Nostr Web Client

definitely agree re: docker and vms which is why i made the docker wrapper (i know nostr:npub1utx00neqgqln72j22kej3ux7803c2k986henvvha4thuwfkper4s7r50e8 is not a fan of prs for docker 😅)

the gui that makes the most sense is a web ui with nostr auth to allow the haven owner to make changes. i was thinking of enhancing the existing landing page to do this, but im not a dev and get easily distracted.

Anthony Accioly 5mo ago

I may try to convince Utxo to include an official Dockerfile in the main repo again at some point, maybe something simply built with GoReleaser (no Compose files or anything like that in the main repo). I think we’re now at a different level of maturity, and I can shield him from all the support requests and red herrings caused by broken Docker setups. It would be great to have an official, signed image that folks can pull. But for now, people like you and nostr:nprofile1qqsq4hm8gawvch9y2m7nqghydaw4ym4s4a3gf0u9f9xqm4uy0ul9qvcpremhxue69uhkstnrdajxjmn8v9ex2mnp9e6x7up0da6hgcn00qq3vamnwvaz7tmwdaehgu3dwfjkccte9eshqup0qyghwumn8ghj7mn0wd68ytnhd9hx2tcht4zgq have been doing a great job providing independent builds.

As for getting easily distracted… this makes two of us 🤣

I got you. There’s definitely some interest in NIP-86, which could potentially be extended with custom endpoints. That way, someone could build a React, Vue, or whatever admin UI on top of it. If I’m not mistaken, nostr:nprofile1qqst6jhruelzn9jdf9qhyfsac3fetjyld0fwwary9cmxzfchrhacragppemhxue69uhkummn9ekx7mp0qy2hwumn8ghj76n9d3k8jenfwd5zumrpdejz7yj9f6t was interested and building his own Khatru-based stuff to enable this. Maybe one day we'll hage a NIP-86 GUI that can be reused by all Khatru relays? :)

My main concern with this kind of feature is, again, the attack surface. We'd need to be very careful that users don't expose it to the internet without properly securing the endpoints. Beyond auth + something like NIP-46, I’d also prefer this kind of interface to be limited to the local network (or exposed via VPN). Unfortunately, there are already plenty of bots targeting Nostr relays out there.

Also, Haven doesn't really have much to configure after the initial setup. This kind of UI might make more sense if I ever implement a PGP-like owner trust model. In that case, the relay owner might want a convenient UI to mark an npub as someone who follows bots, and therefore exclude their follows from the WoT. But honestly, that's way down my priority list. First, I want to fix some of Haven's and Khatru's concurrency issues. Then there’s a lot of Blossom work: redirecting, fixing the mobile mirroring on Primal thing, separating the Blossom database, etc. And then there's writing tests (we don't have any at the moment and at least in theory I'm supossed to be a TDD person… Having no tests makes me anxious :)), improving backup and introducing restore functionality, adding optional "open/whitelist" relays for NIP-46, Cashu, NWC, etc. And finally releasing the big v2.0. A lot of pedestrian work required on my side before I can get to the "fun" bits.

Reply to this note

Please Login to reply.

Discussion

sudocarlos 5mo ago

yea, i still have your last list bookmarked

nostr:nevent1qqsrp309ktvd2kyyymg7kklyquvmlrng4f26g97ndep2p9nrlh9tllczyrhfm9u70c2p320hgu46lqkujcyz5r2z2xmhhjchpfhvajfl4hlkgqcyqqqqqqgpzpmhxue69uhkummnw3ezumrpdejqzxnhwden5te0w35x2en0wfjhxapwdehhxarjxyhxxmmdqyd8wumn8ghj76rpwejkutnpvd3kjmmv0yh8xmmrd9skcnwa9rj

Anthony Accioly 5mo ago

Very ambitious of me :). Well, the binaries are almost done. Like 0 of 30 items fully completed and sevetal more items added, but hopefully the binaries will be ready to merge soon, so that I at least get to 1 of 30. Any testing on Windows and Linux is very welcome :)

sudocarlos 5mo ago

i was looking into a raspi when you asked about arm but havent pulled the trigger. i can test the binary later, barring distractions

کیهان 5mo ago

Hi, yes, https://github.com/dezh-tech/alienos and some DDSRs are compatible with NIP-86.

On the other hand I have the Mangostr: https://github.com/dezh-tech/mangostr whic is a vibe coded (😂) client with React. But it doesn't function well, it needs a lot of talking with dork(?) which I may to later.

Ans yes, all NIP-86 compatible relays cloud use this client as well.

Dikaios1517 5mo ago

I am guessing a lot of these concerns are the same reason an Umbrel or Start9 package is not currently in the works? HAVEN really is the most incredible personal relay out there, and it should be as accessible as possible for users to run, so more folks can take advantage of its features. Yet, I understand the security risks of having a GUI, especially a web GUI, that could be exposed to the internet by unwitting users.

Anthony Accioly 5mo ago

On my side, it's mostly because I don’t use their hardware or software. So even if I hacked together a quick package to make Haven users happy, I wouldn’t be eating my own dog food in terms of maintenance and support. So I'd rather not do it myself. I don’t know if nostr:nprofile1qqsw9n8heusyq0el9f99tveg7r0rhcu9tznatuekxt764m78ymqu36cpr3mhxue69uhhyetvv9ujucnfw33k76twwpshy6ewvdhk6tcpzdmhxue69uhhwmm59e6hg7r09ehkuef0qy2hwumn8ghj7un9d3shjtn4w3ux7tn0dejj7ne6u4e uses any of this himself, or if anyone else is willing to take on the maintenance beyond hacking together a one-off package. I'm… not 😅.

I’ve seen some discussion from folks about creating Haven packages for these ecosystems, similar to the many Docker / Podman / OCI community releases out there. Not sure if anything concrete ever materialised out of it. One way or another, this is a good way to go about it. Assuming there’s a good, well-maintained community wrapper with at least one maintainer willing to put in the work, I’ve got nothing against integrating it upstream on my side.