Why is this necessary
1. To encrypt the connection between your miner and the pool (no one will see where the traffic is going).
2. So that all miners in your network access the Internet through a single point.
What you will need
1. A server (VPS) on the Internet with a dedicated IP address.
2. Linux (Ubuntu or Debian).
3. The HAProxy program — it will act as a proxy.
Step 1. Connect to the server
After purchasing a VPS, you will receive an IP address, login, and password.
– On Windows, it is convenient to use the PuTTY program.
– On macOS/Linux, use the command in the terminal: ssh root@IP_server
Tip: it is better to disable root login and use SSH keys to connect. This is more secure than passwords.
Step 2. Install HAProxy
First, update the system: sudo apt update sudo apt upgrade -y
Then install HAProxy: sudo apt install -y haproxy
Step 3. Configure the proxy
Example of a basic configuration:global maxconn 20000 daemon defaults mode tcp timeout connect 10s timeout client 1m timeout server 1m frontend miners bind *:3333 default_backend pool backend pool balance roundrobin server pool1 gate.headframe.io:3010 check server pool2 gate2.headframe.io:3011 check backup
What this means
– frontend miners – HAProxy listens to port 3333 on your server.
– backend pool – a list of pools. The main server comes first, and if it is unavailable, the backup is activated.
Important! You can edit the configuration, but you cannot delete anything.
Step 4. Check the configuration
Before restarting, check the configuration:
haproxy -c -V -f /etc/haproxy/haproxy.cfg
If there are no errors, you can restart:
sudo systemctl restart haproxy
Check the status:
sudo systemctl status haproxy
Step 5. Connect the miners
In the settings of your ASIC or miner program, specify:
– Pool address = IP of your VPS
– Port = 3333
Now the miners will connect to your server, and the server will connect to the pool. Additionally: encrypted connection (TLS/SSL)
If the pool requires TLS:
1.Obtain a certificate (for example, through Let's Encrypt).
2. In the config, replace the line: bind *:3333
with bind *:3333 ssl crt /etc/haproxy/certs/filename.pem
Copy the certificate file to /etc/haproxy/certs/.
Helpful tips
– You don't need to manually open/close ports on the VPS. Just set up access via SSH keys and leave port 22 (SSH) and the port for miners (3333) open.
– If you have a lot of devices (dozens of ASICs), get a VPS with a good channel (from 1 Gbit/s).
– You can register several pools: one main and several backup ones.
Summary
1. Get a server.
2. Update the system and install HAProxy.
3. Register the pool addresses in the config.
4. Check the config and restart the service.
5. Connect the miners to your server.
Now you have your own proxy for mining with encryption support and backup pools.