Once you have deployed Hornet, you can set all the parameters using configuration files.
The most important configuration files are:
config.json: includes all configuration flags and their values.
peering.json: includes all connection details to your static peers (neighbors).
Hornet version 0.5.x targets the legacy IOTA 1.0 network. Hornet version 1.x.x targets the IOTA 1.5 network, also known as Chrysalis, which is the focus of this documentation.
Depending on the installation path you selected, default configuration files may also be part of the installation process. So, you may see the following configuration files in your deployment directory:
By default, Hornet searches for configuration files in the working directory and expects default names, such as
You can change this behavior by running Hornet with some altering arguments.
Once you have executed Hornet, it will output all loaded configuration parameters to
stdout to show what configuration Hornet actually loaded (omitting sensitive values for things like passwords).
You can see a list of all the other altering command line parameters by running:
If you want a more detailed output you can run:
hornet --help --full
By default, an admin dashboard (web interface) plugin is available on port 8081. This provides useful information regarding the node's health, peering/neighbors, overall network health, and consumed system resources.
The dashboard plugin only listens on localhost:8081 by default. If you want to make it accessible from the Internet, you will need to change the default configuration. It can be changed using the following
config.json file section:
dashboard.bindAddress to either
0.0.0.0:8081 to listen on all available interfaces, or the specific interface address accordingly.
Even if it is accessible from the Internet, any visitor will still need a valid username and password combination to access the management section of the dashboard.
The password, hash, and salt can be generated using the integrated
pwd-hash CLI tool:
./hornet tools pwd-hash
Enter a password:
Re-enter your password:
Your hash: 24c832e35dc542901b90888321dbfc4b1d9617332cbc124709204e6edf7e49f9
Your salt: 6c71f4753f6fb52d7a4bb5471281400c8fef760533f0589026a0e646bc03acd4
pwd-hash tool outputs the
passwordSalt based on your input password.
Copy both values to their corresponding configuration options:
For the new password to take effect, you must restart Hornet.
Configuring HTTP REST API
One of the tasks the the node is responsible for is exposing the HTTP REST to clients that would like to interact with the IOTA network, such as crypto wallets, exchanges, IoT devices, etc.
By default, Hornet will publicly expose the HTTP REST on port 14265, as it is ready to accept incoming connections from the Internet.
Since offering the HTTP REST API to the public can consume your node's resources, there are options to restrict which routes can be called and other request limitations.
You can find the HTTP REST API related options in the
restAPI section within the
If you want to make the HTTP REST API only accessible from localhost, you change the
restAPI.bindAddress config option accordingly.
restAPI.publicRoutes defines which routes can be called without JWT authorization.
restAPI.protectedRoutes defines which routes require JWT authorization. All other routes will not be exposed.
If you are concerned with resource consumption, consider turning off
restAPI.powEnabled. This way, the clients must perform proof of work locally before submitting a message for broadcast. If you would like to offer proof of work to clients, consider increasing the
restAPI.powWorkerCount to provide a faster message submission experience.
Please see some of our additional security recommendations in our Security 101 article.
You can explore more details regarding different API calls at the IOTA client library documentation.