Skip to content

Latest commit

 

History

History
105 lines (84 loc) · 3.34 KB

README.md

File metadata and controls

105 lines (84 loc) · 3.34 KB

Flamebucket Manager

This is a grpc authz server that uses the Nostrocket Engine to validate current users for the Flamebucket Rocket, which is a set of paid nostr relays.

Flamebucket Manager should not be used directly, but consumed from the Flamebucket repo (as a submodule).

License

gRPC Extensions for nostr-rs-relay

gRPC authz server for nostr-rs-rely. Admits events based on whether they have been allowed by the relay admin.

Build and Run

This package is an extension of nostr-rs-relay and the instructions here assume the relay exists in ./nostr-rs-relay/

  1. Make sure you are running the latest version of Rust, if you installed with rustup:
rustup update
  1. Clone and compile
git clone https://github.com/nostrocket/flamebucketmanager.git
cd manage-relay-users
cargo update
cargo build -r
  1. Edit the config file.
vim config.toml

Add a pubkey (in hex) that will have permission to administer the relay. Uncomment the grpc and db_path lines.

  1. Edit the config of the relay
cd ../nostr-rs-relay
vim config.toml

Find the line with event_admission_server

[grpc]
# event_admission_server = "http://[::1]:50051" <---- this line

Uncomment this line and change it to reflect your local setup that matches the grpc config you used above. For example:

event_admission_server = "http://127.0.0.1:50001"
  1. Run You will need to use screen or tmux or a different terminal tab so that you can run two processes. Start the relay manager first:
cd ../manage-relay-users
./target/release/manage_relay_users --config config.toml

In a different terminal on the same system:

cd ../nostr-rs-relay
RUST_LOG=warn,nostr_rs_relay=info ./target/release/nostr-rs-relay --config config.toml

Managing Users

Via Nostr

The admin(s) can update accounts by publishing an kind 4242 event with an allow tag where index 0 is "allow" followed by the list of hex pubkeys, and a "deny" tag of the same format.

For now this is not in a NIP if there is interest it can be more formalized.

Events can be published using this branch of nostr tools or implementing the event format in other tools.

https://github.com/thesimplekid/nostr-tool/tree/manage_relay_users

{
  "id": <32-bytes lowercase hex-encoded sha256 of the the serialized event data>,
  "pubkey": <pubkey of the relay admin>,
  "created_at": <unix timestamp in seconds>,
  "kind": 4242,
  "tags": [
    ["allow", <32-bytes hex of a pubkey>,  <32-bytes hex of a pubkey>, ...],
    ["deny", <32-bytes hex of a pubkey>, <32-bytes hex of a pubkey>, ...],
    ...
  ],
  "content": "", 
  ...
}

HTTP API

The users can be updated by sending a http POST to the /update endpoint with a json body with the following format.

{
    "allow":, [<32-bytes hex of a pubkey>,  <32-bytes hex of a pubkey>, ...],
    "deny": [<32-bytes hex of a pubkey>, <32-bytes hex of a pubkey>, ...],
}

There is also a GET endpoint with at /users that will return json of the same format with allowed and denied users.

If the relay has nip42 enabled it will use the authenticated pubkey if not the author pubkey of the note will be used.

License

Code is under the BSD 3-Clause License