pull down to refresh

Tutorial to Setup a Private Home Relay
1078 sats \ 1 comment \ @dgy 6h nostr

Introduction

This tutorial describes how you can create your private backup relay for your nostr notes and how you can configure Amethyst1 to always send your notes there.
Prerequisite:
  • Access to to a GNU/Linux server2 running 24/7 e.g. your Bitcoin full node
  • Basic GNU/Linux command line and administrative skills

Compiling nostr-rs-relay

First we have to install all dependencies used for compilation:
sudo apt-get install rustc cargo build-essential \
     cmake pkg-config libssl-dev protobuf-compiler
For this tuturial we will use nostr-rs-relay as it supports restricting the notes published to your own key. This feature is handy for a personal backup server as we can prevent to get any spam.
Next we checkout and compile the code:
git clone https://git.sr.ht/~gheartsfield/nostr-rs-relay
cd nostr-rs-relay
git checkout 0.9.0
cargo build --release
There is no GPG key available for veriying the integrity of this tag.
Next we install the binary locally:
sudo install -m 0755 -o root -g root -t /usr/local/bin \
     target/release/nostr-rs-relay

Configuration nostr-rs-relay

In the next step we create a technical user named nostr that will run our service:
sudo useradd -r -s /usr/sbin/nologin nostr
We have to decide where we want to store the nostr database. According to the Filesystem Hierarchy Standard (FHS)3 one can put it either in a subdirectory of /var/lib/ or /srv. For this tuturial we go with the latter and will put the data in /srv/nostr-rs-relay
sudo mkdir -p /srv/nostr-rs-relay
sudo chown nostr:nostr /srv/nostr-rs-relay/
Now we create a configuration file and the directory for the service:
sudo mkdir -p /etc/nostr-rs-relay
sudo vi /etc/nostr-rs-relay/config.toml
In the file we add the folowing content:
[network]
listen = "127.0.0.1"
port = 4444

[database]
data_directory = "/srv/nostr-rs-relay"

[authorization]
pubkey_whitelist = ["<YOUR PUBLIC KEY>"]
In place of <YOUR PUBLIC KEY> you have to add your nostr public key in HEX format4. This will be the only user that may publish events on your relay.
Next we will configure the sytemd service. For that we first create a configuration file:
sudo vi /etc/systemd/system/nostr-rs-relay.service
and put this into it:
[Unit]
Description=Nostr Relay
After=network.target

[Service]
User=nostr
ExecStart=/usr/local/bin/nostr-rs-relay --config /etc/nostr-rs-relay/config.toml
Restart=on-failure
ProtectSystem=full
PrivateTmp=true
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target

Tor Setup

We will configure our relay to run solely over tor. This way we do not need a domain name or ddns and we do not need to configure routers etc. Further it is more private to do so.
If tor is not yet installed, you can do it with this command:
sudo apt-get install tor
Next we create the data directories for the new hidden service:
sudo mkdir -p /var/lib/tor/nostr-rs-relay
chown debian-tor:debian-tor /var/lib/tor/nostr-rs-relay
sudo chmod 700 /var/lib/tor/nostr-rs-relay
After that we have to edit /etc/tor/torrc
Make sure these lines are not commented out:
ControlPort 9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1
Then add these lines:
HiddenServiceDir /var/lib/tor/nostr-rs-relay
HiddenServiceVersion 3
HiddenServicePort 80 127.0.0.1:4444
Next restart tor and start our new service:
sudo systemctl daemon-reload
sudo systemctl restart tor
sudo systemctl start nostr-rs-relay
Now grab the generated onion address from the file:
sudo cat /var/lib/tor/nostr-rs-relay/hostname
That will show you a string 56 characters long plus a suffix .onion

Configuration Amethyst

In this section we will configure Amethyst to publish to our private nostr relay.
For that open the relay configuraiton and scroll down to Private Home Relays and add there the onion address of your nostr relay server we got in the section above.
Now you can send a note that will be stored on your private nostr relay.

Accessing the Local SQLite Database

The notes are stored in a SQLite5 database on the server. It can be accessed with the command line tool sqlite3. To check the latest stored events you execute a SQL query as shown below:
$ sqlite3 /srv/nostr-rs-relay/nostr.db
SQLite version 3.46.1 2024-08-13 09:16:08
Enter ".help" for usage hints.
sqlite> select json_extract(content, '$.content')
   ...> from event where kind=1 order by created_at desc limit 1;
Hello, Nostr!
sqlite> .quit

Import Previouly Published Events

In order to do that we first have to install another tool named websocat6 from source:
git clone https://github.com/vi/websocat.git
cd websocat
git checkout v1.14.0
gpg --recv-key --keyserver keyserver.ubuntu.com \
    331079CCE5FF6E6C6F2B3019C097221D6E03DF68
git verify-tag v1.14.0
cargo build --release
sudo install -m 0755 -o root -g root -t /usr/local/bin \
     target/release/websocat
Next we have to prepare the event to be imported. Grab the event you want to import in the json format. Reformat the file so that we event is stored one on line only. In this example the file is named f:
websocat ws://127.0.0.1:4444 <<< "$(jq -c '["EVENT", .]' f)"
That's it.

Conclusion

With this setup you can backup your posts on your own infrastructure without depending on any third-parties. Nobody can censor you or delete your posts if you store them yourself.
Happy posting :-)

Footnotes

  1. https://github.com/vitorpamplona/amethyst
  2. In this tuturial Debian is used, but it should work similiarly with other distros as well. Difference will be in the Tor setup.
  3. https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
  4. The thing that does NOT start with npub. If you have to convert: https://nostrcheck.me/converter/
  5. https://sqlite.org/
  6. https://github.com/vi/websocat
write
preview
related posts
0 sats \ 0 replies \ @SwapMarket 2h
or just use https://github.com/Letdown2491/haven-kit
reply