Skip to Content
Advanced TopicsAccessing Naxbot from the Web

Accessing Naxbot from the Web

If you want to run Naxbot 24/7, often times you’ll want a separate machine to do that for you, as opposed to your main desktop or laptop PC. At the same time, accessing that machine physically every time you wish to make a change to your setup can be quite cumbersome, or even impossible in some cases.

⚠️
Warning

Setting up a server that is publicly available on the open web comes with a myriad of pitfalls and security risks. If you are not a professional server admin, it is highly risky for you to do so, and could open you up to a world of trouble. As such, this guide will not guide you towards making Naxbot accessible on the open web, but rather via a VPN that only you have access to, from anywhere in the world.

Procuring a Server

First things first: You’ll need a machine that is going to run Naxbot for you around the clock. This can be a physical computer in your home (separate from your main PC), or it can be a (cloud) server you rent somewhere. At Naxbot, we have been hosting our servers with Hetzner for many years, whom we highly recommend (not sponsored, btw).

We recommend to pick an x86_64 Linux server, of any distro you like. If you can’t make a decision, or know too little about this space, Debian is always a good pick.

Next, you’ll need to be able to access your server via SSH. To do this, you will need an SSH key. MacOS and Linux users should open their terminal, while Windows users will need to open Powershell, and run the following command:

ssh-keygen -t ed25519

The command should ask you to confirm the destination of said key. Usually it will be under ~/.ssh/id_ed25519, but either way, you should note down where it’s being saved.

In the same folder, a file named id_ed25519.pub is going to be saved. This is your public key, which you are going to hand over to your cloud provider to access your server with. The file without .pub at the end is your private key, which you should NEVER share with anyone, under any circumstances, EVER. Anyone who has this key will be able to gain access to your server!

Once you’ve uploaded your public key to your cloud provider (exact steps differ, consult your particular provider’s documentation), you can finally create the server. Most cloud providers will already show you instructions on how to connect to your server, but if not, you will need the username (usually root) and the public IP of your server. Then, you can connect to your server using the following command (terminal in MacOS/Linux, Powershell in Windows):

ssh user@ipaddress

If this asks you for a password, or straight up doesn’t work, you may need to explicitly specify your identity file by specifying the path to your private key:

ssh user@ipaddress -i ~/.ssh/id_ed25519 # example path, yours may differ

If it works, perfect. For now, you can go back to your home PC by typing exit and hitting enter.

Installing Naxbot

Next, you’ll need to get Naxbot onto your server. To do this, simply download the Naxbot archive (make sure you select the Linux version), and save it to your computer. Then, open up a terminal (Powershell on Windows) and enter the following command to upload the archive to the server:

scp /full/path/to/naxbot.tar.gz user@ipaddress:~/ # optionally add -i ~/.ssh/id_ed25519

After a while (depending on your internet speed), the file will be uploaded. Once that’s happened, connect back to the server:

ssh user@ipaddress # optionally add -i ~/.ssh/id_ed25519

Then proceed to follow the Linux install instructions on our setup page, then head back here.

As a recap, you should have:

  • installed Docker for your distro
  • loaded the Naxbot Docker image using docker load
  • created a docker-compose.yml in a new folder
  • set up Naxbot’s config.toml according to your needs

Once you’ve done so, go ahead and start Naxbot in detached mode using docker compose up -d in the same folder as the docker-compose.yml file. Once it’s up and running, try and access Naxbot from your local home PC, by visiting http://youripaddress:9080/ in your browser. Confirm that you CANNOT access Naxbot via this method, then proceed.

🚫
Caution

If you are able to see the Naxbot web interface from your home PC, you must first configure a firewall to block this access. How this is done depends on your particular cloud provider, so unfortunately we cannot provide documentation for this.

Failure to configure a firewall will lead to your Naxbot instance being exposed UNENCRYPTED to the entire web. This is NOT something you want!

Installing Zerotier

To make Naxbot accessible from your home PC only, we will make use of a VPN. VPN stands for Virtual Private Network, and is essentially a fully encrypted tunnel between your PC and your server that no one but you has access to. Zerotier provides a free and straightforward solution for this (again, not sponsored).

To begin, you will need to create an account at my.zerotier.com. Once you’ve done so, log in to your account and create a network. Copy the ID of your newly created network and save it somewhere temporarily, we will need it in a second.

Next, install Zerotier on your server. Their install script works for Debian & Fedora based distros out of the box. Once you’ve done so, join the network you’ve just created by running the following command on your server:

zerotier-cli join yournetworkid

Next, head over to the web interface at my.zerotier.com and click on your network. You should see 1 pending device, which would be the server you just used to join. Accept this device into your network. Also, make a note of your server’s IP address within the VPN. This IP differs from your server’s public IP address, and we’ll need it later to connect to the Naxbot web interface.

Now you’ll need to repeat these steps for your home PC, though the exact execution will differ depending on your OS. You will have to:

  1. Install Zerotier
  2. Join your network
  3. Accept your device within the Zerotier web interface

Accessing Naxbot

Once you’ve installed Zerotier on your devices and added them all into your network, you should be able to access Naxbot’s web interface. Using the server’s VPN IP we’ve noted down earlier, and while ensuring both your and your server’s VPN connection is active, go to http://servervpnip:9080/ within your browser. You should now see Naxbot’s web interface!

Note

Naxbot’s web interface will notify you that the connection is unencrypted / insecure. While this is partially true, as you are using regular HTTP instead of the encrypted HTTPS to access the page, the VPN connection itself is encrypted, and as you are the only one with access to the VPN, the risk is no greater than if you were to access Naxbot running on another machine within your home network.

As long as there are no untrusted devices within your VPN, you may safely ignore this message.

Note

If you do not see Naxbot’s web interface, it could be that your server is blocking this port via a firewall. The most commonly preinstalled firewalls under Linux are ufw and firewalld. Check to see if you have either of them installed, and consult their documentation in order to whitelist TCP port 9080 for usage with Naxbot.

You do NOT need to modify your cloud provider’s firewall settings for this, as your cloud provider’s firewall is bypassed entirely by using a VPN.

Advanced TopicsAnalyzing Backtest Results