saulteafarmer/nsite-ts
1
0
Fork 0
mirror of https://github.com/hzrd149/nsite-gateway.git synced 2025-06-23 20:05:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

update readme

Browse Source
This commit is contained in:
hzrd149 2024-12-18 09:53:29 -06:00
parent 3853ab4f96
commit ba71f35593
12 changed files with 2070 additions and 1465 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.changeset/light-falcons-search.md Normal file
View File

@ -0,0 +1,5 @@
---
"nsite-ts": patch
---
bump dependnecies

2
.env.example
View File

@ -9,7 +9,7 @@ LOOKUP_RELAYS=wss://user.kindpag.es,wss://purplepag.es
SUBSCRIPTION_RELAYS=wss://nos.lol,wss://relay.damus.io SUBSCRIPTION_RELAYS=wss://nos.lol,wss://relay.damus.io
# A list of fallback blossom servers # A list of fallback blossom servers
BLOSSOM_SERVERS=https://cdn.satellite.earth BLOSSOM_SERVERS=https://nostr.download,https://cdn.satellite.earth
# The max file size to serve # The max file size to serve
MAX_FILE_SIZE='2 MB' MAX_FILE_SIZE='2 MB'

3
Dockerfile
View File

@ -29,14 +29,13 @@ RUN chown -R nsite:nsite /app
# Setup nginx # Setup nginx
COPY nginx/nginx.conf /etc/nginx/nginx.conf COPY nginx/nginx.conf /etc/nginx/nginx.conf
COPY nginx/default.conf /etc/nginx/conf.d/default.conf COPY nginx/http.conf /etc/nginx/conf.d/default.conf
# setup nsite # setup nsite
COPY --from=prod-deps /app/node_modules /app/node_modules COPY --from=prod-deps /app/node_modules /app/node_modules
COPY --from=build ./app/build ./build COPY --from=build ./app/build ./build
COPY ./public ./public COPY ./public ./public
COPY tor-and-i2p.pac proxy.pac
VOLUME [ "/var/cache/nginx" ] VOLUME [ "/var/cache/nginx" ]

3
Dockerfile-screenshots
View File

@ -16,7 +16,7 @@ COPY supervisord.conf /etc/supervisord.conf
# Setup nginx # Setup nginx
COPY nginx/nginx.conf /etc/nginx/nginx.conf COPY nginx/nginx.conf /etc/nginx/nginx.conf
COPY nginx/default.conf /etc/nginx/conf.d/default.conf COPY nginx/http.conf /etc/nginx/conf.d/default.conf
RUN chown nsite:nsite -R /etc/nginx RUN chown nsite:nsite -R /etc/nginx
# install google chrome for screenshots. copied from (https://pptr.dev/troubleshooting#running-puppeteer-in-docker) # install google chrome for screenshots. copied from (https://pptr.dev/troubleshooting#running-puppeteer-in-docker)
@ -53,7 +53,6 @@ COPY --from=prod-deps /app/node_modules /app/node_modules
COPY --from=build ./app/build ./build COPY --from=build ./app/build ./build
COPY ./public ./public COPY ./public ./public
COPY tor-and-i2p.pac proxy.pac
VOLUME [ "/var/cache/nginx" ] VOLUME [ "/var/cache/nginx" ]
VOLUME [ "/screenshots" ] VOLUME [ "/screenshots" ]

119
README.md
View File

@ -14,33 +14,114 @@ Once the service is running you can access the cached version at `http://localho
If you need to test, you can directly access the ts server at `http://localhost:3000` If you need to test, you can directly access the ts server at `http://localhost:3000`
## Connecting to Tor and I2P relays ## Running with docker
nsite-ts supports `ALL_PROXY` and other proxy env variables [here](https://www.npmjs.com/package/proxy-from-env#environment-variables) The `ghcr.io/hzrd149/nsite-ts` image can be used to run a http instance locally
Install Tor ([Documentation](https://community.torproject.org/onion-services/setup/install/)) and I2Pd ([Documentation](https://i2pd.readthedocs.io/en/latest/user-guide/install/)) ```sh
docker run --rm -it --name nsite -p 8080:80 ghcr.io/hzrd149/nsite-ts
```
Create a proxy.pac file ## Manual nginx setup
```txt Before manually setting up nginx and nsite-ts you need a few things installed
// SPDX-License-Identifier: CC0-1.0 - [nginx](https://nginx.org/)
- [nodejs](https://nodejs.org/en/download/package-manager) (dep packages [here](https://deb.nodesource.com/))
- [pnpm](https://pnpm.io/) run `npm i -g pnpm` to install
function FindProxyForURL(url, host) Next your going to need to clone the nsite-ts repo and set it up
{
if (shExpMatch(host, "*.i2p")) ```sh
{ git clone https://github.com/hzrd149/nsite-ts
return "PROXY 127.0.0.1:4444; SOCKS5 127.0.0.1:4447"; cd nsite-ts
}
if (shExpMatch(host, "*.onion")) # install dependencies
{ pnpm install
return "SOCKS5 127.0.0.1:9050";
} # build app
return "DIRECT"; pnpm build
```
Then create a new `.env` file for configuration
```sh
cp .env.example .env
```
Next copy and setup the systemd service
```sh
sudo cp contrib/nsite.service /etx/systemd/system/nsite.service
# edit the service and set the working directory path
sudo nano /etx/systemd/system/nsite.service
# reload systemd service
sudo systemctl daemon-reload
# start service
sudo systemctl start nsite
```
Then once nsite-ts is running, next you need to configure nginx
Start by modifying the `/etx/nginx/nginx.conf` file and adding a `proxy_cache_path` to the `http` section
```sh
sudo nano /etc/nginx/nginx.conf
```
```diff
http {
+ proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=request_cache:10m max_size=10g inactive=60m use_temp_path=off;
} }
``` ```
Start server with `PAC_PROXY` variable Next modify the default site config (usually `/etx/nginx/sites-enabled/default` or `/etc/nginx/conf.d/default.conf`) to be one of
- [nginx/http.conf](./nginx/http.conf)
- [nginx/tls.conf](./nginx/tls.conf)
- [nginx/tls-and-tor.conf](./nginx/tls-and-tor.conf)
Once that is done you can restart nginx and you should have a new nsite server running on port 80
## Tor setup
First you need to install tor (`sudo apt install tor` on debian systems) or [Documentation](https://community.torproject.org/onion-services/setup/install/)
Then able the tor service
```sh ```sh
PAC_PROXY=file://$(pwd)/proxy.pac node . sudo systemctl enable tor
sudo systemctl start tor
```
### Setup hidden service
Modify the torrc file to enable `HiddenServiceDir` and `HiddenServicePort`
```
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8080
```
Then restart tor
```sh
sudo systemctl restart tor
```
Next get the onion address using `cat /var/lib/tor/hidden_service/hostname` and set the `ONION_HOST` variable in the `.env` file
```sh
# don't forget to start with http://
ONION_HOST="http://q457mvdt5smqj726m4lsqxxdyx7r3v7gufzt46zbkop6mkghpnr7z3qd.onion"
```
### Connecting to Tor and I2P relays and blossom servers
Install Tor ([Documentation](https://community.torproject.org/onion-services/setup/install/)) and optionally I2Pd ([Documentation](https://i2pd.readthedocs.io/en/latest/user-guide/install/)) and then add the `TOR_PROXY` and `I2P_PROXY` variables to the `.env` file
```sh
TOR_PROXY=127.0.0.1:9050
I2P_PROXY=127.0.0.1:4447
``` ```

13
contrib/nsite.service Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description=nsite Server
After=network.target
[Service]
Type=simple
WorkingDirectory=/<path-to>/nsite-ts
ExecStart=/usr/bin/node .
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target

3
nginx/default.conf → nginx/http.conf
View File

@ -10,9 +10,6 @@ server {
proxy_cache_key $host$uri; proxy_cache_key $host$uri;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
add_header X-Cache $upstream_cache_status;
add_header X-Cache-Status $upstream_status;
expires 30d; expires 30d;
add_header Cache-Control "public, no-transform"; add_header Cache-Control "public, no-transform";

56
nginx/tls-and-tor.conf Normal file
View File

@ -0,0 +1,56 @@
# tor .onion server
server {
listen 80;
listen [::]:80;
server_name *.onion;
location / {
proxy_cache request_cache;
proxy_cache_valid 200 60m;
proxy_cache_valid 404 10m;
proxy_cache_key $host$uri;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
expires 30d;
add_header Cache-Control "public, no-transform";
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3000;
}
}
# redirect http to https
server {
listen 80;
listen [::]:80;
server_name _;
return 307 https://$host$request_uri;
}
# http server
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name nsite;
ssl_certificate /path/to/certificate/fullchain1.pem;
ssl_certificate_key /path/to/certificate/privkey1.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
location / {
proxy_cache request_cache;
proxy_cache_valid 200 60m;
proxy_cache_valid 404 10m;
proxy_cache_key $host$uri;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
expires 30d;
add_header Cache-Control "public, no-transform";
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3000;
}
}

35
nginx/tls.conf Normal file
View File

@ -0,0 +1,35 @@
# redirect http to https
server {
listen 80;
listen [::]:80;
server_name _;
return 307 https://$host$request_uri;
}
# nginx config for tls
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name nsite;
ssl_certificate /path/to/certificate/fullchain1.pem;
ssl_certificate_key /path/to/certificate/privkey1.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
location / {
proxy_cache request_cache;
proxy_cache_valid 200 60m;
proxy_cache_valid 404 10m;
proxy_cache_key $host$uri;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
expires 30d;
add_header Cache-Control "public, no-transform";
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3000;
}
}

40
package.json
View File

@ -21,41 +21,41 @@
"@keyv/redis": "^3.0.1", "@keyv/redis": "^3.0.1",
"@keyv/sqlite": "^4.0.1", "@keyv/sqlite": "^4.0.1",
"@koa/cors": "^5.0.0", "@koa/cors": "^5.0.0",
"blossom-client-sdk": "^1.1.1", "blossom-client-sdk": "^2.1.0",
"dotenv": "^16.4.5", "dotenv": "^16.4.7",
"follow-redirects": "^1.15.6", "follow-redirects": "^1.15.9",
"keyv": "^5.0.1", "keyv": "^5.2.2",
"koa": "^2.15.3", "koa": "^2.15.3",
"koa-morgan": "^1.0.1", "koa-morgan": "^1.0.1",
"koa-send": "^5.0.1", "koa-send": "^5.0.1",
"koa-static": "^5.0.0", "koa-static": "^5.0.0",
"mime": "^4.0.4", "mime": "^4.0.6",
"nostr-tools": "^2.7.2", "nostr-tools": "^2.10.4",
"pac-proxy-agent": "^7.0.2", "pac-proxy-agent": "^7.1.0",
"proxy-agent": "^6.4.0", "proxy-agent": "^6.5.0",
"puppeteer": "^23.5.0", "puppeteer": "^23.11.0",
"websocket-polyfill": "^1.0.0", "websocket-polyfill": "1.0.0",
"ws": "^8.18.0", "ws": "^8.18.0",
"xbytes": "^1.9.1" "xbytes": "^1.9.1"
}, },
"devDependencies": { "devDependencies": {
"@changesets/cli": "^2.27.8", "@changesets/cli": "^2.27.11",
"@swc-node/register": "^1.9.0", "@swc-node/register": "^1.10.9",
"@swc/core": "^1.5.0", "@swc/core": "^1.10.1",
"@types/better-sqlite3": "^7.6.9", "@types/better-sqlite3": "^7.6.12",
"@types/follow-redirects": "^1.14.4", "@types/follow-redirects": "^1.14.4",
"@types/koa": "^2.14.0", "@types/koa": "^2.15.0",
"@types/koa-morgan": "^1.0.8", "@types/koa-morgan": "^1.0.8",
"@types/koa-send": "^4.1.6", "@types/koa-send": "^4.1.6",
"@types/koa-static": "^4.0.4", "@types/koa-static": "^4.0.4",
"@types/koa__cors": "^5.0.0", "@types/koa__cors": "^5.0.0",
"@types/koa__router": "^12.0.4", "@types/koa__router": "^12.0.4",
"@types/node": "^20.11.19", "@types/node": "^20.17.10",
"@types/proxy-from-env": "^1.0.4", "@types/proxy-from-env": "^1.0.4",
"@types/ws": "^8.5.10", "@types/ws": "^8.5.13",
"nodemon": "^3.0.3", "nodemon": "^3.1.9",
"prettier": "^3.3.3", "prettier": "^3.4.2",
"typescript": "^5.3.3" "typescript": "^5.7.2"
}, },
"resolutions": { "resolutions": {
"websocket-polyfill": "1.0.0" "websocket-polyfill": "1.0.0"

3245
pnpm-lock.yaml generated
View File

File diff suppressed because it is too large Load Diff

11
tor-and-i2p.pac
View File

@ -1,11 +0,0 @@
// SPDX-License-Identifier: CC0-1.0
function FindProxyForURL(url, host) {
if (shExpMatch(host, "*.i2p")) {
return "PROXY 127.0.0.1:4444; SOCKS5 127.0.0.1:4447";
}
if (shExpMatch(host, "*.onion")) {
return "SOCKS5 127.0.0.1:9050";
}
return "DIRECT";
}