Run zend from a specified lower port using authbind

  • Set port variable
  • Install and configure authbind
  • Update firewall rule
  • Overwrite zend systemd unit files and reload the daemon
  • Replace port 9033 with new port in zen.conf
  • Restart zend and zentracker

NOTE: After executing the following steps for this guide, if you have a need to run zend manually, you will need to instead use the following: authbind --deep /usr/bin/zend

  • If you need to run zend manually or need to run a rescan or reindex, those would be accomplished as follows
    • authbind --deep /usr/bin/zend
    • authbind --deep /usr/bin/zend --rescan
    • authbind --deep /usr/bin/zend --reindex

DescriptionCommand
1

Set a port variable, replace <port> with your port number, remove <brackets>

PORT=<port>
2
Install and configure authbind using the custom port set in the previous step
sudo apt-get install authbind -y
sudo touch /etc/authbind/byport/$PORT
sudo chown $USER /etc/authbind/byport/$PORT
chmod 755 /etc/authbind/byport/$PORT
3Add your port to your firewall rule set
sudo ufw allow $PORT/tcp
4Overwrite existing zend systemd unit file, copy and paste the entire block of text
echo \
"[Unit]
Description=Zen daemon
 
[Service]
User=$USER
Type=forking
ExecStart=/usr/bin/authbind --deep /usr/bin/zend -daemon -pid=$HOME/.zen/zend.pid
PIDFile=$HOME/.zen/zend.pid
Restart=always
RestartSec=10
 
[Install]
WantedBy=multi-user.target" | sudo tee /lib/systemd/system/zend.service
5Overwrite existing zenupdate systemd unit file, copy and paste the entire block of text
echo \
"[Unit]
Description=zenupdate.service
  
[Service]
Type=oneshot
ExecStart=/usr/bin/certbot -q renew --deploy-hook \"cat /etc/letsencrypt/live/$FQDN/chain.pem|sudo awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > \"/usr/local/share/ca-certificates/intermediate-cert\" n \".crt\"}' && update-ca-certificates --fresh && systemctl restart zend\"
PrivateTmp=true" | sudo tee /lib/systemd/system/zenupdate.service
6Overwrite existing zenupdate timer systemd unit file, copy and paste the entire block of text
echo \
"[Unit]
Description=Run zenupdate unit twice a month @ 06:00:00 (UTC)
 
[Timer]
OnCalendar=*-*-01 06:00:00
OnCalendar=*-*-03 06:00:00
Unit=zenupdate.service
Persistent=true
 
[Install]
WantedBy=timers.target" | sudo tee /lib/systemd/system/zenupdate.timer
7Reload the systemd daemon to load the changes
sudo systemctl daemon-reload
8Replace port 9033 with new port in zen.conf
sed -i "s/port=9033/port=$PORT/g" ~/.zen/zen.conf
9Remove the old 9033 firewall rule
sudo ufw delete allow 9033/tcp
10Restart zend and zentracker
sudo systemctl restart zend zentracker



© 2020 Horizen. All rights reserved.