pull down to refresh

Why Your Nostr Relay Needs a Website

We've all seen it. You go to relay.somedomain.xyz and get the text returned "Please use a Nostr client to connect."
If you are an advanced user, you might use curl to see what the NIP-11 of the relay is:
. curl -H 'accept: application/nostr+json' https://relayable.org
.
Above example output: {"contact":"hello@citizenry.technology","description":"A new way to relay.","name":"Relayable.org","pubkey":"npub16fcy8ynknssdv7s487nh4p2h4vr3aun64lpfea45d7h4sts9jheqevshgh","software":"git+http s://github.com/hoytech/strfry.git","supported_nips":[1,9,11,12,15,16,20,22],"version":"v103-e5ec135"}
But this is only a limited amount of general information about the relay. What is needed is a basic webpage at the root of the relay's domain name. Better yet, a detailed page with a Terms of Service and Privacy Policy. Outlining what is and is not allowed on the relay and how admin(s) handle Spam and bad bots.
You can quickly generate this page using Jekyll or MkDocs and keep it updated. Along with adding general information about where geographically the relay is hosted, on what provider(s), and data retention practices (e.g., Do you delete data over X days or months old?).
. Relay operators may also look into the legal (aka no fun) side of running a relay.
  • Do you fall under GDPR?
  • Do you need to have a DMCA contact address (https://www.copyright.gov/dmca-directory/)?
  • Are there other local regulations that might get you in trouble depending on what is allowed on your relay?
. There are many more. These are just examples. At the least, you may want to add verbiage in your ToS or Privacy Policy to cover your ass for things like those
. .

How to add a site to your relay address with nginx:

We use this approach with Relayable.org:
https://relayable.org & wss://relayable.org
I see your point, but privacy is a big advantage of nostr, and including some of the information you suggest (ie geographical location) seems unnecessary and opens the relay up to possibly being compromised. Also, it's tough to maintain privacy of domain ownership, and exposed ip address, etc, can also be problematic.
reply