# Build DigitalOcean Droplet

## Before we begin

Please make sure you created your SSH key pairs prior to starting these steps.

{% content-ref url="/pages/SZ8YBbmpjJILqGWxrmx5" %}
[SSH Remote Access](/run-a-node/references/ssh-remote-access.md)
{% endcontent-ref %}

## VPS Build Procedure

Creating your account on DigitalOcean is a simple process similar to all other SaaS model services. At the current time, we will leave this process up to you.   

Before launching your validator node on DigitalOcean, it is recommended to **add a valid payment method** to your account.

{% hint style="info" %}
In some cases, you may need to request access to **larger Droplet sizes** (i.e., virtual machines with higher CPU, RAM, or disk allocations). The DigitalOcean team may restrict these resources until they’ve verified your account for higher usage limits.
{% endhint %}

{% stepper %}
{% step %}

### Sign Up with Digital Ocean

### <https://www.digitalocean.com/>

{% hint style="info" %}
To enhance the security of your validator node, it is strongly recommended to enable **Two-Factor Authentication (2FA)** on your **DigitalOcean** account.
{% endhint %}
{% endstep %}

{% step %}

### Create a Droplet (VPS)

Choose `Droplets` from the `Create` button on the top right.

<div align="left"><figure><img src="/files/wYX5Liy0fC8xAt3s5Ow3" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}

### Choose Region

Choose a Region that is closest to your local location.
{% endstep %}

{% step %}

### Choose an image

Select `Ubuntu` and **CHANGE** the Version to `24.04 (LTS) x64` ( <mark style="color:red;">not</mark> <mark style="color:red;"></mark><mark style="color:red;">`24.10 x64`</mark> )
{% endstep %}

{% step %}

### Choose Size

You may keep `Basic`&#x20;

Choose `Regular` Disk type SSD

Choose no less than `16Gb` Memory, `8` CPUs, and `320Gb` disk.

Recommended:  `32Gb` Memory configuration ( *available with Premium Intel/AMD* )
{% endstep %}

{% step %}

### Skip next few sections

You may leave these with default options
{% endstep %}

{% step %}

### Choose Authentication Method

Choose SSH Key

<div align="left"><figure><img src="/files/e0sHgbK8SC5Jh46cDSZM" alt=""><figcaption></figcaption></figure></div>

New SSH Key

<div align="left"><figure><img src="/files/Gd2e7ZbYPATGUau3SpDT" alt=""><figcaption></figcaption></figure></div>

Copy and Paste your **PUBLIC** key to the provided box.

### Follow this document [Upload SSH Public Key](/run-a-node/references/ssh-remote-access/upload-ssh-public-key.md).

If the `Name` field does not populate, create a name for the key that will help you identify it later.

Click the `Add SSH key` button.

<div align="left"><figure><img src="/files/y1ourRaoNEYa2QkYt1K8" alt=""><figcaption></figcaption></figure></div>

Select your SSH key if not already checked.
{% endstep %}

{% step %}

### Monitoring and alerting (optional)

Select the check box to enable free metrics and alerting.

<figure><img src="/files/PLGT8k9J4FhPjtFLkk0f" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}

### Finalize Details

Set the **Quantity** to `1`&#x20;

You do not need to change the **hostname**, this will be done for you later.

You do not need to add **tags**.

You may leave the default **Project**.
{% endstep %}

{% step %}

### Create Droplet

<div align="left"><figure><img src="/files/CyjCwKl8b0M94smCgpnH" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}

### Allow your Droplet to be created

<div align="left"><figure><img src="/files/WfXpvbdPL7x7FTBdFnPi" alt=""><figcaption></figcaption></figure></div>

Copy down the IP address to access your system later.   In the example above your IP address would be <mark style="color:red;">**similar**</mark> to `138.197.99.126`&#x20;
{% endstep %}

{% step %}

### Under the MANAGE section on the left side&#x20;

Expand the section if necessary and choose `Networking`

{% endstep %}

{% step %}

### Choose the Firewalls tab from the horizontal top tab

<div align="left"><figure><img src="/files/NLYKdYrGZGLxdHDwnAnH" alt=""><figcaption></figcaption></figure></div>

Click on `Create Firewall`&#x20;

<div align="left"><figure><img src="/files/Ye18zKnhbFxKUCV1BVZk" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}

### Create a name to identify our firewall rule set

<div align="left"><figure><img src="/files/OBftrL1vzWwMCIQQ376N" alt=""><figcaption><p>No spaces allowed</p></figcaption></figure></div>
{% endstep %}

{% step %}

### Create an SSH rule

In the sources box leave the `All IPv4` and `All IPv6` if you want to have open access to this Droplet.  Otherwise click the `x` on both the `All IPv4` and `All IPv6` to remove those items and add your local IP address.  In the example the fake IP of `13.13.13.13/32` is used.&#x20;

Once you enter the IP address you will see an `Add "13.13.13.13/32` ( similar ) which you will need to click on to populate the `Sources` for your SSH remote access.

**Please refer to** [**Wide Open SSH Access**](/run-a-node/references/ssh-remote-access/securing-ssh-access.md) **document for details on the security implications of allowing any system that is connected to the internet to have access to your `SSH` port.  This document contains instructions on how to determine your local IP address for entry in this section.**

<div align="left"><figure><img src="/files/6SJxIyyLpmou9SpTiKR2" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}

### Create your Pubic & Peer to Peer rule

This rule is designed for both a Hypergraph hybrid layer validator DAG layer1 and a Dor data layer 1 nodes.

Click on the `New rule` choose `Custom`&#x20;

Under the `Port Range` enter in `9010-9011`&#x20;

Leave the `Sources` as `All IPv4` and `All IPv6`
{% endstep %}

{% step %}

### <mark style="color:red;">Hypergraph Global Hybrid Validators ONLY</mark>

This rule is designed for validator Hypergraph layer0 nodes.

Click on the `New rule` choose `Custom`&#x20;

Under the `Port Range` enter in `9000-9001`&#x20;

Leave the `Sources` as `All IPv4` and `All IPv6`
{% endstep %}

{% step %}
{% hint style="danger" %}
Dor data layer1 nodes do not use these port settings.  Open these ports will offer attackers an open port to your VPS without a service listening on the inside.  This is not recommended.
{% endhint %}

### Apply to Droplets

If you gave your droplet a `hostname` during the `Finalize Details` step above begin to type in that hostname and it should auto populate into the provided box.&#x20;

If you left the `hostname` as default type in `u` and wait for the box to auto populate with default `ubuntu` name

<div align="left"><figure><img src="/files/7PEAX1kTv8okCTqkLQ16" alt=""><figcaption></figcaption></figure></div>

Select the droplet to populate the `Apply to Droplets` box.
{% endstep %}

{% step %}

### Create Firewall

<div align="left"><figure><img src="/files/hguqhFhMxe9qzxm0I66O" alt=""><figcaption></figcaption></figure></div>

<div align="left"><figure><img src="/files/OxSi7zR0bW6dgoMdrXLE" alt=""><figcaption></figcaption></figure></div>
{% endstep %}
{% endstepper %}

## Complete

### You have successfully launched a VPS instance on DigitalOcean, Congratulations!

You are now ready to continue to connect to your node for the first time, install nodectl and turn your Droplet (VPS) into a Constellation Network Validator Node!


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.constellationnetwork.io/run-a-node/validator-node-guides/build-your-node/cloud-provider-specific/build-digitalocean-droplet.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.