Node Processes Configuration
Introduction
There are several processes that run locally on a node. Those processes need to be started and configured each time the node starts. Examples of such processes are bundlers, forgers, funding monitors and standby shufflers.
The configuration of those processes requires the secret phrase of the different involved accounts. Having those secret phrases on a configuration file is a security risk.
There are add-ons to provide an API to manage a local configuration with an encrypted file. The wallet provides a UI using those add-ons.
You will find the UI under the settings menu (cogwheel).
Initial setup
You need to add the corresponding add-ons to the list of enabled add-ons for your node. The UI will detect which ones do you have enabled in order to show the controls.
nxt.addOns=BundlingEncryptedConfig;\
ForgingEncryptedConfig;\
FundingMonitorsEncryptedConfig;\
StandbyShufflingEncryptedConfig
Process UI
The processes page lists the supported processes along with two buttons for each action: save the configuration and start from a previously stored configuration.
The specific list of processes will depend on the enabled add-ons.
Save the current configuration
Clicking on the Save button will open the Save window.
On the save window you can view the current configuration, provide the required passphrases and finally enter a configuration password used for secure encryption of the content.
On the main textarea you are required to provide a configuration JSON. The window shows your current configuration so the easiest way to configure a process is to do so using the standard UI (i.e. configure your bundlers the usual way) and then come to the Processes UI to just confirm and save the configuration.
As the configuration file needs the secret phrase of each account you are required to enter those here. The form keeps track of the required passphrases. You just need to enter the passphrases of the required accounts one by one.
Once all passphrases have been entered the UI will change to this:
The configuration password is used to encrypt the data. You should pick a long passphrase here. This is not one of your accounts passphrases, it's just used to encrypt the configuration for storage on the node. Actually, you cannot use one of your account passphrases for security reasons.
Start a previously saved configuration
The Start window is a very simple one. It just asks for the configuration password (the one used for encryption that you entered at the last step on the save window).
Encrypted files location
By default the configuration for each process goes to a file in the processes directory under the usual conf directory. The same directory holding your nxt.properties main configuration.
You can change this default with the nxt.addons.EncryptedConfig.path property. See nxt-default.properties for an example and default value.