Build a Profitable Passive Income Box with Low-Powered Hardware: A Guide
Table of Contents
Build a Profitable Passive Income Box with Low-Powered Hardware: A Guide Many people these days are into crypto mining and low powered miners such as helium miners. These are great and all but they don’t earn all that much anymore and they are focused on one kind of earning. Today we’re going to be building a low powered passive income box that earns anywhere from $10-$20 a month per box and residential IP.
If you have the ability to set this box up on a guest network or, even better, a segregated VLAN, do so. While this is a security blog, we can’t assume everyone’s security concerns and risk tolerance.
Hardware Requirements:
One of the following is required. We basically just need any efficient and low powered computer we can get our hands on. Any Raspberry PI, Intel NUC, or similar will do. They don’t have to be all that powerful. However I will recommend you have at least 32g-64g of storage, 4g of ram, and at least 2 cpu threads. For this we will be targeting a budget of around $100-$200 for hardware but feel free to go higher if it suits your needs. Our power target is aprox. 25w average.
Raspberry Pi:
Hard to get ahold of these days but they are super low power and are quite customizable. For info on how to install raspian on your Raspberry PI
- Raspberry Pi 4B Model B DIY Kit
- GeeekPi Raspberry Pi 4 4GB Starter Kit
- GeeekPi Raspberry Pi 4 8GB Starter Kit
Intel Nuc:
Wide variety of models out there. Feel Free to choose a newer one.
Any USFF/Tiny/Mini/Micro PC:
Any Mini PC with Intel N5100 or similar
For super low power Raspberry Pi equivalent but on x64 platform.
OS Installation:
We won’t go into the technical details of how to install an operating system here. However here are some great resources to get you started.
Raspbian:
Ubuntu:
- Install Ubuntu desktop
- Ubuntu Server - Basic installation
- Ubuntu Complete Beginner’s Guide: Download & Installing Ubuntu
Software Installation:
This is going to be a longer section. We are going to set up docker and then through docker we will set up automatic docker container updates and install multiple docker containers. We also assume you’re using ubuntu server, however the commands for ubuntu server, ubuntu desktop, and raspbian should all be the same.
For this section we assume some basic technical experience and that you have installed your operating system already as well as know how to get into the terminal.
Installing Updates:
We first want to be sure that we have our system fully up to date:
sudo apt update && sudo apt full-upgrade -y && sudo apt autoremove -y
Installing Docker:
We need to uninstall any existing versions that come prepackaged with the os and install the latest from Docker’s repo themselves.
sudo apt-get remove -y docker docker-engine docker.io containerd runc
sudo apt-get update
sudo apt-get install -y \
ca-certificates \
curl \
gnupg \
lsb-release
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Install Watchtower:
This docker container automatically updates all your docker containers to the latest images on a regular interval and cleans up old (stale) images.
docker run -d \
--name watchtower \
--restart unless-stopped \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower -c \
--schedule "0 0 2 * * *" \
--cleanup
Install Bitping :
Bitping offers you the ability to get paid out in Solana for providing a node for businesses to run lightweight network tests from your network. This averages about 0.1 Cents per day per node. Not a lot I know, but it has potential and payouts are easy.
Create an account:
Create an account at bitping.com
Install the docker container:
Step 1. Run these commands first as it walks you through setting up your container and asks you to sign in.
docker pull bitping/bitping-node
mkdir $HOME/.bitping/
docker run -it --mount type=bind,source="$HOME/.bitping/",target=/root/.bitping bitping/bitping-node:latest
Hit CTRL+C on your keyboard to escape the container following signing in with your bitping account.
Step 2. Run this command to persist the container in the background
docker run --net host --name bitping -td --mount type=bind,source="$HOME/.bitping/",target=/root/.bitping bitping/bitping-node:latest
Install Earn App :
Earn app lets you share your internet as a VPN service for a surprising amount of rewards. Averages about $5 month per node per residential IP. Offers payouts via paypal and amazon gift cards.
Create an Earn App Account:
Create an account at earnapp.com . Warning, requires a google account
Install the non docker version of the app to get your UUID:
Be sure to uninstall after you get your UUID otherwise you’ll end up running it twice on the same host and without automatic updates
Install the docker container:
Modify the string before pasting into your terminal. You need to specify your earn app UUID.
mkdir $HOME/earnapp-data
docker run -td --name earnapp --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v $HOME/earnapp-data:/etc/earnapp -e "EARNAPP_UUID"="" -e 'PUID'='99' -e 'PGID'='100' --name earnapp fazalfarhan01/earnapp:lite
Install Honey Gain :
Honey Gain lets you share your internet as a VPN service for a surprising amount of rewards. Averages about $5 month per node per residential IP. Payouts can be complicated. Read into it further before deciding to use this container
Create a Honey Gain Account:
Create an account at honeygain.com
Install the Docker Container:
Modify the string with the obvious email, password, and device name before pasting into the terminal
docker run --name honeygain -td honeygain/honeygain -tou-accept -email ACCOUNT_EMAIL -pass ACCOUNT_PASSWORD -device DEVICE_NAME
Alternate instructions for Raspberry Pi
Install PawnsApp :
*Make passive money online by completing surveys and sharing your internet * Pawns app, again similar to the others listed here offer to pay you for sharing your internet. Minimum payout is $5. Average payout is $0.50 per month per node per IP.
Create a PawnsApp Account:
Create an account at https://pawns.app
Install the Docker Container:
Modify the following with your email, password, device name, and device id before copying to your terminal.
docker pull iproyal/pawns-cli:latest
docker run -td --name pawnsapp --restart=on-failure:5 iproyal/pawns-cli:latest -email=[email protected] -password=change_me -device-name=raspberrypi -device-id=raspberrypi1 -accept-tos
Install Repocket :
Get Paid For Your Unused Internet
Similar to other offerings here. Minimum $20 Payout. Payouts can be complicated. Research for yourself to see if you want to use this service. Payouts average about $1 per node per box a month.
Create a Repocket Account:
Create an account at repocket.co and grab your api key from your dashboard.
Install the Docker Container:
Modify the following line with your email and api key before pasting into your terminal.
docker run -td --name repocket -e RP_EMAIL=[email protected] -e RP_API_KEY=yourapikey -d --restart=always repocket/repocket
Install Traff Monetizer :
Share your internet connection and make money online
Similar to EarnApp and HoneyGain, TraffMonetizer pays you to share your internet. Averages about $2 a month per node per IP. Only offers payouts in BTC.
Create your Traff Monetizer Account:
Create your account at https://traffmonetizer.com Once you get into the dashboard, make note of your application token.
Install the Docker Container:
Copy the following string and append your token that you got from the dashboard before pasting into your terminal.
docker run -td --name traffmonetizer traffmonetizer/cli_v2 start accept --token
Install ProxyLite:
Monetizing your Internet traffic by giving verified organizations the use of your Internet bandwidth
Similar to EarnApp and HoneyGain, ProxyLite pays you to share your internet. Averages about $3 a month per node per IP. Offers payouts in BTC/PayPal/QIWI/Payeer.
Create your Traff Monetizer Account:
Create your account at https://proxylite.ru Once you get into the dashboard, make note of your userid.
Install the Docker Container:
Copy the following string and replace $PROXYLITE_USER_ID
with your USERID that you got from the dashboard before pasting into your terminal.
docker rm -f proxylite && docker run -de "USER_ID=$PROXYLITE_USER_ID" --restart unless-stopped --name proxylite proxylite/proxyservice
Install ProxyRack:
Similar to EarnApp, HoneyGain, and Proxylite, ProxyRack pays you to share your internet. Averages about $1 a month per node per IP. Payout methods vary.
Create your Traff Monetizer Account:
Create your account at https://proxyrack.com Once you get into the dashboard, make note of your userid.
Install the Docker Container:
Copy the following string and replace $PROXYLITE_USER_ID
with your USERID
that you got from the dashboard before pasting into your terminal.
- First, Generate a Device ID You can run this command to generate a device ID that you will need to copy and save to use in the future.
cat /dev/urandom | LC_ALL=C tr -dc 'A-F0-9' | dd bs=1 count=64 2>/dev/null
Example output 393889FD3A7AB796A3846423B1AC3AD73100508ADD9375AA24489A1D7C6AD713
- Run Proxyrack, edit Insert your Device ID after UUID. You can use this example command:
sudo docker run -td --name proxyrack --restart always -e UUID="" --restart unless-stopped proxyrack/pop
- Add this Device ID to your device list in your Peer account
Wait 5-10 minutes after running the Docker container with the UUID
Using the string you just generated above add this to your devices https://peer.proxyrack.com/devices You can add a “friendly” name to help you remember what this Device ID is associated with
Install Mysterium :
Mysterium is a decentralized VPN and webscraping service built on the Etherium and Polygon blockchains. Payments average anywhere from $1-$20 a month depending on multiple factors per node per IP. Costs $1.XX to setup a node for activation. Payouts in MYST token.
Create an account at mystnodes.co
First, create an account at mystnodes.co . You’ll use this to manage your mysterium node(s).
Install the Docker Container:
docker volume create myst_data
docker run -td --cpus=1 --dns 8.8.8.8 --dns 8.8.4.4 --dns 1.1.1.1 --dns 1.0.0.1 --dns 9.9.9.9 --hostname myst --cap-add NET_ADMIN --network=host -p 4449:4449 -p 59850-60000:59850-60000 --name myst --device=/dev/net/tun -v myst_data:/var/lib/mysterium-node mysteriumnetwork/myst:latest --udp.ports=59850:60000 service --agreed-terms-and-conditions
ufw allow 4449
ufw allow 59850:60000/tcp
Setup the Docker Container:
Go to http://"nodeip":4449/#/dashboard
by replacing “nodeip” with the IP address of your node. You can find this by typing “ifconfig” in the terminal.
Click “start node setup”.
Past the address of the ERC20 wallet you want to receive rewards in and click “next”. You can use a standard Ethereum address like one of your MetaMask addresses.
Type in a password you’ll use to access this node dashboard in the future. DO check the checkbox to claim the node in your network.
Click the “Get it here” link and find your API key. Copy it. Go back and paste it. Click “Save & Continue”.
Port Forwarding:
We can not describe how to port forward for everyone’s specific hardware. Here are some resources to learn how to port forward.
Auto Restart Docker Containers on Boot:
sudo docker update --restart unless-stopped $(docker ps -q)
Optional Configurations:
Increase security by blocking malware and trackers.
Force all dns requests to Cloudflares malware and tracking protection dns. Also, block DNS/HTTPS requests. If you have more advanced of a router or firewall on the network you can even use packages like snort/securita to create more advanced rules to block known bad acting IPs, tor access, torrents, p2p traffic in general, etc. This is highly suggested but not required.
# Allow ssh still
sudo ufw allow 22
# Allow dns out
sudo ufw allow out 53/tcp
sudo ufw allow out 53/udp
# Redirect all dns back to 1.1.1.2 or 1.0.0.2
sudo iptables -t nat -A OUTPUT -p udp --dport 53 ! -d 1.0.0.2 -j DNAT --to-destination 1.1.1.2
sudo iptables -t nat -A OUTPUT -p udp --dport 53 ! -d 1.1.1.2 -j DNAT --to-destination 1.0.0.2
# Block DNS over HTTPS
sudo ufw deny out 853/tcp
sudo ufw deny out 853/udp
iptables -A FORWARD -m string --string "get_peers" --algo bm -j LOGDROP
iptables -A FORWARD -m string --string "announce_peer" --algo bm -j LOGDROP
iptables -A FORWARD -m string --string "find_node" --algo bm -j LOGDROP
# Block Default ToR Ports
sudo ufw deny out 9050/tcp
sudo ufw deny out 9050/udp
sudo ufw deny out 9051/tcp
sudo ufw deny out 9051/udp
# Block Torrents
sudo ufw deny out 6881/tcp
sudo ufw deny out 6881/udp
sudo ufw deny out 6882-6999/tcp
sudo ufw deny out 6882-6999/udp
iptables -A FORWARD -m string --algo bm --string "BitTorrent" -j DROP
iptables -A FORWARD -m string --algo bm --string "BitTorrent protocol" -j DROP
iptables -A FORWARD -m string --algo bm --string "peer_id=" -j DROP
iptables -A FORWARD -m string --algo bm --string ".torrent" -j DROP
iptables -A FORWARD -m string --algo bm --string "announce.php?passkey=" -j DROP
iptables -A FORWARD -m string --algo bm --string "torrent" -j DROP
iptables -A FORWARD -m string --algo bm --string "announce" -j DROP
iptables -A FORWARD -m string --algo bm --string "info_hash" -j DROP
# Save the Changes and Enable the Firewall
sudo iptables-save
sudo ufw enable
For more advanced ToR blocking you can do the following:
#https://gist.github.com/jkullick/62695266273608a968d0d7d03a2c4185
sudo apt-get -y install ipset
ipset create tor iphash
curl -sSL "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$(curl icanhazip.com)" | sed '/^#/d' | while read IP; do
ipset -q -A tor $IP
done
iptables -A INPUT -m set --match-set tor src -j DROP
Docker Compose:
To run all of these containers in one go, assuming you have all of your accounts and ids notated, you can update the following
docker-compose.yml
:
version: '3.5'
services:
#Start of Portainer section :
# Container management and monitoring : connect to your device port 9000 (Portainer)
Portainer:
image: portainer/portainer-ce:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer_data:/data
ports:
- 8000:8000
- 9000:9000
- 9443:9443
restart: always
networks:
default:
ipv4_address: 172.106.0.11
#End of Portainer + Webserver section
mysterium:
image: mysteriumnetwork/myst:latest
container_name: mysterium
restart: unless-stopped
cpus: 1
dns:
- 8.8.8.8
- 8.8.4.4
- 1.1.1.1
- 1.0.0.1
- 9.9.9.9
hostname: myst
cap_add:
- NET_ADMIN
network_mode: host
ports:
- "4449:4449"
- "59850-60000:59850-60000"
volumes:
- myst_data:/var/lib/mysterium-node
command: --udp.ports=59850:60000 service --agreed-terms-and-conditions
#Start of Earnapp section (remove this if Earnapp not wanted)
# variables to define in .env file :
# EARNAPP_DEVICE_ID : Your node id : sdk-node-<md5sum>
# <md5sum> is a 32 char string containing a-z and 0-9 range :
# ex : Easy way to generate one : echo "random string" | md5sum
# This will print 9f33ffbb8a9dcedb28ea909775a6b0d3 -
# In that case use : sdk-node-9f33ffbb8a9dcedb28ea909775a6b0d3
Earnapp:
depends_on:
- Portainer
image: fazalfarhan01/earnapp:lite
volumes:
- earnapp-data:/etc/earnapp
restart: always
environment:
- EARNAPP_UUID=$EARNAPP_DEVICE_ID
networks:
default:
ipv4_address: 172.106.0.20
#End of Earnapp section
#Start of HoneyGain section (remove this if HoneyGain not wanted)
# variables to define in .env file :
# HONEYGAIN_EMAIL : Your Honeygain account email
# HONEYGAIN_PASSWD : Your Honeygain account password
# DEVICE_NAME : This computer name (for display on dashboard)
Honeygain:
depends_on:
- Portainer
image: honeygain/honeygain
command: -tou-accept -email $HONEYGAIN_EMAIL -pass '$HONEYGAIN_PASSWD' -device $DEVICE_NAME
restart: always
networks:
default:
ipv4_address: 172.106.0.30
#End of HoneyGain section
#Start of IproyalPawns section (remove this if IproyalPawns not wanted)
# variables to define in .env file :
# IPROYALPAWNS_EMAIL : Your IproyalPawns account email
# IPROYALPAWNS_PASSWD : Your IproyalPawns account password
# DEVICE_NAME : This computer name (for display on dashboard)
IproyalPawns:
depends_on:
- Portainer
image: iproyal/pawns-cli:latest
command: -email=$IPROYALPAWNS_EMAIL -password='$IPROYALPAWNS_PASSWD' -device-name=$DEVICE_NAME -accept-tos
restart: always
networks:
default:
ipv4_address: 172.106.0.40
#End of IproyalPawns section
#Start of Packetstream section (remove this if Packetstream not wanted)
# variables to define in .env file :
# PACKETSTREAM_CID : Your Packetstream CID (available in packetstream dashboard)
Packetstream_PsClient:
depends_on:
- Portainer
image: packetstream/psclient:latest
restart: always
environment:
- CID=$PACKETSTREAM_CID
networks:
default:
ipv4_address: 172.106.0.60
Packetstream_Watchtower:
depends_on:
- Portainer
- Packetstream_PsClient
image: containrrr/watchtower
command: --cleanup --include-stopped --revive-stopped --interval 60 ${_COMPOSE_PROJECT_NAME}_Packetstream_PsClient_${_COMPOSE_PROJECT_STACK_ID}
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
networks:
default:
ipv4_address: 172.106.0.61
#End of Packetstream section
#Start of Bitping section (remove this if Bitping not wanted)
Bitping:
depends_on:
- Portainer
image: bitping/bitping-node:latest
restart: always
volumes:
- ./data/bitping:/root/.bitping
networks:
default:
ipv4_address: 172.106.0.70
#End of Bitping section
#Start of TraffMonetizer section (remove this if TraffMonetizer not wanted)
# variables to define in .env file :
# TRAFFMONETIZER_TOKEN : Your application token (available in TraffMonetizer dashboard)
TraffMonetizer:
depends_on:
- Portainer
image: traffmonetizer/cli_v2:latest
restart: always
command: start accept --token ${TRAFFMONETIZER_TOKEN}
networks:
default:
ipv4_address: 172.106.0.80
#End of Packetstream section
#Start of Repocket section (remove this if Repocket not wanted)
# variables to define in .env file :
# RP_EMAIL : Your application mail
# RP_API_KEY : Your application api key (available in repocket dashboard)
Repocket:
depends_on:
- Portainer
image: repocket/repocket:latest
restart: always
environment:
- RP_EMAIL
- RP_API_KEY
networks:
default:
ipv4_address: 172.106.0.90
#End of Repocket section
#Start of Proxylite section (remove this if Proxylite not wanted)
# variables to define in .env file :
# PROXYLITE_USER_ID : Your application use id (available in proxylite dashboard)
Proxylite:
depends_on:
- Portainer
image: proxylite/proxyservice:latest
restart: always
environment:
- USER_ID=$PROXYLITE_USER_ID
networks:
default:
ipv4_address: 172.106.0.100
#End of Proxylite section
#Start of Proxyrack section (remove this if Proxyrack not wanted)
# variables to define in .env file :
# PROXYRACK_API_KEY : Your application api key (available in proxyrack dashboard -> profile -> generate API key (keep same for all devices))
Proxyrack:
depends_on:
- Portainer
image: proxyrack/pop:latest
restart: always
environment:
- api_key=$PROXYRACK_API_KEY
- device_name=$DEVICE_NAME
networks:
default:
ipv4_address: 172.106.0.110
#End of Proxyrack section
volumes:
portainer_data:
earnapp-data:
myst_data:
networks:
default:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.106.0.0/16
Profit?
Disclosure and Affiliate Statement:
Affiliate Disclosure: We may earn a commission from links on this page. These commissions support our website and the content we provide. Rest assured, we only recommend products/services we believe in. Thank you for your trust! Click Here to Learn More