pull down to refresh

Thanks for doing this. Mighty important. Far too many of us relying on temporary custodial systems to route zaps for us.
Stupid question, but let me ask it anyway, why does it need to be a separate VPS? What prevents this from running on the same machine as our node?
Not a stupid question at all!
There are a few reasons I suggest running this as a separate server is assuming you are running a Tor node at home and/or hosted only on Tor.
The first being that this ultimately a web server that is meant to listen on a public IP address. You could be hosting your node from a public IP at home (using portforwarding on a NAT router) but I wouldn't advise running a publicly reachable webserver from your home network as you could inadvertently let bad actors into your home network. I would rather spend $5 a month on a VPS than worry about bad actors getting onto my home network, with the current design this just makes API calls over Tor to your node and then serves the invoices to nostr clients.
The second issue is that this script automates the deployment of an nginx server and requesting a TLS certificate (for ease of setup). If you have anything (other services) in the etc/nginx/sites-available/default file, it will be overwritten and replaced with the new nginx proxy.
The third issue is potential port conflicts, certain nodes may be hosting a webserver on port 443 for an admin UI or something similar.
However this was just quickly thrown together on a Saturday, I'll continue to work on this and will likely release a docker container at some point and with some careful planning could possibly run this on a node as well.
reply
Thanks so much for breaking it down in such detail. Hearing those trade-offs it definitely makes sense.
reply