yes it's for people who see the need but who don't have the time or skills to do this setup, it's really just a small value add on top of a regular wireguard VPN service
anyhow, it's just an idea at this point, i got bigger fish to fry rn
well, it's on my mind now, but feel free to steal the idea and do it yourself of course, i have a full time gig currently
but it's simpler than that ngrok thing
yeah, it's just a foggy idea at the moment, i just run my test relay already pretty much full time on my dev machine now over a wireguard connection through a firewall redirect, it's so easy to set up, practically foolproof
idk, i've had an idea about wireguard proxies and nsec bunkers (with bonus VPN and nip-05) all configurable from a nostr chatbot, then you can get an antique computer to run that shit for you, would just be a live USB stick with a basic GUI and text editor with hot reload
i've had a little business idea, that i might do something about
it's basically a bunch of scripts configuring a reverse proxy and a UFW firewall configuration, and it generates a wireguard configuration for the users that points to one or more of their devices, phones, pc's laptops, rpis...
they get a domain name, or they can use a subdomain on your domain service, and they get the ability to expose services they run on their local devices to internet addresses
i use this now to test my relay, and i could run an nsec bunker this way as well, it could also include nip-05 configurations that set up a file to put in a user folder, and for extra points, it's also a wireguard proxy that they can share with a heap of other users who are also hosting this inbound connectivity and nip-05 services with
the only thing that would be tricky for me to do personally is the actual web interface, i could build most of the back end and middlewares
maybe just to start with one or two simple things, and make it really easy to set up so you literally just have one little app you install on your pc and it runs an nsec bunker, runs your nip-05 and gives you a VPN all in one, would probably cost like $3/month, and maybe even i could set it up to run as a nostr chatbot service so you just follow the bot, message it, it invoices you, and then you drop your configuration items on it in commands, then i don't have to deal with no stinking web interface
the best solution would be for people to make a service 💡
This is the service: a simple wireguard VPS attached to your personal DNS name (could be some delegated subdomain too) with a firewall/reverse proxy configuration that lets you forward subdomains or ports to one of your wireguard clients at a specified port
then you run your nsecbunker on your own machine listening on that port and you are always in control, just need to close it or have an auto-time-out and it's safer than the alby... could even be running on a dedicated little shitty ancient rpi
i run my test relay this way, using a reverse proxy pointing to my dev machine on the port it listens to by default, i get loads of traffic from clients that pick up the relay address from my relay list and from client event entities, most of them don't use nip-42 auth tho, i have it required so it refuses to send them answers if they don't auth
assembler is too hard to read
but it is easier to read than C++ xD
indeed but there is no way to properly use stupid tools like objects, programs are active not passive things... the less imperative a language is the more easy it is to make overly abstract, inefficient code that takes the compiler forever to figure out
will be nice to see as #nostr gets more mature and more and more people come over and join the party
i forget where i saw it implemented... maybe i even wrote an RPC recently that lets you do that unlock remotely so it never touches the disk...
oh, no, it was my former sponsor... let me see...
https://github.com/indra-labs/indra/tree/089a0df491fd76ac393875053625f9fd4fdbe140/pkg/storage
uses protobuf - you will see the proto and the generated pb.go code in there, that is an unlocker that stays off-disk
a second best option is using an environment variable, you can protect that behind root privileges
we already had this conversation about being wishywashy i'll just leave it at that
yeah, there is a variant also, tinygo https://tinygo.org/ which supports almost everything in go except for GC, main point is it will let you use coroutines, even on one core you can use coroutines, they are possible to use that way (with channels as well of course)
garbage collection has to be done, if you don't free after you malloc in C/C++ you can blow up and end up with an OOM panic and be force killed by the kernel
coroutine scheduling only runs a background process when you are running on more than one kernel thread because it tries to parallelise as much as possible
this is one of the other deficiencies of go - if you need to do bulk compute it's better to refactor your processing unit as an independent process and coordinate them with an IPC, i have also done this, the difference is about 20% for compute bound heavy processing (it was a crypto miner) - vanity mining addresses, also, another example of what benefits in Go from this, whereas in languages with explicit access to kernel thread control can do this natively
yep, goroutines and channels being first class and the functions as values are the three features that make me addicted to go, it's a whole different way of thinking
almost no other languages have coroutines at all and none have it as a low level syntax, maybe you could do it with operator overloading in C++ but that shit is messed up
unfortunately the GC and CSP kinda go hand in hand but in actual fact you can turn off the GC and you can write code to manage memory manually, in fact many network handlers in Go are written with allocate-once freelists, and you can actually do this for a whole application
as it is, i personally avoid using the compact declaration asignment operator for things, as many people use them inside if and for blocks without thinking about whether it makes sense to allocate yet another value on the stack when there already is one with the same name, and scope shadowing can hide some bad bugs
i suppose next you'll tell me there's nothing wrong with cannibalism in some circumstances
NOT EVEN ONCE!
damn i can't find the gary busey/macaulay culkin meme template anywhere