saulteafarmer/nsite-ts
1
0
Fork 0
mirror of https://github.com/hzrd149/nsite-gateway.git synced 2025-06-23 12:05:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

add caddy example

Browse Source
This commit is contained in:
hzrd149 2025-04-05 17:06:53 +01:00
parent 14d767114a
commit 243fe2cd5a
9 changed files with 43 additions and 215 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.env.example
View File

@ -12,10 +12,10 @@ LOOKUP_RELAYS=wss://user.kindpag.es,wss://purplepag.es
SUBSCRIPTION_RELAYS=wss://nos.lol,wss://relay.damus.io SUBSCRIPTION_RELAYS=wss://nos.lol,wss://relay.damus.io
# A list of fallback blossom servers # A list of fallback blossom servers
BLOSSOM_SERVERS=https://nostr.download,https://cdn.satellite.earth BLOSSOM_SERVERS="https://nostr.download,https://cdn.satellite.earth"
# The max file size to serve # The max file size to serve
MAX_FILE_SIZE='2 MB' MAX_FILE_SIZE="2 MB"
# A nprofile pointer for an nsite to use as the default homepage # A nprofile pointer for an nsite to use as the default homepage
# Setting this will override anything in the ./public folder # Setting this will override anything in the ./public folder

8
Caddyfile Normal file
View File

@ -0,0 +1,8 @@
#{
# email your-email@example.com
#}
# This will match example.com and all its subdomains (*.example.com)
example.com, *.example.com {
reverse_proxy nsite:3000
}

2
Dockerfile
View File

@ -29,7 +29,7 @@ COPY --from=build ./app/build ./build
COPY ./public ./public COPY ./public ./public
EXPOSE 80 3000 EXPOSE 3000
ENV NSITE_PORT="3000" ENV NSITE_PORT="3000"
CMD ["node", "."] CMD ["node", "."]

84
README.md
View File

@ -2,6 +2,20 @@
A Typescript implementation of [static websites on nostr](https://github.com/nostr-protocol/nips/pull/1538) A Typescript implementation of [static websites on nostr](https://github.com/nostr-protocol/nips/pull/1538)
## Configuring
All configuration is done through the `.env` file. start by copying the example file and modifying it.
```sh
cp .env.example .env
```
## Running with npx
```sh
npx nsite-gateway
```
## Running with docker-compose ## Running with docker-compose
```sh ```sh
@ -10,82 +24,16 @@ cd nsite-gateway
docker compose up docker compose up
``` ```
Once the service is running you can access the cached version at `http://localhost:8080` Once the service is running you can access the gateway at `http://localhost:3000`
If you need to test, you can directly access the ts server at `http://localhost:3000`
## Running with docker ## Running with docker
The `ghcr.io/hzrd149/nsite-gateway` image can be used to run a http instance locally The `ghcr.io/hzrd149/nsite-gateway` image can be used to run a http instance locally
```sh ```sh
docker run --rm -it --name nsite -p 8080:80 ghcr.io/hzrd149/nsite-gateway docker run --rm -it --name nsite -p 3000:3000 ghcr.io/hzrd149/nsite-gateway
``` ```
## Manual nginx setup
Before manually setting up nginx and nsite-gateway you need a few things installed
- [nginx](https://nginx.org/)
- [nodejs](https://nodejs.org/en/download/package-manager) (dep packages [here](https://deb.nodesource.com/))
- [pnpm](https://pnpm.io/) run `npm i -g pnpm` to install
Next your going to need to clone the nsite-gateway repo and set it up
```sh
git clone https://github.com/hzrd149/nsite-gateway
cd nsite-gateway
# install dependencies
pnpm install
# build app
pnpm build
```
Then create a new `.env` file for configuration
```sh
cp .env.example .env
```
Next copy and setup the systemd service
```sh
sudo cp contrib/nsite.service /etx/systemd/system/nsite.service
# edit the service and set the working directory path
sudo nano /etx/systemd/system/nsite.service
# reload systemd service
sudo systemctl daemon-reload
# start service
sudo systemctl start nsite
```
Then once nsite-gateway is running, next you need to configure nginx
Start by modifying the `/etx/nginx/nginx.conf` file and adding a `proxy_cache_path` to the `http` section
```sh
sudo nano /etc/nginx/nginx.conf
```
```diff
http {
+ proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=request_cache:10m max_size=10g inactive=60m use_temp_path=off;
}
```
Next modify the default site config (usually `/etx/nginx/sites-enabled/default` or `/etc/nginx/conf.d/default.conf`) to be one of
- [nginx/http.conf](./nginx/http.conf)
- [nginx/tls.conf](./nginx/tls.conf)
- [nginx/tls-and-tor.conf](./nginx/tls-and-tor.conf)
Once that is done you can restart nginx and you should have a new nsite server running on port 80
## Tor setup ## Tor setup
First you need to install tor (`sudo apt install tor` on debian systems) or [Documentation](https://community.torproject.org/onion-services/setup/install/) First you need to install tor (`sudo apt install tor` on debian systems) or [Documentation](https://community.torproject.org/onion-services/setup/install/)

17
docker-compose.yml
View File

@ -1,6 +1,7 @@
services: services:
redis: redis:
image: redis:alpine image: redis:alpine
restart: unless-stopped
command: redis-server --save 60 1 --loglevel warning command: redis-server --save 60 1 --loglevel warning
volumes: volumes:
- redis-data:/data - redis-data:/data
@ -8,14 +9,28 @@ services:
nsite: nsite:
build: . build: .
image: ghcr.io/hzrd149/nsite-gateway:master image: ghcr.io/hzrd149/nsite-gateway:master
restart: unless-stopped
environment: environment:
LOOKUP_RELAYS: wss://user.kindpag.es,wss://purplepag.es LOOKUP_RELAYS: wss://user.kindpag.es,wss://purplepag.es
SUBSCRIPTION_RELAYS: wss://nostrue.com/,wss://nos.lol/,wss://relay.damus.io/,wss://purplerelay.com/ SUBSCRIPTION_RELAYS: wss://nostrue.com/,wss://nos.lol/,wss://relay.damus.io/,wss://purplerelay.com/
CACHE_PATH: redis://redis:6379 CACHE_PATH: redis://redis:6379
depends_on: depends_on:
- redis - redis
caddy:
image: caddy:alpine
restart: unless-stopped
ports: ports:
- 3000:3000 - "80:80"
- "443:443"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- caddy_data:/data
- caddy_config:/config
depends_on:
- nsite
volumes: volumes:
redis-data: redis-data:
caddy_data:
caddy_config:

19
nginx/http.conf
View File

@ -1,19 +0,0 @@
server {
listen 80;
listen [::]:80;
server_name nsite;
location / {
proxy_cache request_cache;
proxy_cache_valid 200 60m;
proxy_cache_valid 404 10m;
proxy_cache_key $host$uri;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
expires 30d;
add_header Cache-Control "public, no-transform";
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3000;
}
}

33
nginx/nginx.conf
View File

@ -1,33 +0,0 @@
user nsite;
worker_processes auto;
error_log /dev/stderr notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# add custom cache
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=request_cache:10m max_size=10g inactive=60m use_temp_path=off;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /dev/stdout main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
gzip on;
include /etc/nginx/conf.d/*.conf;
}

56
nginx/tls-and-tor.conf
View File

@ -1,56 +0,0 @@
# tor .onion server
server {
listen 80;
listen [::]:80;
server_name *.onion;
location / {
proxy_cache request_cache;
proxy_cache_valid 200 60m;
proxy_cache_valid 404 10m;
proxy_cache_key $host$uri;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
expires 30d;
add_header Cache-Control "public, no-transform";
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3000;
}
}
# redirect http to https
server {
listen 80;
listen [::]:80;
server_name _;
return 307 https://$host$request_uri;
}
# http server
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name nsite;
ssl_certificate /path/to/certificate/fullchain1.pem;
ssl_certificate_key /path/to/certificate/privkey1.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
location / {
proxy_cache request_cache;
proxy_cache_valid 200 60m;
proxy_cache_valid 404 10m;
proxy_cache_key $host$uri;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
expires 30d;
add_header Cache-Control "public, no-transform";
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3000;
}
}

35
nginx/tls.conf
View File

@ -1,35 +0,0 @@
# redirect http to https
server {
listen 80;
listen [::]:80;
server_name _;
return 307 https://$host$request_uri;
}
# nginx config for tls
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name nsite;
ssl_certificate /path/to/certificate/fullchain1.pem;
ssl_certificate_key /path/to/certificate/privkey1.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
location / {
proxy_cache request_cache;
proxy_cache_valid 200 60m;
proxy_cache_valid 404 10m;
proxy_cache_key $host$uri;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
expires 30d;
add_header Cache-Control "public, no-transform";
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3000;
}
}