initial commit

Author: pluja

.github/workflows/nerostr-docker.yml

@@ -0,0 +1,38 @@
+name: Docker Image CI
+
+on:
+  workflow_dispatch:
+  release:
+    types: [published]
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v4
+        with:
+          context: ./nerostr
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ${{ format('{0}/nerostr:{1}', secrets.DOCKERHUB_USERNAME, github.event.release.tag_name) }}
+            ${{ format('{0}/nerostr:latest', secrets.DOCKERHUB_USERNAME) }}

.github/workflows/nerostr-strfry-docker.yml

@@ -0,0 +1,75 @@
+name: Check for new tags and build Docker image
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'
+
+jobs:
+  check-and-build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      
+      - name: Check for new tags in hoytech/strfry
+        run: |
+          #!/bin/bash
+          latest_tag=$(curl -s https://api.github.com/repos/hoytech/strfry/tags | jq -r '.[0].name')
+          echo "latest_tag=$latest_tag" >> $GITHUB_ENV
+      
+      - name: Check if the new tag exists in DockerHub
+        id: check-tag
+        run: |
+          #!/bin/bash
+          dockerhub_tags=$(curl -s https://hub.docker.com/v2/repositories/${{ secrets.DOCKERHUB_USERNAME }}/strfry/tags | jq -r '.results[].name')
+          if echo "${dockerhub_tags}" | grep -q "${{ env.latest_tag }}"; then
+            echo "::set-output name=exists::true"
+          else
+            echo "::set-output name=exists::false"
+          fi
+
+      - name: Set up QEMU
+        if: steps.check-tag.outputs.exists == 'false'
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        if: steps.check-tag.outputs.exists == 'false'
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to DockerHub
+        if: steps.check-tag.outputs.exists == 'false'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Clone hoytech/strfry
+        if: steps.check-tag.outputs.exists == 'false'
+        run: git clone https://github.com/hoytech/strfry strfry-hoytech
+
+      - name: Build and push Docker image from hoytech/strfry
+        if: steps.check-tag.outputs.exists == 'false'
+        uses: docker/build-push-action@v4
+        with:
+          context: ./strfry-hoytech
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ${{ format('{0}/strfry:{1}', secrets.DOCKERHUB_USERNAME, env.latest_tag) }}
+            ${{ format('{0}/strfry:latest', secrets.DOCKERHUB_USERNAME) }}
+            strfry:latest
+
+      - name: Build and push Docker image
+        if: steps.check-tag.outputs.exists == 'false'
+        uses: docker/build-push-action@v4
+        with:
+          context: ./strfry
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ${{ format('{0}/nerostr-strfry:{1}', secrets.DOCKERHUB_USERNAME, env.latest_tag) }}
+            ${{ format('{0}/nerostr-strfry:latest', secrets.DOCKERHUB_USERNAME) }}

.gitignore

@@ -0,0 +1,8 @@
+node_modules
+nerostr/nerostr_data/db
+nerostr_data
+wallet
+strfry-db
+.env
+*.override.yml
+nerostr/html/static/style.css.fiber.gz

README.md

@@ -0,0 +1,68 @@
+# nerostr: a nostr monero-paid relay
+
+Everyone is free to read, but only paid users can publish events.
+
+**A Nostr expensive relay paid with Monero and written in Go!**
+
+- Check it out here: https://xmr.usenostr.org
+- Add the expensive relay to your list: `wss://xmr.usenostr.org`.
+
+## Features
+
+- Very easy to self-host.
+- Lightweight and fast.
+    - Uses `strfry` nostr relay, which is a very fast and efficient relay.
+    - Uses `badgerdb` as a database, which is a fast and efficient golang database.
+    - Talks directly with the `monero-wallet-rpc` to check for payments and get subaddresses.
+- Simple UI written using Golang templates and TailwindCSS.
+
+## Why?
+
+Nostr has no spam filters/control. With public relays, the global feed and public chat channels get filled with spam, making them unusable.
+
+In order to avoid spam in your feed, you pay a small fee (~$1) to a relay. Your pubkey gets whitelisted in that relay, and then you are able to publish events there. Reading from these relays is always free for everyone! This allows getting much more curated and clean results in the global page.
+
+Also, paid relays can build up communities of users interested in particular topics, allowing users to follow relays based on their interests.
+
+TLDR; Pay-to-relay to avoid nostr spammers.
+
+## Self-hosting your own relay
+
+Selfhosting a Nerostr relay is very easy, you just need a small server and Docker.
+
+1. Get the `docker-compose.yml` file from this repo.
+
+```bash
+wget https://raw.githubusercontent.com/pluja/nerostr/master/docker-compose.yml
+```
+
+2. Create a new Monero wallet, get the `wallet` and `wallet.keys` files and put them in `./nerostr_data/wallet/` folder.
+    - You can use the `monero-wallet-cli` to create a new wallet, or use [Feather Wallet](https://moneroaddress.org/) for a GUI wallet.
+
+3. Get the `.env` file from this repo and modify all the variables to your needs. Mainly you will have to edit the `MONERO_WALLET_FILENAME` and `MONERO_WALLET_PASSWORD` variables.
+
+```bash
+wget -o .env https://raw.githubusercontent.com/pluja/nerostr/master/example.env
+```
+
+4. Get the config file for your the `strfry` relay:
+
+```bash
+wget -o strfry.conf https://raw.githubusercontent.com/pluja/nerostr/master/strfry/strfry.conf
+```
+
+::: warning
+You can change the `strfry` config as you want, but you must make sure to have the `plugin = "/app/nerostr-auth.sh"` line in the `writePolicy` section. If you don't have this, the paywall won't do anything and all events will be accepted by the relay.
+:::
+
+## How does it work?
+
+Users go to the `paywall` frontend, enter their `pubkey` either in npub or hex format, and pay a small fee in Monero. Once paid, their pubkey gets added to the whitelist database.
+
+The `strfry` relay uses the nerostr-auth plugin to check if the pubkey of the user is in the whitelist database. If it is, the event gets accepted and published. If it is not, the event gets rejected.
+
+The payment monitor talks directly with the `monero-wallet-rpc` to check for payments.
+
+## 🧡 Support this project
+
+[kycnot.me/about#support](https://kycnot.me/about#support)

docker-compose.yml

@@ -0,0 +1,52 @@
+version: "3.9"
+
+services:
+  strfry-nerostr-relay:
+    container_name: nerostr-strfry-relay
+    image: pluja/nerostr-strfry:latest
+    environment:
+      - API_URL=http://nerostr:8080
+    volumes:
+      - ./strfry.conf:/etc/strfry.conf
+      - ./nerostr_data/strfry/strfry-db:/app/strfry-db
+
+  monero-wallet-rpc:
+    container_name: nerostr-monero-wallet-rpc
+    env_file: 
+      - .env
+    image: sethsimmons/simple-monero-wallet-rpc:latest
+    command: [
+      "--wallet-file",
+      "/home/monero/${MONERO_WALLET_FILENAME}",
+      "--password",
+      "${MONERO_WALLET_PASSWORD}",
+      "--rpc-bind-port",
+      "28081",
+      "--daemon-host",
+      "${MONERO_DAEMON_RPC_HOSTNAME}",
+      "--daemon-port",
+      "${MONERO_DAEMON_RPC_PORT}",
+      "--disable-rpc-login",
+      "--max-log-files",
+      "1",
+      "--max-log-file-size",
+      "1000000"
+    ]
+    volumes:
+      - ./nerostr_data/wallet/:/home/monero/
+    restart: unless-stopped
+    ports:
+      - 28081:28081
+
+  nerostr:
+    container_name: nerostr-paywall
+    image: pluja/nerostr:latest
+    env_file:
+      - .env
+    volumes:
+      - ./nerostr_data/nerostr/nerostr-db:/app/nerostr_data/db
+    ports:
+      - "8089:8080"
+    depends_on:
+      - strfry-nerostr-relay
+      - monero-wallet-rpc

example.env

@@ -0,0 +1,22 @@
+##############
+# MONERO RPC #
+##############
+# The RPC server address of the Monero daemon
+MONERO_DAEMON_RPC_HOSTNAME=node.community.rino.io
+# The RPC server port of the Monero daemon
+MONERO_DAEMON_RPC_PORT=18081
+# The filename of your Monero wallet (wallet_file and wallet_file.keys)
+MONERO_WALLET_FILENAME=wallet_file
+# The password for your Monero wallet
+MONERO_WALLET_PASSWORD=123
+
+#############
+#  NEROSTR  #
+#############
+# (OPTIONAL VARS)
+
+# Admission fee in XMR, default is 0.002
+# ADMISSION_AMOUNT=0.005
+
+# The time before an invoice is considered expired, default is 3600 seconds
+# INVOICE_EXPIRE_TIME=7200

nerostr/.dockerignore

@@ -0,0 +1,3 @@
+style.css
+nerostr_data
+node_modules

nerostr/Dockerfile

@@ -0,0 +1,29 @@
+FROM devopsworks/golang-upx:latest as builder
+WORKDIR /app
+COPY . .
+RUN go mod tidy
+RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o nerostr . && \
+    upx nerostr
+RUN chmod +x nerostr
+
+# Tailwind CSS compiler
+FROM node:latest as tailwind
+WORKDIR /app
+COPY ./package.json .
+COPY ./package-lock.json .
+COPY ./tailwind.config.js .
+COPY ./html /app/html
+RUN npm install && \
+    npx tailwindcss -o ./style.css --minify
+
+FROM alpine:latest as certs
+RUN apk --update add ca-certificates
+
+FROM scratch
+COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+WORKDIR /app
+COPY ./html/ /app/html/
+COPY --from=tailwind /app/style.css /app/html/static/style.css
+COPY --from=builder /app/nerostr /bin/usr/nerostr
+ENV PATH="/bin/usr:${PATH}"
+ENTRYPOINT ["nerostr"]