Part 5. Installing Whirlpool CLI & Firewall Config

Prerequisites

• Completed "Dojo Node Guide", Parts 1-4.

Introduction

Whirlpool CLI is a command-line tool that operates silently in the background of personal Dojo-backed Bitcoin nodes. This CLI tool automates the remixing process of postmix UTXOs 24/7, ensuring you never miss a remix so long as the node is active.

Download Whirlpool

If not already, SSH into the node as the user "dojo."

Create a directory for Whirlpool.

mkdir ~/whirlpool

Enter the directory.

cd ~/whirlpool

Visit the Whirlpool CLI release page and copy the link for the latest "run.jar" file, downloading it with "wget." At the time of writing, the latest version is 1.0.1, so modify commands accordingly.

torsocks wget https://code.samourai.io/whirlpool/whirlpool-client-cli/uploads/3b2f70e2a6d9e2023fc1f784bd96cfbe/whirlpool-client-cli-1.0.1-run.jar

Install Java.

sudo apt install openjdk-19-jre-headless -y

Before initializing Whirlpool, have the Samourai Wallet's passphrase and pairing code ready to paste into the terminal.

The pairing code is in Samourai Wallet under Settings > Transaction > Pair to Whirlpool GUI.

Pair Samourai Wallet

Initiate Whirlpool by entering the pairing code and passphrase when prompted.

java -jar whirlpool-client-cli-*-run.jar --init

Connecting may take a minute, but the pairing is successful once logs start printing for the wallet's Postmix account. If returned to the command prompt, the pairing has failed and must be rerun until successful.

Once paired, exit the logs with "control+c."

System File

Create a system file to start Whirlpool on boot.

sudo nano /etc/systemd/system/whirlpool.service

Paste the following lines, ensuring you edit if the Whirlpool version differs.

[Unit]
Description=Whirlpool
After=tor.service
[Service]
WorkingDirectory=/home/dojo/whirlpool
ExecStart=/usr/bin/java -jar whirlpool-client-cli-1.0.1-run.jar --server=mainnet --tor --auto-mix --mixs-target=0 --listen
User=dojo
Group=dojo
Type=simple
KillMode=process
TimeoutSec=60
Restart=always
RestartSec=60
[Install]
WantedBy=multi-user.target

Save and exit the file.

Reload "systemctl."

sudo systemctl daemon-reload

Enable the Whirlpool service.

sudo systemctl enable whirlpool

Start the Whirlpool service.

sudo systemctl start whirlpool

Whirlpool CLI is now operational.

Whirlpool GUI

Whirlpool GUI is a simple-to-use graphical user interface for Whirlpool CLI, which allows you to monitor and interact with the Whirlpool service in a user-friendly manner.

Whirlpool GUI can be downloaded directly from the Samourai Wallet website.

Pair Whirlpool GUI

Upon opening the GUI for the first time, "Remote CLI" should be selected.

In the CLI Address field, replace "my-cli-host" with your node's IP.

Next, select "Configure API Key," and a box will appear. Return to your node's terminal via SSH and run the following command to find the key.

nano ~/whirlpool/whirlpool-cli-config.properties

The API key is the string of numbers that follows "cli.apiKey=" at the top of the file.

Once the CLI and API addresses are entered, select "Connect."

After a few seconds, a prompt will appear requesting the wallet's passphrase. Once entered, the pairing is complete.

Uncomplicated Firewall (UFW)

The Uncomplicated Firewall, or UFW, is a simple-to-use, command-line application for working with a Linux firewall.

Install UFW.

sudo apt install ufw -y

The following UFW rules should be applied in the terminal to ensure that only ports essential to the node's regular operation are open.

Default Settings

sudo ufw default deny incoming

sudo ufw default allow outgoing

Allow SSH

sudo ufw allow ssh

Allow Whirlpool GUI

sudo ufw allow 8899/tcp

Allow BITCOIND_ZMQ_BLK_HASH

sudo ufw allow 28334/tcp

Allow BITCOIND_ZMQ_RAWTXS

sudo ufw allow 28333/tcp

Allow BITCOIND_RPC_PORT

sudo ufw allow 8332/tcp

Allow Fulcrum SSL

sudo ufw allow 50002/tcp

Allow Mempool GUI

sudo ufw allow 4080/tcp

Enable UFW

sudo ufw enable

When enabling UFW, a warning may appear informing that enabling UFW may cause connection issues with the session. Since a rule allowing SSH was already applied, confirming with "y is safe."

Support Kyc3.life with a donation ❤️

Proceed to Part 6. Installing Package Updates.

x86 Bitcoin Node Guide: 6. Installing Package Updates

Dojo x86 Bitcoin full node guide.

LIFE KYCFREE𝕂𝕐ℂ𝟛