Skip to content

Latest commit

 

History

History
117 lines (86 loc) · 3.35 KB

deploy.md

File metadata and controls

117 lines (86 loc) · 3.35 KB
Raw

Deploying

I deploy on Debian and use systemd to launch a script with the above java command.

conf/relay.yml controls which port the relay runs on. By default this is 9090; this is a fine default as you'll want to run a reverse proxy to server your relay on the well-known SSL port.

I use ngnix + https://letsencrypt.org/ for SSL termination and DDoS mitigation and configure it to talk to the relay process on port 9090.

nginx Notes

In nginx.conf, I set worker_connections high — e.g., worker_connections 32768;.

I also enforce https except make an exception for http requests with $http_accept = application/nostr+json, because I've noticed that some clients in the wild issue http NIP-11 requests.

Totally optionally but you may wish to limit access to /metrics and /q, eg, via basic auth.

See example nginx.conf — feel free to send PR for this config file if you see any potential improvements.

Show Me Code

This is a script on my server, /home/aaron/run-relay.sh:

#!/usr/bin/env bash

/usr/lib/jvm/jdk-17/bin/java \
    -Xms1g -Xmx1g \
    -Dlogback.configurationFile=conf/logback.xml \
    -Dspy.properties=conf/spy.properties \
    -cp me.untethr.nostr-relay.jar \
    clojure.main -m me.untethr.nostr.app

I made sure it had execute permissions:

$ chmod u+x /home/aaron/run-relay.sh

Then I created /etc/systemd/system/nostr-relay.service:

[Unit]
Description=me.untethr.nostr.app
[Service]
User=atdixon
WorkingDirectory=/home/aaron
ExecStart=/home/aaron/run-relay.sh
SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.target

And ran:

$ sudo systemctl daemon-reload
$ sudo systemctl enable nostr-relay.service
$ sudo systemctl start nostr-relay
$ sudo systemctl status nostr-relay

Now, 2 ways to look at logs.

  • Relay server logs:
/home/aaron$ tail -f logs/nostr-relay-<latest>.log
  • systemd service logs — this will show uncaught errors, due to bad requests or other issues, etc:
$ journalctl -u nostr-relay -f -o cat

You can query for server metrics:

$ curl https://<relay-host>/metrics

# with jq installed
$ curl -sS http://<relay-host>/metrics | jq '.meters | ."app.event.duplicate"
$ watch "curl -sS http://<relay-host>/metrics | jq '.meters | .\"app.event.duplicate\"'"

And issue basic non-websocket queries over your relay's data:

$ curl https://<your-relay-host>/q

# basic query param filters like these are convenient from a browser
$ curl <your-relay-host>/q?until=now

$ curl <your-relay-host>/q?author=aff9a9f017f32b2e8b60754a4102db9d9cf9ff2b967804b50e070780aa45c9a8

# using more complex nostr filters in the request body
$ curl -H 'Content-Type: application/json' \
  -XGET <your-relay-host>/q \
  --data '[{"authors":["aff9a9f017f32b2e8b60754a4102db9d9cf9ff2b967804b50e070780aa45c9a8"]}]'