If you expose port 4869 of your device to the public network, it can be accessed and used by others as well.
Discussion
cool, and is there functionality to only whitelist specific npubs for the relay?
This is an important feature, and I will add it as soon as possible.
My other relay implementation supports setting whitelist. https://github.com/CodyTseng/nostr-relay-nestjs
like a friends / family...or community / church relay . . kinda like an invite only relay
Sound great! Initially, this project was just intended to show how to use https://github.com/CodyTseng/nostr-relay to develop your own relay with just a few lines of code, so it was quite simple, lol. But now I feel like many people would need a relay that they can simply double-click to run on their computers, so I'll continue to develop more features for it.
which clients let you have a port in the relay address? i am not aware of any standard web or mobile clients that do
Most clients support it, you just need to add the port at the end of the address. Like this: ws://your-ip-address:4869
which, do you actually know? because i tried, i'm developing one and my only solution ended up being a VPS with wireguard and a reverse proxy and domain name... if you only run the relay on 443/80 and nothing else then you can skip the domain name and TLS, since after all it's going through a tunnel after that, and just use a firewall port forward on the VPS
Sorry, I don't really understand your question. Are you unable to connect to nostr-relay-tray over the public network? If you want to expose your service to the public network, you need to modify your firewall rules to expose port 4869, or forward the request to port 4869 through a proxy (nginx, etc). And it is advisable to use it only on the local network.
i don't have a firewall because i'm behind two layers of NAT router
i've seen that tray thing and for sure it doesn't work with coracle and i forget if i tried nostrudel, being that those are mandatory for me to use for my work it's not usable for me
Due to browser limitations, wss must be used, so web clients won't work properly. But nostrudel has a special treatment that allows it to be used as a cache relay.
yeah i have been facing this irritating "TLS only" hooey since i started working with gRPC... it basically coerces you to use a domain name and a reverse proxy, and the endless doom of running out of IPv4 addresses and the endless non-implementation of IPv6 on ISPs means that we can't host our own stuff without using the services of someone who is renting an IP address
and yeah, not surprised that nostrudel handles this but none other do
we are being held hostage to the IANA and IETF and all the rest of them for the pricks who use tax blood money to maintain their control over this network, so every bit of effort that goes towards blunting their attack is a great thing
things like letsencrypt and the endless expansion of the TLD namespace are olive leaves intended to keep us from going totally black pill on them so we keep thinking we have a way out of this
we do, but we are up against very very nasty enemies
just felt like i needed to point that out so that people realise this is the real front line of WW3 and all the stuff in the media is just buying submission from a population that is wildly enraged but has been confused about who is doing it to them
also just to point this out, this is why i absolutely HATE the web browser application environment
it's so coercive it feels like a straight jacket to me