Files
floonet-strfry/deploy/strfry/strfry.conf
T
2ro 868cc84b20 floonet-strfry: raise strfry maxEventSize to 131072
Match the advertised maxWebsocketPayloadSize so a maximum-size NIP-59
gift-wrapped slatepack payment (~66 KiB worst case) is accepted; the old
64 KiB cap could silently reject the largest payments on the money path.
2026-07-03 03:20:48 -04:00

135 lines
4.5 KiB
Plaintext

##
## floonet-strfry relay configuration.
##
## strfry (https://github.com/hoytech/strfry) is a high-performance C++/LMDB
## relay. strfry core ships stock; all Floonet policy lives in the write
## policy plugin (plugin/floonet_writepolicy.py), which enforces a
## default-deny kind whitelist and the optional auth and paid-write gates.
## The plugin reads its configuration from environment variables set on the
## strfry process (see .env.example at the repo root).
##
# Directory that contains the strfry LMDB database. Mounted as a volume so
# the data survives container restarts.
db = "/strfry-db/"
dbParams {
maxreaders = 256
# 10 TB virtual mmap; does NOT preallocate disk.
mapsize = 10995116277760
noReadAhead = false
}
events {
# Reject oversized events. 128 KiB matches maxWebsocketPayloadSize below and
# fits a maximum-size NIP-59 gift-wrapped slatepack payment (~66 KiB worst
# case per the wallet's relay research), which the old 64 KiB cap could
# silently reject.
maxEventSize = 131072
# Clock-skew tolerance for future-dated events. NIP-59 gift wraps tweak
# created_at backwards (up to ~2 days), so they are unaffected by the
# future bound; keep it tight (the strfry default) to limit future-dated
# spam and replaceable-event games.
rejectEventsNewerThanSeconds = 900
# Accept back-dated events for a long window; gift-wrap timestamp
# tweaking stays far inside this (~3 years).
rejectEventsOlderThanSeconds = 94608000
rejectEphemeralEventsOlderThanSeconds = 60
ephemeralEventsLifetimeSeconds = 300
maxNumTags = 2000
maxTagValSize = 1024
}
relay {
# Listen on all interfaces inside the container; the reverse proxy in
# front is the only thing that reaches it.
bind = "0.0.0.0"
port = 7777
nofiles = 524288
# The reverse proxy (Caddy/nginx) sets this from the real client address.
# Used for logging and any IP-based policy.
realIpHeader = "x-real-ip"
auth {
# NIP-42 authentication. OFF by default: wallets publish and read
# gift wraps without authenticating. To require AUTH before writes,
# set enabled = true here AND FLOONET_REQUIRE_AUTH=true in the
# environment (the plugin enforces; strfry only issues challenges).
enabled = false
serviceUrl = ""
}
info {
# NIP-11 relay information document, served on GET / with
# `Accept: application/nostr+json`. Deliberately neutral: this
# metadata says nothing about what clients exchange over the relay.
# `nips` empty = advertise strfry's built-in supported NIPs;
# `software`/`version` are filled automatically.
name = "Floonet Relay"
description = "A strfry Floonet relay for the Grin community Nostr network."
pubkey = ""
contact = ""
# The bundled proxy serves the Floonet logo at /floonet-logo.svg.
# Set to your own domain, e.g. "https://your.domain/floonet-logo.svg".
icon = ""
nips = ""
}
maxWebsocketPayloadSize = 131072
maxReqFilterSize = 200
autoPingSeconds = 55
enableTcpKeepalive = true
queryTimesliceBudgetMicroseconds = 10000
# Plenty for a wallet's gift-wrap history scan; bounds a single REQ's work.
maxFilterLimit = 500
# A wallet keeps one live subscription plus a few one-shot fetches. Cap
# low so an unauthenticated client cannot open a flood of scanning subs.
maxSubsPerConnection = 20
maxPendingOutboundBytes = 33554432
writePolicy {
# The Floonet policy plugin: default-deny kind whitelist plus the
# optional NIP-42 and paid-write gates. Configured via FLOONET_*
# environment variables (see the plugin header and .env.example).
plugin = "/usr/local/bin/floonet_writepolicy.py"
timeoutSeconds = 10
}
compression {
enabled = true
slidingWindow = true
}
logging {
dumpInAll = false
dumpInEvents = false
dumpInReqs = false
dbScanPerf = false
invalidEvents = true
}
numThreads {
ingester = 3
reqWorker = 3
reqMonitor = 3
negentropy = 2
}
negentropy {
# Set reconciliation (NIP-77) so community mirrors can sync cheaply.
enabled = true
maxSyncEvents = 1000000
}
filterValidation {
# Leave OFF: wallets legitimately query several kinds in one filter,
# which strict validation (maxKindsPerFilter) would reject. Stored
# kinds are restricted by the write policy above.
enabled = false
}
}