address (not reserved by dhcp) and when the initial port forward was set [to “the hostname”] this did not result in a lock to the hostname without dhcp reservation set. Setting DHCP Reservation for the MAC address resolved the network issue.
The node being offline and misconfigured was because when user has all certificates and keys in a single folder your tools renames the files and doesn’t inform the user of this fact. The Setup for Storj node can get confused when all encryption files are in a single folder (nobody knows what the installer does, it is opaque).
Feedback: Make it easy for users by not being a total introvert when creating the setup process. Give good verbose communication throughout the setup process so the experience is clear and intuitive.
Lastly please close and/or delete this thread. It’s no longer needed.
# path to the certificate chain for this identity
identity.cert-path: C:\Users\Administrator\storj\cert\identity.cert
The number in the file name is a Unix epoch timestamp, and such files are backups of your original (not signed) keys. How did you manage to specify a file, unless you edit a path in the config.yaml?
It should select a folder with all files, not a single file. Perhaps here is a bug.
Upd. I tried to use the installer, it doesn’t allow to select a file, only a folder as expected. So, seems you did something additional to select a file.
We did that in the past and ended with a high number nodes churn, because it was simpler to remove the node and install it back than fix the existing one. So the current setup process is some kind of exam to be a Node Operator, who can solve small issues themselves. It give some confidence that such Operator would like to learn something new and will be reliable.
However, if you discovered a bug, it should be fixed.
Config file was changed because the status page said the node was misconfigured and certificate errors were found in the log files. I was flying blind since I didn’t have any communiction from storj installer of what it was doing when it asked for and selected the certificate folder on setup. I had to GUESS the troubleshooting steps. I am actually very angry that I had to be yeeted into a troubleshooting situation for no good reason other than for the purposes of an IQ test…
I’m asserting that users who for convenience put all certificate files during the entire a-z setup process in one convenient folder are at risk of setup failure because the installer cannot tell the difference between a backup of a certificate and the actual certificate. No communication is given about the file being renamed during identity creation. No communication is given about Installer Folder selection issues (silent fail).
The installer does not allow to select a file but it will provide you a dialog box when pointed to an empty folder complaining about it not being able to find the [filename.cert] which is how I bypassed the narcissistic introverts at your development team trolling me for an IQ test.
It doesn’t allow to select any of them, that’s the point.
You select a folder, where you have a root certificate, node’s certificate and node’s private key. So you actually need two files, not one.
The whole folder is called “identity”, so you usually do not need to explicitly specify each required file from this folder, the --identity-dir command line parameter is enough.
But how did you find yourself in this situation?
Usually you generate an identity, then sign it with an authorization token, an during installation you just select this folder.
How it turned out, that this folder missed files, which you supposedly should just backup, but not modify?
