pluja / nerostr Goto Github PK

View Code? Open in Web Editor NEW

27.0 4.0 5.0 180 KB

nostr paid relay, but with monero

Home Page: https://xmr.usenostr.org

Dockerfile 3.01% Go 71.88% HTML 22.22% JavaScript 0.80% Shell 2.09%

decentralized golang monero nostr relay strfry xmr

nerostr's Introduction

nerostr: a nostr monero-paid relay

Everyone is free to read, but only paid users can publish events.

A Nostr expensive relay paid with Monero and written in Go!

Check it out here: https://xmr.usenostr.org
Add the expensive relay to your list: wss://xmr.usenostr.org.

nerostr: a nostr monero-paid relay

Features

Very easy to self-host.
Lightweight and fast.
- Uses strfry nostr relay, which is a very fast and efficient relay.
- Uses badgerdb as a database, which is a fast and efficient golang database.
- Talks directly with the monero-wallet-rpc to check for payments and get subaddresses.
Simple UI written using Golang templates and TailwindCSS.

Why?

Nostr has no spam filters/control. With public relays, the global feed and public chat channels get filled with spam, making them unusable.

In order to avoid spam in your feed, you pay a small fee (~$1) to a relay. Your pubkey gets whitelisted in that relay, and then you are able to publish events there. Reading from these relays is always free for everyone! This allows getting much more curated and clean results in the global page.

Also, paid relays can build up communities of users interested in particular topics, allowing users to follow relays based on their interests.

TLDR; Pay-to-relay to avoid nostr spammers.

Self-hosting your own relay

Selfhosting a Nerostr relay is very easy, you just need a small server and Docker.

Get the docker-compose.yml file from this repo.

wget https://raw.githubusercontent.com/pluja/nerostr/master/docker-compose.yml

Create a new Monero wallet, get the wallet and wallet.keys files and put them in ./nerostr_data/wallet/ folder.
- You can use the monero-wallet-cli to create a new wallet, or use Feather Wallet for a GUI wallet.
Get the .env file from this repo and modify all the variables to your needs. Mainly you will have to edit the NEROSTR_HOST, MONERO_WALLET_FILENAME and MONERO_WALLET_PASSWORD variables.

curl -fsSL -o .env https://raw.githubusercontent.com/pluja/nerostr/main/example.env

Get the config file for your the strfry relay:

wget https://raw.githubusercontent.com/pluja/nerostr/master/strfry/strfry.conf

Warning You can change the strfry config as you want, but you must make sure to have the plugin = "/app/nerostr-auth.sh" line in the writePolicy section. If you don't have this, the paywall won't do anything and all events will be accepted by the relay.

Reverse proxies examples

The following configurations assume that the webserver containers are in the same docker network as the Nerostr nerostr and strfry-relay containers. If that is not the case, you can bind a local port for each of the nerostr and strfry containers, and then use localhost:<PORT> in the reverse proxy configuration.

Caddy

xmr.usenostr.org {
	@websockets {
		header Connection *Upgrade*
		header Upgrade	websocket
	}

        @json {
		header Accept application/nostr+json
	}

	reverse_proxy @json strfry-nerostr-relay:7777 {
		header_up Accept application/nostr+json
	}
	reverse_proxy @websockets strfry-nerostr-relay:7777
	reverse_proxy nerostr:8080
}

Nginx

server {
    listen 80;
    server_name xmr.usenostr.org;

    location / {
        proxy_pass http://nerostr:8080;
    }

    location / {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_pass http://strfry-nerostr-relay:7777;
    }
}

Brief explanation of how it works

Users go to the paywall frontend, enter their pubkey either in npub or hex format, and pay a small fee in Monero. Once paid, their pubkey gets added to the whitelist database.

The strfry relay uses the nerostr-auth plugin to check if the pubkey of the user is in the whitelist database. If it is, the event gets accepted and published. If it is not, the event gets rejected.

The payment monitor talks directly with the monero-wallet-rpc to check for payments.

API

Nerostr has a simple API that allows you to manage the whitelist database.

Whitelist a pubkey

To add a new user to the whitelist, you can use the API:

curl --request POST \
    --url <NEROSTR_INSTANCE>/api/user/<PUBKEY> \
    --header "X-API-KEY: <API_KEY>"

Replace the variables with your own values. If you set an API key in the .env file, use that one. If you didn't set it, you can get it from the application startup logs, check them with docker compose logs nerostr | head.

Remove a pubkey from the whitelist

To remove a pubkey from the whitelist, you can use the API:

curl --request DELETE \
    --url <NEROSTR_INSTANCE>/api/user/<PUBKEY> \
    --header "X-API-KEY: <API_KEY>"

Migrating from previous versions

If you are migrating from a previous version of Nerostr, or you want to whitelist a list of pubkeys, you will have to do the following:

Get all the whitelisted pubkeys from your previous Nerostr instance:

sudo sqlite3 nerostr.db "SELECT pub_key FROM users WHERE status='ok';" > keys.txt

Get the keys.txt file, put it in a folder and add the followint bash script to that folder:

#!/bin/bash

input_file=$1
nerostr_host=$2
api_key=$3

# Read the input file line by line
while IFS= read -r pubkey
do
  # Run the curl command for each key
  curl --request POST \
    --url $nerostr_host/api/user/$pubkey \
    --header "X-API-KEY: $api_key"
done < "$input_file"

Run the script with the following command:

./script.sh /path/to/keys.txt <YOUR.NEROSTR.HOST.COM> <API_KEY>

Where <YOUR.NEROSTR.HOST.COM> is the domain of your Nerostr instance (with http/https), and <API_KEY> is the API key you have set in the .env file, or gotten in the application startup logs (if you haven't set it in .env file).

This will add all the pubkeys to the whitelist database.

🧡 Support this project

kycnot.me/about#support

Known Nerostr Relays

Relay	Paywall	Status and Info
wss://xmr.usenostr.org	xmr.usenostr.org	info
wss://nostr.portemonero.com	nostr.portemonero.com	info
wss://xmr.ithurtswhenip.ee	xmr.ithurtswhenip.ee	info
wss://nostr.xmr.rocks	nostr.xmr.rocks	old nerostr version // info

nerostr's People

Contributors

Stargazers

Watchers

Forkers

22388o hundehausen freqnik alaakaazaam dnalob

nerostr's Issues

strfry not binding to port 7777

I have got the paywall set up and tested it with a change to the docker-compose.yml file for the rpc port of monero-wallet-rpc

However, if I don't add

ports:
  - "127.0.0.1:7777:7777"

to the docker-compose.yml file in the strfry-nerostr-relay: section the strfry does not bind to port 7777. However, when I add this port to the docker-compose.yml file, I get "connection reset by peer" errors when testing the wss

Any advice would be greatly appreciated. Thanks you!

Relay not readable

Hey @pluja,

I'm not sure if this is an issue or if I am misunderstanding something.

Please compare

My relay
https://nostr.watch/relay/nostr.portemonero.com
and your relay
https://nostr.watch/relay/xmr.usenostr.org

Your relay is readable, mine is not. Why is that? Is my reverse proxy configured wrong?

nostr.portemonero.com {
	@websockets {
		header Connection *Upgrade*
		header Upgrade websocket
	}

	encode zstd gzip

	reverse_proxy @websockets localhost:7777
	reverse_proxy localhost:8089

	header {
		Access-Control-Allow-Origin *
	}

	handle_path /.well-known* {
		root * /home/hundehausen/well-known
		file_server

		header {
			Access-Control-Allow-Origin *
		}
	}

	handle_path /.public* {
		root * /home/hundehausen/public
		file_server

		header {
			Access-Control-Allow-Origin *
		}
	}
}

Why could the site not parse NIP-11 information document about our relays?
Does strfry not support NIP-11?

Nginx reverse proxy

Hi pluja,
i’m giving all my time to this docker-compose file and i can say that it starts to finally work : i can access the pay-wall
and add public keys via API (curl cmdline)

Only issue is with nginx reverse-proxy, see :
nginx doesn’t allow duplicate entrypoint ( here the slash ‘/’)
so i declared 8089 port in yml file and left 7777 port for strfry service

server {
    location / {
        proxy_pass http://localhost:8089;
    }

    location /strfry-nerostr-relay {
       proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_pass http://localhost:7777;
    }
}

I tried multiples configurations but all of them hit a wall when clicking ‘Pay-to-relay’ button :

{"error":"Post \"http://monero-wallet-rpc:28081/json_rpc\": dial tcp 192.168.0.2:28081: connect: connection refused"}

I event tried to replace 'monero-wallet-rpc' with my own monero-node-url [ localhost :) ] but without success

Shouldn’t the vhost file contain those sort of lines, where app2 would be declared in docker-compose.yml ?

server {
    listen 80;
    server_name xmr.usenostr.org;

    location / {
        proxy_pass http://nerostr:8089;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }

    location /app2/ {
        proxy_pass http://strfry-nerostr-relay:7777;
    }
}

Cheers, wish you the best

/bin/sh: /app/nerostr-auth.sh: not found

Hey Pluja,

I have some issues with my nerostr instance.
As you can see here my relay is nor readable.
Here is the log of the strfry-nerostr-relay

It says that /app/nerostr-auth.sh: is not found, but when I look into the containers file system I see the file.

Do you have any idea?

2023-09-30 18:57:10.941 (   0.105s) [main thread     ]INFO| arguments: /app/strfry relay
2023-09-30 18:57:10.941 (   0.105s) [main thread     ]INFO| Current dir: /app
2023-09-30 18:57:10.941 (   0.105s) [main thread     ]INFO| stderr verbosity: 0
2023-09-30 18:57:10.941 (   0.105s) [main thread     ]INFO| -----------------------------------
2023-09-30 18:57:10.941 (   0.105s) [main thread     ]INFO| CONFIG: Loading config from file: /etc/strfry.conf
2023-09-30 18:57:10.960 (   0.123s) [main thread     ]INFO| CONFIG: successfully installed
2023-09-30 18:57:11.011 (   0.175s) [Websocket       ]INFO| Started websocket server on 0.0.0.0:7777
2023-09-30 18:57:11.444 (   0.607s) [Websocket       ]INFO| [1] Connect from 65.108.194.160 compression=Y sliding=N
2023-09-30 18:57:11.444 (   0.607s) [Websocket       ]INFO| [2] Connect from 87.210.44.58 compression=Y sliding=Y
2023-09-30 18:57:20.555 (   9.719s) [Websocket       ]INFO| [3] Connect from 210.151.194.53 compression=Y sliding=Y
2023-09-30 18:57:21.955 (  11.118s) [Websocket       ]INFO| [4] Connect from 172.71.142.49 compression=N sliding=N
2023-09-30 18:57:22.170 (  11.334s) [Ingester 1      ]INFO| Rejected invalid event: created_at too early
2023-09-30 18:57:22.170 (  11.334s) [Ingester 1      ]INFO| Rejected invalid event: created_at too early
2023-09-30 18:57:22.170 (  11.334s) [Ingester 1      ]INFO| Rejected invalid event: created_at too early
2023-09-30 18:57:22.172 (  11.335s) [Ingester 1      ]INFO| Rejected invalid event: created_at too early
2023-09-30 18:57:22.172 (  11.336s) [Writer          ]INFO| Setting up write policy plugin: /app/nerostr-auth.sh
/bin/sh: /app/nerostr-auth.sh: not found
2023-09-30 18:57:22.174 (  11.338s) [Writer          ] ERR| Couldn't setup plugin: pipe to plugin was closed (plugin crashed?)
2023-09-30 18:57:22.174 (  11.338s) [Writer          ]INFO| [4] write policy blocked event 0135af0a07e0cace7f61d53e5c10b93d6aa78ac0e58365aeb7c850051be543f2: error: internal error
2023-09-30 18:57:22.174 (  11.338s) [Writer          ]INFO| Setting up write policy plugin: /app/nerostr-auth.sh
/bin/sh: /app/nerostr-auth.sh: not found

PreExistent monero wallet ?

Hi man,
in your docker-compose.yml, the volume defined in monero-wallet-rpc service points from './nerostr_data/wallet/' to :

volumes:
      - ./nerostr_data/wallet/:/home/monero/wallet/

Does it mean one should create this user 'monero' on his server ?

Any hint appreciated

Cheers

Could not parse NIP-11 information document

Hey @pluja and other Nerostr users,

as you can see here and here, the website could not read the NIP-11 information document from our relays.

I checked my config from strfry.conf, it seems correct:

    info {
        # NIP-11: Name of this server. Short/descriptive (< 30 characters)
        name = "nostr-portemonero"

        # NIP-11: Detailed information about relay, free-form
        description = "Nostr Relay powered by Nerostr. Monero is real money."

        # NIP-11: Administrative nostr pubkey, for contact purposes
        pubkey = "ffe7daceb57342af434f1ff7607042db5ed4b9b90feb6fd460e0573d3487c006"

        # NIP-11: Alternative administrative contact (email, website, etc)
        contact = "https://twitter.com/hundehausen"
    }

In the protocol description they write:

When a relay receives an HTTP(s) request with an Accept header of application/nostr+json to a URI supporting WebSocket upgrades, they SHOULD return a document with the following structure.

{
  "name": <string identifying relay>,
  "description": <string with detailed information>,
  "pubkey": <administrative contact pubkey>,
  "contact": <administrative alternate contact>,
  "supported_nips": <a list of NIP numbers supported by the relay>,
  "software": <string identifying relay software URL>,
  "version": <string version identifier>
}

Any field may be omitted, and clients MUST ignore any additional fields they do not understand. Relays MUST accept CORS requests by sending Access-Control-Allow-Origin, Access-Control-Allow-Headers, and Access-Control-Allow-Methods headers.

Is our Caddyfile missing something?