mirror of
https://github.com/asmogo/nws.git
synced 2025-01-18 10:01:33 +00:00
readme
This commit is contained in:
parent
358b034f37
commit
6ec1e65a65
40
README.md
40
README.md
@ -1,32 +1,37 @@
|
|||||||
# Nostr Web Services (NWS)
|
# Nostr Web Services (NWS)
|
||||||
|
|
||||||
|
|
||||||
NWS replaces the IP layer in TCP transport using Nostr, enabling a secure connection between
|
NWS replaces the IP layer in TCP transport using Nostr, enabling a secure connection between
|
||||||
clients and backend services.
|
clients and backend services.
|
||||||
|
|
||||||
Exit nodes are reachable through their [nprofiles](https://nostr-nips.com/nip-19), which are combinations of a Nostr public key and multiple relays.
|
Exit node [domain names](#nws-domain-names) make private services accessible to entry nodes.
|
||||||
|
|
||||||
### Prerequisites
|
### Prerequisites
|
||||||
|
|
||||||
- A list of Nostr relays that the exit node is connected to.
|
- A list of Nostr relays that the exit node is connected to.
|
||||||
- The Nostr private key of the exit node.
|
- The Nostr private key of the exit node.
|
||||||
|
|
||||||
The exit node utilizes the private key and relay list to generate an [nprofile](https://nostr-nips.com/nip-19), which is printed in the console on startup.
|
|
||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
### NWS main components
|
### NWS main components
|
||||||
|
|
||||||
1. **Entry node**: It forwards tcp packets to the exit node using a SOCKS proxy and creates encrypted events for the public key of the exit node.
|
1. **Exit node**: It is a TCP reverse proxy that listens for incoming Nostr subscriptions and forwards the payload to your designated backend service.
|
||||||
2. **Exit node**: It is a TCP reverse proxy that listens for incoming Nostr subscriptions and forwards the payload to the designated backend service.
|
2. **Entry node**: It forwards tcp packets to the exit node using a SOCKS proxy and creates encrypted events for the exit node.
|
||||||
|
|
||||||
<img src="nws.png" width="900"/>
|
<img src="nws.png" width="900"/>
|
||||||
|
|
||||||
|
### NWS domain names
|
||||||
|
|
||||||
|
There are two types of domain names resolved by NWS entry nodes:
|
||||||
|
1. `.nostr` domains have base32 encoded public key hostnames and base32 encoded relays as subdomains.
|
||||||
|
2. [nprofiles](https://nostr-nips.com/nip-19) are combinations of a Nostr public key and multiple relays.
|
||||||
|
|
||||||
|
Both types of domains will be generated and printed in the console on startup
|
||||||
|
|
||||||
## Quickstart
|
## Quickstart
|
||||||
|
|
||||||
Running NWS using Docker is recommended. For instructions on running NWS on your local machine, refer to the [Build from source](#build-from-source) section.
|
Running NWS using Docker is recommended. For instructions on running NWS on your local machine, refer to the [Build from source](#build-from-source) section.
|
||||||
|
|
||||||
### Using Docker Compose
|
### Using Docker-Compose
|
||||||
|
|
||||||
Please navigate to the `docker-compose.yaml` file and set `NOSTR_PRIVATE_KEY` to your own private key.
|
Please navigate to the `docker-compose.yaml` file and set `NOSTR_PRIVATE_KEY` to your own private key.
|
||||||
Leaving it empty will generate a new private key on startup.
|
Leaving it empty will generate a new private key on startup.
|
||||||
@ -43,27 +48,28 @@ This will start an example environment, including:
|
|||||||
* [Cashu Nutshell](https://github.com/cashubtc/nutshell) (backend service)
|
* [Cashu Nutshell](https://github.com/cashubtc/nutshell) (backend service)
|
||||||
* [nostr-relay](https://github.com/scsibug/nostr-rs-relay)
|
* [nostr-relay](https://github.com/scsibug/nostr-rs-relay)
|
||||||
|
|
||||||
You can run the following commands to receive your nprofiles:
|
You can run the following commands to receive your NWS domain:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker logs exit-https 2>&1 | awk -F'profile=' '{if ($2) print $2}' | awk '{print $1}'
|
docker logs exit-https 2>&1 | awk -F'domain=' '{if ($2) print $2}' | awk '{print $1}'
|
||||||
```
|
```
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker logs exit 2>&1 | awk -F'profile=' '{if ($2) print $2}' | awk '{print $1}`
|
docker logs exit 2>&1 | awk -F'domain=' '{if ($2) print $2}' | awk '{print $1}`
|
||||||
```
|
```
|
||||||
|
|
||||||
### Sending Requests to the Entry node
|
### Sending requests to the entry node
|
||||||
|
|
||||||
With the log information from the previous step, you can use the following command to send a request to the nprofile:
|
With the log information from the previous step, you can use the following command to send a request to the exit node domain:
|
||||||
|
|
||||||
```
|
```
|
||||||
curl -v -x socks5h://localhost:8882 http://"$(docker logs exit 2>&1 | awk -F'profile=' '{if ($2) print $2}' | awk '{print $1}' | tail -n 1)"/v1/info --insecure
|
curl -v -x socks5h://localhost:8882 http://"$(docker logs exit 2>&1 | awk -F'domain=' '{if ($2) print $2}' | awk '{print $1}' | tail -n 1)"/v1/info --insecure
|
||||||
```
|
```
|
||||||
|
|
||||||
If the nprofile supports TLS, you can choose to connect using https scheme
|
If the exit node supports TLS, you can choose to connect using https scheme
|
||||||
|
|
||||||
```
|
```
|
||||||
curl -v -x socks5h://localhost:8882 https://"$(docker logs exit-https 2>&1 | awk -F'profile=' '{if ($2) print $2}' | awk '{print $1}' | tail -n 1)"/v1/info --insecure
|
curl -v -x socks5h://localhost:8882 https://"$(docker logs exit-https 2>&1 | awk -F'domain=' '{if ($2) print $2}' | awk '{print $1}' | tail -n 1)"/v1/info --insecure
|
||||||
```
|
```
|
||||||
|
|
||||||
When using https, the entry node can be used as a service, since the operator will not be able to see the request data.
|
When using https, the entry node can be used as a service, since the operator will not be able to see the request data.
|
||||||
@ -72,7 +78,7 @@ When using https, the entry node can be used as a service, since the operator wi
|
|||||||
|
|
||||||
The exit node must be set up to make your services reachable via Nostr.
|
The exit node must be set up to make your services reachable via Nostr.
|
||||||
|
|
||||||
### Exit node Configuration
|
### Exit node
|
||||||
|
|
||||||
Configuration should be completed using environment variables.
|
Configuration should be completed using environment variables.
|
||||||
Alternatively, you can create a `.env` file in the current working directory with the following content:
|
Alternatively, you can create a `.env` file in the current working directory with the following content:
|
||||||
@ -97,7 +103,7 @@ If your backend services support TLS, your service can now start using TLS encry
|
|||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
### Entry node Configuration
|
### Entry node
|
||||||
|
|
||||||
To run an entry node for accessing NWS services behind exit nodes, use the following command:
|
To run an entry node for accessing NWS services behind exit nodes, use the following command:
|
||||||
```
|
```
|
||||||
|
Loading…
Reference in New Issue
Block a user