# C Nostr Relay - SystemD Deployment This directory contains files for deploying the C Nostr Relay as a systemd service with the new **Event-Based Configuration System**. ## Overview The C Nostr Relay now uses a revolutionary **zero-configuration** approach where all configuration is stored as Nostr events (kind 33334) in the database. No configuration files or command line arguments are needed. ## Files - **`c-relay.service`** - SystemD service unit file - **`install-service.sh`** - Automated installation script - **`uninstall-service.sh`** - Automated uninstall script - **`README.md`** - This documentation ## Quick Installation 1. **Build the project:** ```bash make clean && make ``` 2. **Install as systemd service:** ```bash sudo systemd/install-service.sh ``` 3. **Start the service:** ```bash sudo systemctl start c-relay ``` 4. **Check admin keys (IMPORTANT!):** ```bash sudo journalctl -u c-relay --since="1 hour ago" | grep "Admin Private Key" ``` ## Event-Based Configuration System ### How It Works - **Zero Configuration:** No config files or command line arguments needed - **First-Time Startup:** Automatically generates admin and relay keypairs - **Database Naming:** Creates database as `.nrdb` - **Configuration Storage:** All settings stored as kind 33334 Nostr events - **Real-Time Updates:** Configuration changes applied instantly via WebSocket ### First Startup On first startup, the relay will: 1. Generate cryptographically secure admin and relay keypairs 2. Create database file named with relay pubkey: `.nrdb` 3. Create initial configuration event (kind 33334) with default values 4. Display admin private key **once** in the logs 5. Start WebSocket server listening on port 8888 ### Admin Keys ⚠️ **CRITICAL:** Save the admin private key displayed during first startup! ```bash # View first startup logs to get admin private key sudo journalctl -u c-relay --since="1 hour ago" | grep -A 5 "IMPORTANT: SAVE THIS ADMIN PRIVATE KEY" ``` The admin private key is needed to update relay configuration by sending signed kind 33334 events. ## Configuration Management ### Viewing Current Configuration ```bash # Find the database file ls /opt/c-relay/*.nrdb # View configuration event sqlite3 /opt/c-relay/.nrdb "SELECT content, tags FROM events WHERE kind = 33334;" ``` ### Updating Configuration Send a new kind 33334 event to the relay via WebSocket: 1. Create new configuration event with updated values 2. Sign with admin private key 3. Send via WebSocket to relay 4. Relay automatically applies changes to running system ## Service Management ### Basic Commands ```bash # Start service sudo systemctl start c-relay # Stop service sudo systemctl stop c-relay # Restart service sudo systemctl restart c-relay # Enable auto-start on boot sudo systemctl enable c-relay # Check status sudo systemctl status c-relay # View logs (live) sudo journalctl -u c-relay -f # View recent logs sudo journalctl -u c-relay --since="1 hour ago" ``` ### Log Analysis ```bash # Check for successful startup sudo journalctl -u c-relay | grep "First-time startup sequence completed" # Find admin keys sudo journalctl -u c-relay | grep "Admin Private Key" # Check configuration updates sudo journalctl -u c-relay | grep "Configuration updated via kind 33334" # Monitor real-time activity sudo journalctl -u c-relay -f | grep -E "(INFO|SUCCESS|ERROR)" ``` ## File Locations After installation: - **Binary:** `/opt/c-relay/c_relay_x86` - **Database:** `/opt/c-relay/.nrdb` (created automatically) - **Service File:** `/etc/systemd/system/c-relay.service` - **User:** `c-relay` (system user created automatically) ## Security Features The systemd service includes security hardening: - Runs as dedicated system user `c-relay` - `NoNewPrivileges=true` - `ProtectSystem=strict` - `ProtectHome=true` - `PrivateTmp=true` - Limited address families (IPv4/IPv6 only) - Resource limits (file descriptors, processes) ## Network Configuration - **Default Port:** 8888 (WebSocket) - **Protocol:** WebSocket with Nostr message format - **Configuration:** Port configurable via kind 33334 events (no restart needed) ## Backup and Migration ### Backup The database file contains everything: ```bash # Backup database file sudo cp /opt/c-relay/*.nrdb /backup/location/ # The .nrdb file contains: # - All Nostr events # - Configuration events (kind 33334) # - Relay keys and settings ``` ### Migration To migrate to new server: 1. Copy `.nrdb` file to new server's `/opt/c-relay/` directory 2. Install service with `install-service.sh` 3. Start service - it will automatically detect existing configuration ## Troubleshooting ### Service Won't Start ```bash # Check service status sudo systemctl status c-relay # Check logs for errors sudo journalctl -u c-relay --no-pager # Check if binary exists and is executable ls -la /opt/c-relay/c_relay_x86 # Check permissions sudo -u c-relay ls -la /opt/c-relay/ ``` ### Database Issues ```bash # Check if database file exists ls -la /opt/c-relay/*.nrdb* # Check database integrity sqlite3 /opt/c-relay/*.nrdb "PRAGMA integrity_check;" # View database schema sqlite3 /opt/c-relay/*.nrdb ".schema" ``` ### Configuration Issues ```bash # Check if configuration event exists sqlite3 /opt/c-relay/*.nrdb "SELECT COUNT(*) FROM events WHERE kind = 33334;" # View configuration event sqlite3 /opt/c-relay/*.nrdb "SELECT id, created_at, LENGTH(tags) FROM events WHERE kind = 33334;" ``` ## Uninstallation ```bash sudo systemd/uninstall-service.sh ``` The uninstall script will: - Stop and disable the service - Remove service file - Optionally remove installation directory and data - Optionally remove service user ## Support For issues with the event-based configuration system: 1. Check service logs: `sudo journalctl -u c-relay -f` 2. Verify database integrity 3. Ensure admin private key is saved securely 4. Check WebSocket connectivity on port 8888 The relay is designed to be zero-maintenance once deployed. All configuration is managed through Nostr events, enabling dynamic updates without server access.