SOLANA CLIINSTALL

solana cli
sh -c "$(curl -sSfL https://release.solana.com/v1.18.4/install)"

export PATH="/root/.local/share/solana/install/active_release/bin:$PATH"

solana --version

KEYPAIRS

generate a keypair for validator

solana-keygen new -o validator-keypair.json

Generte vote keypair

DISK FORMATTING

lsblk -f
find the uuid/device name ( will be explained later )

sudo mkfs -t ext4 /dev/nvme1n1p1

one drive to accounts, one drive to ledger

make sure to format to ext4 , or have a free drive that can be used

lsblk -f to verify

rinse and repeat this process for mounting and

LINUX TUNING

tune system
sudo bash -c "cat >/etc/sysctl.d/21-solana-validator.conf <<EOF
# Increase UDP buffer sizes
net.core.rmem_default = 134217728
net.core.rmem_max = 134217728
net.core.wmem_default = 134217728
net.core.wmem_max = 134217728

# Increase memory mapped files limit

vm.max_map_count = 1000000

# Increase number of allowed open file descriptors

fs.nr_open = 1000000
EOF"

sudo sysctl -p /etc/sysctl.d/21-solana-validator.conf

nano /etc/systemd/system.conf
if manager DefaultLimitNOFILE=1000000
if service LimitNOFILE=1000000

reload
sudo systemctl daemon-reload

sudo bash -c "cat >/etc/security/limits.d/90-solana-nofiles.conf <<EOF

# Increase process file descriptor count limit
* - nofile 1000000
EOF"

relogin

INSTALLING JITO

oinstall github
git clone https://github.com/jito-foundation/jito-solana.git
cd jito-solana

install jito shit

curl https://sh.rustup.rs -sSf | sh
source $HOME/.cargo/env
rustup component add rustfmt
rustup update
sudo apt-get update
sudo apt-get install libssl-dev libudev-dev pkg-config zlib1g-dev llvm clang cmake
make libprotobuf-dev protobuf-compiler

export TAG=v1.17.28-jito

based on jito ver ^

git checkout tags/$TAG

git submodule update --init --recursive

CI_COMMIT=$(git rev-parse HEAD) scripts/cargo-install-all.sh --validator-only

~/.local/share/solana/install/releases/"$TAG"

If you need to upgrade jito

cd jito-solana
git pull
git checkout tags/$TAG
git submodule update --init --recursive
CI_COMMIT=$(git rev-parse HEAD) scripts/cargo-install-all.sh --validator-only
~/.local/share/solana/install/releases/"$TAG"

gesyer plugin config path needs to be changed

YELLOWSTONE INSTALLATION

git clone https://github.com/rpcpool/yellowstone-grpc.git

git checkout v1.13.0+solana.1.17.28

sudo apt-get update

sudo apt-get install libsasl2-dev

cargo build --release

cargo run --release ( if running )

cd target/release
realpath whatever.so
/root/yellowstone-grpc/target/release/libyellowstone_grpc_.so

/yellowstone-grpc/yellowstone-grpc-geyser
nano config

{
"libpath":
"/home/ubuntu/yellowstone-grpc/target/release/libyellowstone_grpc_geyser.so",
"log": {
"level": "info"
},
"grpc": {
"address": "0.0.0.0:10001",
"snapshot_plugin_channel_capacity": null,
"snapshot_client_channel_capacity": "50_000_000",
"channel_capacity": "100_000",
"unary_concurrency_limit": 1000,
"unary_disabled": false
},
"prometheus": {
"address": "0.0.0.0:8999"
},
"block_fail_action": "log"
}

cd jito-solana and run the nohup command

tail for logs

--log /home/root/solana-validator.log
based on the nohup

block engine url

based on jito location closest to you

RPC STARTUP COMMAND

nohup solana-validator --expected-genesis-hash

5eykt4UsFv8P8NJdTREpY1vzqKqZKvdpKuc147dw2N9d --no-voting --ledger /mnt/ledger --
accounts /mnt/accounts --rpc-port 8899 --identity /home/solv/mainnet-validator-
keypair.json --log solana-validator.log --maximum-local-snapshot-age 3000 --wal-
recovery-mode skip_any_corrupted_record --full-rpc-api --allow-private-addr --
minimal-snapshot-download-speed 45985760 --limit-ledger-size 55000000 --geyser-
plugin-config "./config.json" --account-index program-id --account-index-include-
key TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA --account-index-include-key
3tZPEagumHvtgBhivFJCmhV9AyhBHGW9VgdsK52i4gwP --account-index-include-key
AddressLookupTab1e1111111111111111111111111 --accounts-db-cache-limit-mb 150000 --
accounts-index-memory-limit-mb 128000 --private-rpc --rpc-send-leader-count 3 --
rpc-send-retry-ms 1 --tpu-enable-udp &

-entrypoint 'entrypoint2.mainnet-beta.solana.com:8001' --entrypoint

'entrypoint3.mainnet-beta.solana.com:8001' --entrypoint 'entrypoint.mainnet-
beta.solana.com:8001' --entrypoint 'entrypoint4.mainnet-beta.solana.com:8001' --
entrypoint 'entrypoint5.mainnet-beta.solana.com:8001'
nohup solana-validator \
--no-voting \
--ledger ~/ledger \
 --rpc-port 8899 \
--gossip-port 8001 \
--dynamic-port-range 8000-8020 \
--known-validator 7Np41oeYqPefeNQEHSv1UDhYrehxin3NStELsSKCT4K2 \
--known-validator GdnSyH3YtwcxFvQrVVJMm1JhTS4QVX7MFsX56uJLUfiZ \
--known-validator DE1bawNcRJB9rVm3buyMVfr8mBEoyyu73NBovf2oXJsJ \
--known-validator CakcnaRDHka2gXyfbEd2d3xsvkJkqsLw2akB3zsN1D2S \
--entrypoint entrypoint.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint2.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint3.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint4.mainnet-beta.solana.com:8001 \
--entrypoint entrypoint5.mainnet-beta.solana.com:8001 \
--expected-genesis-hash 5eykt4UsFv8P8NJdTREpY1vzqKqZKvdpKuc147dw2N9d \
--wal-recovery-mode skip_any_corrupted_record \
--limit-ledger-size 50000000 \
--identity /home/solv/mainnet-validator-keypair.json --log solana-validator.log
--account-index program-id spl-token-owner spl-token-mint \
--account-index-exclude-key kinXdEcpDQeHPEuQnqmUgtYykqKGVFq6CeVX5iAHJq6 \
--account-index-exclude-key TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA \
--only-known-rpc \
--enable-rpc-transaction-history \
--full-rpc-api \
--rpc-bind-address 0.0.0.0 \
--private-rpc \
--use-snapshot-archives-at-startup when-newest \
--geyser-plugin-config ./config.json

disown
solana -u m catchup --our-localhost --follow
rpc node is http://127.0.0.1:8899

whitelist IPs via nginx

git clone https://github.com/jup-ag/jupiter-swap-api.git

wget https://github.com/jup-ag/jupiter-swap-api/releases/download/v6.0.14/jupiter-
swap-api-x86_64-unknown-linux-gnu.zip

JUPITER SETUP

DOCKERFILE
FROM --platform=linux/amd64 debian:bookworm-slim

RUN apt-get update && apt-get install unzip openssl ca-certificates -y

COPY ./jupiter-swap-api-x86_64-unknown-linux-gnu.zip ./jupiter-swap-api-x86_64-
unknown-linux-gnu.zip
RUN unzip jupiter-swap-api-x86_64-unknown-linux-gnu.zip
RUN rm jupiter-swap-api-x86_64-unknown-linux-gnu.zip
RUN chmod +x jupiter-swap-api

# Set the entry point script

COPY entrypoint.sh /root/jupiter-swap-api/entrypoint.sh
RUN chmod +x /root/jupiter-swap-api/entrypoint.sh

ENV RUST_LOG=info

CMD ["/root/jupiter-swap-api/entrypoint.sh"]

ENTRYPOINT.sh
#!/bin/bash

# Construct the command with line breaks for readability

CMD="./jupiter-swap-api \
--exclude-dexes GooseFX,StepN,Penguin,Perps \
--filter-markets-with-mints EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v,\
So11111111111111111111111111111111111111112,\
Es9vMFrzaCERmJfrF4H2FYD4KCoNkY11McCe8BenwNYB,\
WENWENvqqNya429ubCdR81ZmD69brwQaaBYY6p3LCpk,\
AT79ReYU9XtHUTF5vM6Q4oa9K8w7918Fp5SU7G1MDMQY,\
rndrizKT3MK1iimdxRdWabcF7Zg7AR5T4nud4EkHBof,\
DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263,\
AZsHEMXd36Bj1EMNXhowJajpUXzrKcK57wW4ZGXVa7yR,\
NFTUkR4u7wKxy9QLaX2TGvd9oZSWoMo4jqSJqdMb7Nk,\
DEVwHJ57QMPPArD2CyjboMbdWvjEMjXRigYpaUNDTD7o,\
Comp4ssDzXcLeu2MnLuGNNFC4cmLPMng8qWHPvzAMU1h,\
4RwD5o3DHkz4TTkMDPrFXsU21QDPffdLdFFqzqyq6nFC,\
DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263,\
HhJpBhRRn4g56VsyLuT8DL5Bv31HkXqsrahTTUCZeZg4,\
7GCihgDB8fe6KNjn2MYtkzZcRjQy3t9GHdC8uHYmW2hr,\
Dn4noZ5jgGfkntzcQSUZ8czkreiZ1ForXYoV2H8Dm7S1,\
J1toso1uCk3RLmjorhTtrVwY9HJ7X8V9yYac6Y7kGCPn \
--enable-new-dexes --rpc-url http://localhost:8899/ \
--yellowstone-grpc-endpoint http://localhost:10001/ \
--host 127.0.0.1 --allow-circular-arbitrage"

# Execute the constructed command

exec $CMD

entrypoint last configs changes based on your setup

full restart jup .sh

#!/bin/bash

# Stop the container

docker stop jup-container

# Remove the container

docker rm jup-container

# Remove the existing image

docker rmi jup-api

# Rebuild the image

docker build -t jup-api .

# Start a new headless container

docker run -d --network=host --name jup-container jup-api

chmod +x full_restart_jup.sh
chmod +x entrypoint.sh

NGINX WHITELIST IP FOR RPC

server {
listen 80;
server_name localhost;
 location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_pass http://localhost:8899;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
allow 45.26.169.142;
#allow 79.23.111.44; # Deph
#allow 139.99.120.207; # TomBz
#allow 77.164.248.163; # buyhighselllow2
deny all;
}
}

NGINX JUP WHITELIST IP

server {
listen 81;
server_name 5.199.170.104;

location / {
# limit_req zone=mylimit burst=10 nodelay;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
allow 45.26.169.142;
allow 24.88.4.135;

deny all;
}
}

NGINX GLOBAL CONF

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
worker_connections 768;
# multi_accept on;
}

http {

##
# Basic Settings
##
# Define a rate limiting zone
limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10000r/m;
 sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE

ssl_prefer_server_ciphers on;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;

# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript
text/xml application/xml application/xml+rss text/javascript;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}