laantungir/c-relay
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 7 Wiki Activity
Files
258779e23428839ca449f5ba3a9d65da134b4e2b
c-relay/systemd/README.md
Your Name 6f51f445b7 v0.2.11 - Picky shit
2025-09-06 07:12:47 -04:00

217 lines
4.9 KiB
Markdown
Raw Blame History

# C-Relay Systemd Service
This directory contains files for running C-Relay as a Linux systemd service.
## Files
- **`c-relay.service`** - Systemd service unit file
- **`install-systemd.sh`** - Installation script (run as root)
- **`uninstall-systemd.sh`** - Uninstallation script (run as root)
- **`README.md`** - This documentation file
## Quick Start
### 1. Build the relay
```bash
# From the project root directory
make
```
### 2. Install as systemd service
```bash
# Run the installation script as root
sudo ./systemd/install-systemd.sh
```
### 3. Start the service
```bash
sudo systemctl start c-relay
```
### 4. Check status
```bash
sudo systemctl status c-relay
```
## Service Details
### Installation Location
- **Binary**: `/opt/c-relay/c_relay_x86`
- **Database**: `/opt/c-relay/db/`
- **Service File**: `/etc/systemd/system/c-relay.service`
### User Account
- **User**: `c-relay` (system user, no shell access)
- **Group**: `c-relay`
- **Home Directory**: `/opt/c-relay`
### Network Configuration
- **Default Port**: 8888
- **Default Host**: 127.0.0.1 (localhost only)
- **WebSocket Endpoint**: `ws://127.0.0.1:8888`
## Configuration
### Environment Variables
Edit `/etc/systemd/system/c-relay.service` to configure:
```ini
Environment=C_RELAY_CONFIG_PRIVKEY=your_private_key_here
Environment=C_RELAY_PORT=8888
Environment=C_RELAY_HOST=0.0.0.0
```
After editing, reload and restart:
```bash
sudo systemctl daemon-reload
sudo systemctl restart c-relay
```
### Security Settings
The service runs with enhanced security:
- Runs as unprivileged `c-relay` user
- No new privileges allowed
- Protected system directories
- Private temporary directory
- Limited file access (only `/opt/c-relay/db` writable)
- Network restrictions to IPv4/IPv6 only
## Service Management
### Basic Commands
```bash
# Start service
sudo systemctl start c-relay
# Stop service
sudo systemctl stop c-relay
# Restart service
sudo systemctl restart c-relay
# Enable auto-start on boot
sudo systemctl enable c-relay
# Disable auto-start on boot
sudo systemctl disable c-relay
# Check service status
sudo systemctl status c-relay
# View logs (live)
sudo journalctl -u c-relay -f
# View logs (last 100 lines)
sudo journalctl -u c-relay -n 100
```
### Log Management
Logs are handled by systemd's journal:
```bash
# View all logs
sudo journalctl -u c-relay
# View logs from today
sudo journalctl -u c-relay --since today
# View logs with timestamps
sudo journalctl -u c-relay --since "1 hour ago" --no-pager
```
## Database Management
The database is automatically created on first run. Location: `/opt/c-relay/db/c_nostr_relay.db`
### Backup Database
```bash
sudo cp /opt/c-relay/db/c_nostr_relay.db /opt/c-relay/db/backup-$(date +%Y%m%d).db
```
### Reset Database
```bash
sudo systemctl stop c-relay
sudo rm /opt/c-relay/db/c_nostr_relay.db*
sudo systemctl start c-relay
```
## Updating the Service
### Update Binary
1. Build new version: `make`
2. Stop service: `sudo systemctl stop c-relay`
3. Replace binary: `sudo cp build/c_relay_x86 /opt/c-relay/`
4. Set permissions: `sudo chown c-relay:c-relay /opt/c-relay/c_relay_x86`
5. Start service: `sudo systemctl start c-relay`
### Update Service File
1. Stop service: `sudo systemctl stop c-relay`
2. Copy new service file: `sudo cp systemd/c-relay.service /etc/systemd/system/`
3. Reload systemd: `sudo systemctl daemon-reload`
4. Start service: `sudo systemctl start c-relay`
## Uninstallation
Run the uninstall script to completely remove the service:
```bash
sudo ./systemd/uninstall-systemd.sh
```
This will:
- Stop and disable the service
- Remove the systemd service file
- Optionally remove the installation directory
- Optionally remove the `c-relay` user account
## Troubleshooting
### Service Won't Start
```bash
# Check detailed status
sudo systemctl status c-relay -l
# Check logs for errors
sudo journalctl -u c-relay --no-pager -l
```
### Permission Issues
```bash
# Fix ownership of installation directory
sudo chown -R c-relay:c-relay /opt/c-relay
# Ensure binary is executable
sudo chmod +x /opt/c-relay/c_relay_x86
```
### Port Already in Use
```bash
# Check what's using port 8888
sudo netstat -tulpn | grep :8888
# Or with ss command
sudo ss -tulpn | grep :8888
```
### Database Issues
```bash
# Check database file permissions
ls -la /opt/c-relay/db/
# Check database integrity
sudo -u c-relay sqlite3 /opt/c-relay/db/c_nostr_relay.db "PRAGMA integrity_check;"
```
## Custom Configuration
For advanced configurations, you can:
1. Modify the service file for different ports or settings
2. Use environment files: `/etc/systemd/system/c-relay.service.d/override.conf`
3. Configure log rotation with journald settings
4. Set up reverse proxy (nginx/apache) for HTTPS support
## Security Considerations
- The service runs as a non-root user with minimal privileges
- Database directory is only writable by the c-relay user
- Consider firewall rules for the relay port
- For internet-facing relays, use reverse proxy with SSL/TLS
- Monitor logs for suspicious activity
Reference in New Issue View Git Blame Copy Permalink