Files
2ro 8a97fc0394
Test and build / test_floonet-rs (push) Has been cancelled
floonet-rs: whitelist the marketplace kind set
Extend the default-deny admission whitelist from the Goblin-wallet-only
kinds to the union with Magick Market so one relay serves both apps, matching
floonet-strfry. Adds 1 note, 7 reaction, 14/16/17 order+receipt (Gamma),
1111 comment, 10000 mute/blacklist, 24133 remote signing, 30000/30003
NIP-51 sets, 30078 app data, 30402/30405/30406 listing/collection/shipping,
31990 handler info. Keeps the Goblin base including 13 seal and 27235
NIP-98. DEFAULT_ALLOWED_KINDS, config.toml, and tests updated together.
2026-07-02 22:19:36 -04:00

234 lines
8.1 KiB
TOML

# floonet-rs relay configuration.
#
# Every setting shown commented-out is the built-in default. The shipped
# defaults give you a hardened Floonet relay: a default-deny event kind
# whitelist, neutral public metadata, and everything paid switched off.
[info]
# The advertised URL for the Nostr websocket. Set this to your public
# wss:// address; NIP-42 auth validates against it.
relay_url = "wss://relay.example.com/"
# Relay information for clients (NIP-11). Keep these neutral: the public
# relay metadata says nothing about payments, by design.
name = "floonet-rs-relay"
description = "A Floonet relay for the Grin community Nostr network."
# Administrative contact pubkey (32-byte hex, not npub)
#pubkey = "0c2d168a4ae8ca58c9f1ab237b5df682599c6c7ab74307ea8b05684b60405d41"
# Administrative contact URI
#contact = "mailto:contact@example.com"
# Favicon location, relative to the current directory (ICO format).
#favicon = "favicon.ico"
# URL of the relay's icon.
#relay_icon = "https://example.com/img.png"
# Path to a custom relay html landing page. When unset, the relay serves
# a neutral Floonet page with the Floonet logo.
#relay_page = "index.html"
[database]
# Database engine (sqlite/postgres). Defaults to sqlite. The built-in
# name authority requires sqlite.
#engine = "sqlite"
# Directory for SQLite files.
data_directory = "/var/lib/floonet-rs"
# Database connection pool settings for subscribers:
#min_conn = 0
#max_conn = 8
[logging]
# Directory to store log files. Log files roll over daily.
#folder_path = "./log"
#file_prefix = "floonet-rs"
[grpc]
# gRPC extension point for externalized event admission (see
# proto/nauthz.proto). Optional; the built-in admission layer already
# enforces the kind whitelist and auth policies.
#event_admission_server = "http://[::1]:50051"
#restricts_write = true
[network]
# Bind to this network address. Keep loopback and put a reverse proxy
# (Caddy/nginx) in front for TLS; see deploy/Caddyfile.
address = "127.0.0.1"
# Listen on this port
port = 8080
# Read the real client IP from this header. LOAD-BEARING behind a
# reverse proxy: per-IP rate limits key off it.
remote_ip_header = "x-real-ip"
[options]
# Reject events with timestamps too far in the future, in seconds.
reject_future_seconds = 1800
[limits]
# Limit events created per second (server-wide, averaged over a minute).
messages_per_sec = 5
# Limit client subscriptions created per minute.
subscriptions_per_min = 30
# Maximum size of an EVENT message in bytes. Keep this large enough for
# gift-wrapped payloads (the default 256 KB is safe).
#max_event_bytes = 262144
# THE KEYSTONE: default-deny event kind whitelist. The relay accepts
# ONLY these kinds and rejects everything else. Removing the line
# entirely keeps this exact built-in set (never allow-all); an empty
# list denies everything. The set is the union of the two apps this
# relay serves (Goblin wallet + Magick Market marketplace).
#
# Goblin wallet:
# 0 profile metadata 10002 relay list (NIP-65)
# 3 contacts 10050 DM relays (NIP-17)
# 5 delete (NIP-09) 27235 HTTP auth (NIP-98, name authority)
# 13 seal (NIP-59)
# 1059 gift wrap (NIP-59)
#
# Magick Market marketplace:
# 1 text note (NIP-01) 30000 people set (NIP-51)
# 7 reaction (NIP-25) 30003 bookmark set (NIP-51)
# 14 order chat (Gamma) 30078 app data: cart/prefs (NIP-78)
# 16 order status (Gamma) 30402 product listing (NIP-99)
# 17 payment receipt (Gamma) 30405 product collection (Gamma)
# 1111 comment (NIP-22) 30406 shipping option (Gamma)
# 10000 mute/blacklist (NIP-51) 31990 handler info (NIP-89)
# 24133 remote signing (NIP-46)
event_kind_allowlist = [
0, 1, 3, 5, 7, 13, 14, 16, 17, 1059, 1111, 10000, 10002, 10050, 24133,
27235, 30000, 30003, 30078, 30402, 30405, 30406, 31990,
]
# Rejects imprecise requests (kind-only or author-only scrapes).
limit_scrapers = false
[authorization]
# Restrict event publishing to these authors (32-byte hex pubkeys).
#pubkey_whitelist = [
# "35d26e4690cbe1a898af61cc3515661eb5fa763b57bd0b42e45099c8b32fd50f",
#]
# Enable NIP-42 authentication (the relay sends an AUTH challenge).
#nip42_auth = false
# Send gift wraps and DMs only to their authenticated recipients.
#nip42_dms = false
# With nip42_auth on, refuse writes from clients that have not
# completed AUTH (they receive an `auth-required:` OK message).
#require_auth_to_write = false
[goblinpay]
# Charge GRIN for relay uses via a GoblinPay server. Modes:
# "off" everything is free (default)
# "name" claiming a name at the built-in name authority requires a
# confirmed Grin payment
# "write" publishing events requires a paid admission
# The same keys are readable from the environment instead:
# FLOONET_PAY_MODE, FLOONET_GOBLINPAY_URL, FLOONET_GOBLINPAY_TOKEN,
# FLOONET_NAME_PRICE_GRIN.
#pay_mode = "off"
# Your GoblinPay server and its API token (GP_API_TOKEN). Keep this file
# unreadable to other users (chmod 0600) when a token is set, or pass
# the token via FLOONET_GOBLINPAY_TOKEN.
#url = "https://pay.example.com"
#api_token = ""
# Prices in GRIN, editable any time.
#name_price_grin = 1.0
#admission_price_grin = 1.0
[name_authority]
# The built-in name authority: name@domain NIP-05 identities with
# NIP-98 authenticated self-service registration, served on this relay's
# own listener (/.well-known/nostr.json and /api/v1/*).
#enabled = false
# The bare host names live under (the `@domain` part) and the public
# base URL clients reach. base_url is LOAD-BEARING: NIP-98 auth events
# are verified against it, so it must be https:// and match what
# clients actually use.
#domain = "example.com"
#base_url = "https://example.com"
# Relays advertised in /.well-known/nostr.json. Defaults to this
# relay's own relay_url.
#relays = ["wss://relay.example.com"]
# Name policy.
#name_min = 3
#name_max = 20
#name_change_cooldown_secs = 600
# NIP-98 freshness bound in seconds (with one-time-use replay guard).
#auth_max_age_secs = 60
# Per-IP rate limits (requests per window, window in seconds).
#read_rate_max = 120
#read_rate_window_secs = 60
#write_rate_max = 10
#write_rate_window_secs = 3600
# Optional file of extra reserved names (one per line, # comments).
# The built-in generic list and your own domain labels are always
# reserved, including digit/separator look-alikes.
#reserved_file = "/etc/floonet-rs/reserved"
[exit]
# Co-located mixnet exit. When enabled the relay runs the bundled
# floonet-mixexit binary next to itself: an ordinary unbonded mixnet
# client that forwards every accepted stream to ONE fixed upstream (your
# relay), never a caller-chosen target, so it is structurally not an
# open proxy. Wallets can then reach this relay over the mixnet with no
# public DNS on the payment path; they fall back to the public mixnet
# route when the exit is down.
#enabled = false
# Path to the bundled floonet-mixexit binary.
#binary = "/usr/local/bin/floonet-mixexit"
# Data dir for the persistent mixnet identity. The exit's STABLE mixnet
# address is printed at startup and written to <data_dir>/nym_address.txt;
# publish it (for example in the Floonet relay pool `exit` field) so
# wallets can prefer this exit. Back the directory up: losing it rotates
# the address.
#data_dir = "/var/lib/floonet-rs/mixexit"
# Upstream the exit pipes every stream to. Point it at your PUBLIC TLS
# endpoint so wallets get your real certificate through the mixnet.
# Empty means this relay's local listener (no TLS).
#upstream = "relay.example.com:443"
[verified_users]
# NIP-05 verification of users (upstream feature; the built-in name
# authority is separate). "enabled" enforces, "passive" observes,
# "disabled" does nothing.
#mode = "disabled"
[pay_to_relay]
# Upstream pay-to-relay admission. You normally do NOT edit this
# section: setting goblinpay.pay_mode = "write" configures it for
# GoblinPay automatically. It remains available for operators who want
# the upstream Lightning processors instead.
#enabled = false
#processor = "GoblinPay"
#admission_cost = 1000000000
#cost_per_event = 0
#node_url = ""
#api_secret = ""
#sign_ups = false
#direct_message = false
#terms_message = """
#Use this relay lawfully and without abuse.
#"""