lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity

feat: add Nostr VPN, FIPS, Routstr apps with status UIs

Browse Source 
Add three new marketplace apps:
- Routstr (v0.4.3): Decentralized AI inference proxy with Cashu payments
- Nostr VPN (v0.3.4): Mesh VPN with Nostr signaling + WireGuard tunnels
- FIPS (v0.1.0): Self-organizing encrypted mesh network

Includes status UI dashboards for headless apps (nostr-vpn-ui, fips-ui)
with usage instructions, node identity display, and container logs.
Nostr identity injected via env vars for all three apps.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dorian 2026-04-03 05:06:45 +01:00
parent 0fca903188
commit 3e3dfafdfc
13 changed files with 563 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/archipelago/src/api/rpc/package/config.rs
View File

@ -359,8 +359,8 @@ pub(super) fn all_container_names(package_id: &str) -> Vec<String> {
"penpot-postgres".into(), "penpot-valkey".into(),
"penpot-backend".into(), "penpot-exporter".into(), "penpot-frontend".into(),
],
"nostr-vpn" => vec!["nostr-vpn".into(), "archy-nostr-vpn".into()],
"fips" => vec!["fips".into(), "archy-fips".into()],
"nostr-vpn" => vec!["nostr-vpn".into(), "archy-nostr-vpn".into(), "archy-nostr-vpn-ui".into()],
"fips" => vec!["fips".into(), "archy-fips".into(), "archy-fips-ui".into()],
"routstr" => vec!["routstr".into(), "archy-routstr".into()],
// Default: exact name + archy- prefix
_ => vec![base, archy],

6
core/archipelago/src/api/rpc/package/install.rs
View File

@ -861,6 +861,12 @@ autopilot.active=false\n",
"electrumx" | "electrs" | "mempool-electrs" => {
vec![("archy-electrs-ui", "/opt/archipelago/docker/electrs-ui", "electrs-ui")]
}
"nostr-vpn" => {
vec![("archy-nostr-vpn-ui", "/opt/archipelago/docker/nostr-vpn-ui", "nostr-vpn-ui")]
}
"fips" => {
vec![("archy-fips-ui", "/opt/archipelago/docker/fips-ui", "fips-ui")]
}
_ => vec![],
};

10
docker/fips-ui/Dockerfile Normal file
View File

@ -0,0 +1,10 @@
FROM 80.71.235.15:3000/archipelago/nginx:1.27.4-alpine
COPY index.html /usr/share/nginx/html/
COPY nginx.conf /etc/nginx/conf.d/default.conf
RUN sed -i 's/^user nginx;/user root;/' /etc/nginx/nginx.conf && \
mkdir -p /var/cache/nginx/client_temp /var/cache/nginx/proxy_temp \
/var/cache/nginx/fastcgi_temp /var/cache/nginx/uwsgi_temp \
/var/cache/nginx/scgi_temp
EXPOSE 8202
ENTRYPOINT []
CMD ["nginx", "-g", "daemon off;"]

236
docker/fips-ui/index.html Normal file
View File

@ -0,0 +1,236 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
<title>FIPS - Archipelago</title>
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }
body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; min-height: 100vh; color: white; overflow-x: hidden; }
.bg-layer { position: fixed; inset: 0; z-index: -10; background: linear-gradient(135deg, rgba(5,20,15,0.95) 0%, rgba(10,30,25,0.98) 50%, rgba(5,15,20,0.95) 100%); }
.overlay { position: fixed; inset: 0; background: rgba(0, 0, 0, 0.7); z-index: -5; }
.glass-card { background: rgba(0, 0, 0, 0.5); backdrop-filter: blur(24px); -webkit-backdrop-filter: blur(24px); border-radius: 1rem; border: 1px solid rgba(255, 255, 255, 0.12); transform: translateZ(0); isolation: isolate; }
.info-card { background: rgba(255, 255, 255, 0.05); border-radius: 12px; padding: 12px; border: 1px solid rgba(255, 255, 255, 0.08); }
.container { max-width: 56rem; margin: 0 auto; padding: 1.5rem; }
.flex { display: flex; } .flex-col { flex-direction: column; } .items-center { align-items: center; }
.gap-3 { gap: 0.75rem; } .gap-4 { gap: 1rem; } .flex-1 { flex: 1; } .flex-shrink-0 { flex-shrink: 0; }
.mb-2 { margin-bottom: 0.5rem; } .mb-4 { margin-bottom: 1rem; } .mb-6 { margin-bottom: 1.5rem; }
.p-5 { padding: 1.25rem; } .p-6 { padding: 1.5rem; }
.grid { display: grid; } .grid-cols-2 { grid-template-columns: repeat(2, 1fr); } .grid-cols-3 { grid-template-columns: repeat(3, 1fr); }
.text-xs { font-size: 0.75rem; } .text-sm { font-size: 0.875rem; } .text-lg { font-size: 1.125rem; }
.text-xl { font-size: 1.25rem; } .text-2xl { font-size: 1.5rem; }
.font-bold { font-weight: 700; } .font-semibold { font-weight: 600; } .font-medium { font-weight: 500; } .font-mono { font-family: monospace; }
.text-white-70 { color: rgba(255,255,255,0.7); } .text-white-60 { color: rgba(255,255,255,0.6); } .text-white-50 { color: rgba(255,255,255,0.5); }
.text-emerald { color: #34d399; } .text-green { color: #4ade80; } .text-yellow { color: #fbbf24; } .text-red { color: #f87171; }
.justify-between { justify-content: space-between; }
.status-dot { width: 0.75rem; height: 0.75rem; border-radius: 9999px; }
.bg-green { background: #4ade80; } .bg-yellow { background: #fbbf24; } .bg-red { background: #f87171; }
@keyframes pulse { 0%, 100% { opacity: 1; } 50% { opacity: 0.5; } }
.animate-pulse { animation: pulse 2s cubic-bezier(0.4, 0, 0.6, 1) infinite; }
.icon-box { width: 3.5rem; height: 3.5rem; border-radius: 0.75rem; background: rgba(52, 211, 153, 0.15); display: flex; align-items: center; justify-content: center; }
.step { display: flex; gap: 1rem; align-items: flex-start; }
.step-num { width: 2rem; height: 2rem; border-radius: 50%; background: rgba(52, 211, 153, 0.2); border: 1px solid rgba(52, 211, 153, 0.4); display: flex; align-items: center; justify-content: center; font-size: 0.875rem; font-weight: 700; color: #34d399; flex-shrink: 0; }
.copy-btn { padding: 0.5rem 0.625rem; background: none; border: none; border-left: 1px solid rgba(255,255,255,0.1); cursor: pointer; color: rgba(255,255,255,0.4); transition: all 0.2s ease; display: flex; align-items: center; }
.copy-btn:hover { color: rgba(255,255,255,0.8); background: rgba(255,255,255,0.05); }
.copy-btn.copied { color: #4ade80; }
.field-row { display: flex; align-items: center; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.1); border-radius: 0.5rem; overflow: hidden; }
.field-value { flex: 1; padding: 0.625rem 0.875rem; font-family: monospace; font-size: 0.8125rem; color: rgba(255,255,255,0.9); white-space: nowrap; overflow: hidden; text-overflow: ellipsis; }
.field-label { font-size: 0.6875rem; font-weight: 600; text-transform: uppercase; letter-spacing: 0.05em; color: rgba(255,255,255,0.4); margin-bottom: 0.375rem; }
.feature-icon { width: 2.5rem; height: 2.5rem; border-radius: 0.5rem; background: rgba(52, 211, 153, 0.1); display: flex; align-items: center; justify-content: center; flex-shrink: 0; }
@media (max-width: 640px) { .grid-cols-2 { grid-template-columns: 1fr; } .grid-cols-3 { grid-template-columns: 1fr; } }
</style>
</head>
<body>
<div class="bg-layer"></div>
<div class="overlay"></div>
<div class="container">
<!-- Header -->
<div class="glass-card p-6 mb-6">
<div class="flex items-center gap-4">
<div class="icon-box flex-shrink-0">
<svg style="width:1.75rem;height:1.75rem;color:#34d399" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M21 12a9 9 0 01-9 9m9-9a9 9 0 00-9-9m9 9H3m9 9a9 9 0 01-9-9m9 9c1.657 0 3-4.03 3-9s-1.343-9-3-9m0 18c-1.657 0-3-4.03-3-9s1.343-9 3-9m-9 9a9 9 0 019-9" />
</svg>
</div>
<div class="flex-1">
<div class="flex items-center gap-3">
<h1 class="text-2xl font-bold">FIPS</h1>
<span class="text-xs text-white-50">v0.1.0</span>
</div>
<p class="text-white-60 text-sm">Free Internetworking Peering System</p>
</div>
<div class="info-card flex items-center gap-3">
<div id="statusDot" class="status-dot bg-yellow animate-pulse"></div>
<div>
<p class="text-xs text-white-50">Status</p>
<p class="text-sm font-medium" id="statusText">Checking...</p>
</div>
</div>
</div>
</div>
<!-- What It Does -->
<div class="glass-card p-5 mb-6">
<h2 class="text-lg font-semibold mb-4" style="color:#34d399">What is FIPS?</h2>
<p class="text-white-70 text-sm mb-4" style="line-height:1.6">
FIPS is a <strong style="color:white">self-organizing encrypted mesh network</strong>. Each node gets a
<strong style="color:white">secp256k1 keypair</strong> (same as Nostr/Bitcoin) that serves as its identity.
Nodes discover each other, negotiate encryption using the <strong style="color:white">Noise protocol</strong>,
and route traffic without any central authority. A virtual network interface (<code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">fips0</code>)
lets unmodified applications — SSH, web browsers, anything — communicate transparently over the mesh.
Think of it as <strong style="color:white">a new internet layer, built on cryptographic identity</strong>.
</p>
<div class="grid grid-cols-3 gap-3">
<div class="info-card flex items-center gap-3">
<div class="feature-icon">
<svg style="width:1.25rem;height:1.25rem;color:#34d399" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 3v2m6-2v2M9 19v2m6-2v2M5 9H3m2 6H3m18-6h-2m2 6h-2M7 19h10a2 2 0 002-2V7a2 2 0 00-2-2H7a2 2 0 00-2 2v10a2 2 0 002 2zM9 9h6v6H9V9z"/></svg>
</div>
<div>
<p class="text-sm font-medium">Zero Config</p>
<p class="text-xs text-white-50">Self-organizing mesh</p>
</div>
</div>
<div class="info-card flex items-center gap-3">
<div class="feature-icon">
<svg style="width:1.25rem;height:1.25rem;color:#34d399" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 15v2m-6 4h12a2 2 0 002-2v-6a2 2 0 00-2-2H6a2 2 0 00-2 2v6a2 2 0 002 2zm10-10V7a4 4 0 00-8 0v4h8z"/></svg>
</div>
<div>
<p class="text-sm font-medium">End-to-End Encrypted</p>
<p class="text-xs text-white-50">Noise IK + XK protocols</p>
</div>
</div>
<div class="info-card flex items-center gap-3">
<div class="feature-icon">
<svg style="width:1.25rem;height:1.25rem;color:#34d399" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M3.055 11H5a2 2 0 012 2v1a2 2 0 002 2 2 2 0 012 2v2.945M8 3.935V5.5A2.5 2.5 0 0010.5 8h.5a2 2 0 012 2 2 2 0 104 0 2 2 0 012-2h1.064M15 20.488V18a2 2 0 012-2h3.064"/></svg>
</div>
<div>
<p class="text-sm font-medium">Multi-Transport</p>
<p class="text-xs text-white-50">UDP, TCP, Tor, BLE</p>
</div>
</div>
</div>
</div>
<!-- Node Identity -->
<div class="glass-card p-5 mb-6">
<h2 class="text-lg font-semibold mb-4" style="color:#34d399">Node Identity</h2>
<p class="text-white-60 text-sm mb-4">Your node's Nostr public key doubles as its FIPS mesh address. Share with peers to connect.</p>
<div class="grid grid-cols-2 gap-3 mb-4">
<div>
<div class="field-label">Nostr Public Key (npub)</div>
<div class="field-row">
<span class="field-value" id="npub">Loading...</span>
<button class="copy-btn" onclick="copyField('npub', this)" title="Copy">
<svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24"><rect x="9" y="9" width="13" height="13" rx="2" ry="2" stroke-width="2"/><path d="M5 15H4a2 2 0 01-2-2V4a2 2 0 012-2h9a2 2 0 012 2v1" stroke-width="2"/></svg>
</button>
</div>
</div>
<div>
<div class="field-label">Mesh Ports</div>
<div class="field-row">
<span class="field-value">UDP 2121 / TCP 8443</span>
<button class="copy-btn" onclick="copyText('2121', this)" title="Copy">
<svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24"><rect x="9" y="9" width="13" height="13" rx="2" ry="2" stroke-width="2"/><path d="M5 15H4a2 2 0 01-2-2V4a2 2 0 012-2h9a2 2 0 012 2v1" stroke-width="2"/></svg>
</button>
</div>
</div>
</div>
</div>
<!-- How to Use -->
<div class="glass-card p-5 mb-6">
<h2 class="text-lg font-semibold mb-4" style="color:#34d399">How to Use</h2>
<div class="flex flex-col gap-4">
<div class="step">
<div class="step-num">1</div>
<div>
<p class="text-sm font-semibold mb-2">Install FIPS on your other devices</p>
<p class="text-xs text-white-60" style="line-height:1.5">Download <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">fips</code> from <a href="https://github.com/jmcorgan/fips" style="color:#34d399;text-decoration:underline" target="_blank">GitHub</a>. Build with <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">cargo build --release</code> (requires Rust 1.85+).</p>
</div>
</div>
<div class="step">
<div class="step-num">2</div>
<div>
<p class="text-sm font-semibold mb-2">Configure peers in fips.yaml</p>
<p class="text-xs text-white-60" style="line-height:1.5">Edit <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">/etc/fips/fips.yaml</code> on each device. Add your Archipelago node's IP and port as a peer. The node's npub above is its identity on the mesh.</p>
</div>
</div>
<div class="step">
<div class="step-num">3</div>
<div>
<p class="text-sm font-semibold mb-2">Start the daemon and connect</p>
<p class="text-xs text-white-60" style="line-height:1.5">Run <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">fips --config /etc/fips/fips.yaml</code>. A <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">fips0</code> virtual interface appears. Use <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">fipsctl show peers</code> to see connected nodes. You can now SSH, browse, or run any IP app over the encrypted mesh using <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">.fips</code> DNS names.</p>
</div>
</div>
</div>
</div>
<!-- Container Logs -->
<div class="glass-card p-5">
<h2 class="text-lg font-semibold mb-4" style="color:#34d399">Container Logs</h2>
<div id="logs" style="background:rgba(0,0,0,0.4);border-radius:0.5rem;padding:0.75rem;font-family:monospace;font-size:0.75rem;color:rgba(255,255,255,0.6);max-height:200px;overflow-y:auto;line-height:1.6">
Fetching logs...
</div>
</div>
</div>
<script>
var COPY_SVG = '<svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24"><rect x="9" y="9" width="13" height="13" rx="2" ry="2" stroke-width="2"/><path d="M5 15H4a2 2 0 01-2-2V4a2 2 0 012-2h9a2 2 0 012 2v1" stroke-width="2"/></svg>';
var CHECK_SVG = '<svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M5 13l4 4L19 7"/></svg>';
function flashCopied(btn) { btn.classList.add('copied'); var o = btn.innerHTML; btn.innerHTML = CHECK_SVG; setTimeout(function() { btn.classList.remove('copied'); btn.innerHTML = o; }, 1500); }
function copyField(id, btn) { var t = document.getElementById(id).textContent.trim(); if (!t || t === 'Loading...') return; navigator.clipboard.writeText(t).then(function() { flashCopied(btn); }); }
function copyText(text, btn) { navigator.clipboard.writeText(text).then(function() { flashCopied(btn); }); }
async function fetchNodeIdentity() {
try {
var resp = await fetch('/rpc/', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'node.nostr-pubkey', params: {} }) });
var data = await resp.json();
if (data.result && data.result.npub) {
document.getElementById('npub').textContent = data.result.npub;
} else if (data.result && data.result.pubkey) {
document.getElementById('npub').textContent = data.result.pubkey;
}
} catch(e) { document.getElementById('npub').textContent = 'Unavailable'; }
}
async function fetchStatus() {
try {
var resp = await fetch('/rpc/', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'package.info', params: { id: 'fips' } }) });
var data = await resp.json();
var dot = document.getElementById('statusDot');
var txt = document.getElementById('statusText');
if (data.result && data.result.state === 'running') {
dot.className = 'status-dot bg-green'; txt.textContent = 'Running';
} else if (data.result && data.result.state === 'stopped') {
dot.className = 'status-dot bg-red'; txt.textContent = 'Stopped';
} else {
dot.className = 'status-dot bg-yellow animate-pulse'; txt.textContent = data.result ? data.result.state : 'Unknown';
}
} catch(e) { /* keep checking */ }
}
async function fetchLogs() {
try {
var resp = await fetch('/api/container/logs?app_id=fips&lines=30');
if (resp.ok) {
var data = await resp.json();
var logs = data.logs || data.stdout || '';
if (typeof logs === 'object') logs = JSON.stringify(logs);
document.getElementById('logs').textContent = logs || 'No logs available yet.';
var el = document.getElementById('logs');
el.scrollTop = el.scrollHeight;
}
} catch(e) { document.getElementById('logs').textContent = 'Waiting for container...'; }
}
fetchNodeIdentity();
fetchStatus();
fetchLogs();
setInterval(fetchStatus, 10000);
setInterval(fetchLogs, 15000);
</script>
</body>
</html>

11
docker/fips-ui/nginx.conf Normal file
View File

@ -0,0 +1,11 @@
server {
listen 8202;
server_name _;
root /usr/share/nginx/html;
index index.html;
location / {
try_files $uri $uri/ /index.html;
}
}

10
docker/nostr-vpn-ui/Dockerfile Normal file
View File

@ -0,0 +1,10 @@
FROM 80.71.235.15:3000/archipelago/nginx:1.27.4-alpine
COPY index.html /usr/share/nginx/html/
COPY nginx.conf /etc/nginx/conf.d/default.conf
RUN sed -i 's/^user nginx;/user root;/' /etc/nginx/nginx.conf && \
mkdir -p /var/cache/nginx/client_temp /var/cache/nginx/proxy_temp \
/var/cache/nginx/fastcgi_temp /var/cache/nginx/uwsgi_temp \
/var/cache/nginx/scgi_temp
EXPOSE 8201
ENTRYPOINT []
CMD ["nginx", "-g", "daemon off;"]

232
docker/nostr-vpn-ui/index.html Normal file
View File

@ -0,0 +1,232 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
<title>Nostr VPN - Archipelago</title>
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }
body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; min-height: 100vh; color: white; overflow-x: hidden; }
.bg-layer { position: fixed; inset: 0; z-index: -10; background: linear-gradient(135deg, rgba(10,5,30,0.95) 0%, rgba(20,10,50,0.98) 50%, rgba(5,15,35,0.95) 100%); }
.overlay { position: fixed; inset: 0; background: rgba(0, 0, 0, 0.7); z-index: -5; }
.glass-card { background: rgba(0, 0, 0, 0.5); backdrop-filter: blur(24px); -webkit-backdrop-filter: blur(24px); border-radius: 1rem; border: 1px solid rgba(255, 255, 255, 0.12); transform: translateZ(0); isolation: isolate; }
.info-card { background: rgba(255, 255, 255, 0.05); border-radius: 12px; padding: 12px; border: 1px solid rgba(255, 255, 255, 0.08); }
.container { max-width: 56rem; margin: 0 auto; padding: 1.5rem; }
.flex { display: flex; } .flex-col { flex-direction: column; } .items-center { align-items: center; }
.gap-3 { gap: 0.75rem; } .gap-4 { gap: 1rem; } .flex-1 { flex: 1; } .flex-shrink-0 { flex-shrink: 0; }
.mb-2 { margin-bottom: 0.5rem; } .mb-4 { margin-bottom: 1rem; } .mb-6 { margin-bottom: 1.5rem; }
.p-5 { padding: 1.25rem; } .p-6 { padding: 1.5rem; }
.grid { display: grid; } .grid-cols-2 { grid-template-columns: repeat(2, 1fr); } .grid-cols-3 { grid-template-columns: repeat(3, 1fr); }
.text-xs { font-size: 0.75rem; } .text-sm { font-size: 0.875rem; } .text-lg { font-size: 1.125rem; }
.text-xl { font-size: 1.25rem; } .text-2xl { font-size: 1.5rem; }
.font-bold { font-weight: 700; } .font-semibold { font-weight: 600; } .font-medium { font-weight: 500; } .font-mono { font-family: monospace; }
.text-white-70 { color: rgba(255,255,255,0.7); } .text-white-60 { color: rgba(255,255,255,0.6); } .text-white-50 { color: rgba(255,255,255,0.5); }
.text-purple { color: #a78bfa; } .text-green { color: #4ade80; } .text-yellow { color: #fbbf24; } .text-red { color: #f87171; }
.justify-between { justify-content: space-between; }
.status-dot { width: 0.75rem; height: 0.75rem; border-radius: 9999px; }
.bg-green { background: #4ade80; } .bg-yellow { background: #fbbf24; } .bg-red { background: #f87171; }
@keyframes pulse { 0%, 100% { opacity: 1; } 50% { opacity: 0.5; } }
.animate-pulse { animation: pulse 2s cubic-bezier(0.4, 0, 0.6, 1) infinite; }
.icon-box { width: 3.5rem; height: 3.5rem; border-radius: 0.75rem; background: rgba(167, 139, 250, 0.15); display: flex; align-items: center; justify-content: center; }
.step { display: flex; gap: 1rem; align-items: flex-start; }
.step-num { width: 2rem; height: 2rem; border-radius: 50%; background: rgba(167, 139, 250, 0.2); border: 1px solid rgba(167, 139, 250, 0.4); display: flex; align-items: center; justify-content: center; font-size: 0.875rem; font-weight: 700; color: #a78bfa; flex-shrink: 0; }
.copy-btn { padding: 0.5rem 0.625rem; background: none; border: none; border-left: 1px solid rgba(255,255,255,0.1); cursor: pointer; color: rgba(255,255,255,0.4); transition: all 0.2s ease; display: flex; align-items: center; }
.copy-btn:hover { color: rgba(255,255,255,0.8); background: rgba(255,255,255,0.05); }
.copy-btn.copied { color: #4ade80; }
.field-row { display: flex; align-items: center; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.1); border-radius: 0.5rem; overflow: hidden; }
.field-value { flex: 1; padding: 0.625rem 0.875rem; font-family: monospace; font-size: 0.8125rem; color: rgba(255,255,255,0.9); white-space: nowrap; overflow: hidden; text-overflow: ellipsis; }
.field-label { font-size: 0.6875rem; font-weight: 600; text-transform: uppercase; letter-spacing: 0.05em; color: rgba(255,255,255,0.4); margin-bottom: 0.375rem; }
.feature-icon { width: 2.5rem; height: 2.5rem; border-radius: 0.5rem; background: rgba(167, 139, 250, 0.1); display: flex; align-items: center; justify-content: center; flex-shrink: 0; }
@media (max-width: 640px) { .grid-cols-2 { grid-template-columns: 1fr; } .grid-cols-3 { grid-template-columns: 1fr; } }
</style>
</head>
<body>
<div class="bg-layer"></div>
<div class="overlay"></div>
<div class="container">
<!-- Header -->
<div class="glass-card p-6 mb-6">
<div class="flex items-center gap-4">
<div class="icon-box flex-shrink-0">
<svg style="width:1.75rem;height:1.75rem;color:#a78bfa" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 15v2m-6 4h12a2 2 0 002-2v-6a2 2 0 00-2-2H6a2 2 0 00-2 2v6a2 2 0 002 2zm10-10V7a4 4 0 00-8 0v4h8z" />
</svg>
</div>
<div class="flex-1">
<div class="flex items-center gap-3">
<h1 class="text-2xl font-bold">Nostr VPN</h1>
<span class="text-xs text-white-50">v0.3.4</span>
</div>
<p class="text-white-60 text-sm">Decentralized mesh VPN with Nostr signaling</p>
</div>
<div class="info-card flex items-center gap-3">
<div id="statusDot" class="status-dot bg-yellow animate-pulse"></div>
<div>
<p class="text-xs text-white-50">Status</p>
<p class="text-sm font-medium" id="statusText">Checking...</p>
</div>
</div>
</div>
</div>
<!-- What It Does -->
<div class="glass-card p-5 mb-6">
<h2 class="text-lg font-semibold mb-4" style="color:#a78bfa">What is Nostr VPN?</h2>
<p class="text-white-70 text-sm mb-4" style="line-height:1.6">
Nostr VPN creates a <strong style="color:white">private mesh network</strong> between your devices using WireGuard tunnels.
Unlike traditional VPNs, there is no central server. Peers discover each other and exchange encryption keys over
<strong style="color:white">Nostr relays</strong>, making the network censorship-resistant and self-sovereign.
Think of it as <strong style="color:white">Tailscale, but decentralized</strong> — your node's Nostr identity is your network identity.
</p>
<div class="grid grid-cols-3 gap-3">
<div class="info-card flex items-center gap-3">
<div class="feature-icon">
<svg style="width:1.25rem;height:1.25rem;color:#a78bfa" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M8 11V7a4 4 0 118 0m-4 8v2m-6 4h12a2 2 0 002-2v-6a2 2 0 00-2-2H6a2 2 0 00-2 2v6a2 2 0 002 2z"/></svg>
</div>
<div>
<p class="text-sm font-medium">No Central Server</p>
<p class="text-xs text-white-50">Fully peer-to-peer mesh</p>
</div>
</div>
<div class="info-card flex items-center gap-3">
<div class="feature-icon">
<svg style="width:1.25rem;height:1.25rem;color:#a78bfa" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M13 10V3L4 14h7v7l9-11h-7z"/></svg>
</div>
<div>
<p class="text-sm font-medium">WireGuard Tunnels</p>
<p class="text-xs text-white-50">Fast, modern encryption</p>
</div>
</div>
<div class="info-card flex items-center gap-3">
<div class="feature-icon">
<svg style="width:1.25rem;height:1.25rem;color:#a78bfa" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M3.055 11H5a2 2 0 012 2v1a2 2 0 002 2 2 2 0 012 2v2.945M8 3.935V5.5A2.5 2.5 0 0010.5 8h.5a2 2 0 012 2 2 2 0 104 0 2 2 0 012-2h1.064M15 20.488V18a2 2 0 012-2h3.064"/></svg>
</div>
<div>
<p class="text-sm font-medium">NAT Traversal</p>
<p class="text-xs text-white-50">Works behind firewalls</p>
</div>
</div>
</div>
</div>
<!-- Node Identity -->
<div class="glass-card p-5 mb-6">
<h2 class="text-lg font-semibold mb-4" style="color:#a78bfa">Node Identity</h2>
<p class="text-white-60 text-sm mb-4">Your node's Nostr public key is used as its network identity. Share it with peers to connect.</p>
<div class="mb-4">
<div class="field-label">Nostr Public Key (npub)</div>
<div class="field-row">
<span class="field-value" id="npub">Loading...</span>
<button class="copy-btn" onclick="copyField('npub', this)" title="Copy">
<svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24"><rect x="9" y="9" width="13" height="13" rx="2" ry="2" stroke-width="2"/><path d="M5 15H4a2 2 0 01-2-2V4a2 2 0 012-2h9a2 2 0 012 2v1" stroke-width="2"/></svg>
</button>
</div>
</div>
<div>
<div class="field-label">VPN Listen Port</div>
<div class="field-row">
<span class="field-value">51820/udp</span>
<button class="copy-btn" onclick="copyText('51820', this)" title="Copy">
<svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24"><rect x="9" y="9" width="13" height="13" rx="2" ry="2" stroke-width="2"/><path d="M5 15H4a2 2 0 01-2-2V4a2 2 0 012-2h9a2 2 0 012 2v1" stroke-width="2"/></svg>
</button>
</div>
</div>
</div>
<!-- How to Use -->
<div class="glass-card p-5 mb-6">
<h2 class="text-lg font-semibold mb-4" style="color:#a78bfa">How to Use</h2>
<div class="flex flex-col gap-4">
<div class="step">
<div class="step-num">1</div>
<div>
<p class="text-sm font-semibold mb-2">Install the Nostr VPN client on your device</p>
<p class="text-xs text-white-60" style="line-height:1.5">Download <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">nvpn</code> from <a href="https://github.com/mmalmi/nostr-vpn/releases" style="color:#a78bfa;text-decoration:underline" target="_blank">GitHub Releases</a> on your laptop, phone, or other devices you want to connect.</p>
</div>
</div>
<div class="step">
<div class="step-num">2</div>
<div>
<p class="text-sm font-semibold mb-2">Create or join a network</p>
<p class="text-xs text-white-60" style="line-height:1.5">Run <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">nvpn network create</code> on this node to create a new network, or join an existing one with an invite code. Each network gets a unique ID shared between members.</p>
</div>
</div>
<div class="step">
<div class="step-num">3</div>
<div>
<p class="text-sm font-semibold mb-2">Connect your devices</p>
<p class="text-xs text-white-60" style="line-height:1.5">Run <code style="background:rgba(255,255,255,0.1);padding:0.125rem 0.375rem;border-radius:0.25rem">nvpn start --daemon --connect</code> on each device. Peers discover each other automatically over Nostr relays and establish direct WireGuard tunnels. Your devices are now privately connected.</p>
</div>
</div>
</div>
</div>
<!-- Container Status -->
<div class="glass-card p-5">
<h2 class="text-lg font-semibold mb-4" style="color:#a78bfa">Container Logs</h2>
<div id="logs" style="background:rgba(0,0,0,0.4);border-radius:0.5rem;padding:0.75rem;font-family:monospace;font-size:0.75rem;color:rgba(255,255,255,0.6);max-height:200px;overflow-y:auto;line-height:1.6">
Fetching logs...
</div>
</div>
</div>
<script>
var COPY_SVG = '<svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24"><rect x="9" y="9" width="13" height="13" rx="2" ry="2" stroke-width="2"/><path d="M5 15H4a2 2 0 01-2-2V4a2 2 0 012-2h9a2 2 0 012 2v1" stroke-width="2"/></svg>';
var CHECK_SVG = '<svg width="16" height="16" fill="none" stroke="currentColor" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M5 13l4 4L19 7"/></svg>';
function flashCopied(btn) { btn.classList.add('copied'); var o = btn.innerHTML; btn.innerHTML = CHECK_SVG; setTimeout(function() { btn.classList.remove('copied'); btn.innerHTML = o; }, 1500); }
function copyField(id, btn) { var t = document.getElementById(id).textContent.trim(); if (!t || t === 'Loading...') return; navigator.clipboard.writeText(t).then(function() { flashCopied(btn); }); }
function copyText(text, btn) { navigator.clipboard.writeText(text).then(function() { flashCopied(btn); }); }
async function fetchNodeIdentity() {
try {
var resp = await fetch('/rpc/', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'node.nostr-pubkey', params: {} }) });
var data = await resp.json();
if (data.result && data.result.npub) {
document.getElementById('npub').textContent = data.result.npub;
} else if (data.result && data.result.pubkey) {
document.getElementById('npub').textContent = data.result.pubkey;
}
} catch(e) { document.getElementById('npub').textContent = 'Unavailable'; }
}
async function fetchStatus() {
try {
var resp = await fetch('/rpc/', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'package.info', params: { id: 'nostr-vpn' } }) });
var data = await resp.json();
var dot = document.getElementById('statusDot');
var txt = document.getElementById('statusText');
if (data.result && data.result.state === 'running') {
dot.className = 'status-dot bg-green'; txt.textContent = 'Running';
} else if (data.result && data.result.state === 'stopped') {
dot.className = 'status-dot bg-red'; txt.textContent = 'Stopped';
} else {
dot.className = 'status-dot bg-yellow animate-pulse'; txt.textContent = data.result ? data.result.state : 'Unknown';
}
} catch(e) { /* keep checking */ }
}
async function fetchLogs() {
try {
var resp = await fetch('/api/container/logs?app_id=nostr-vpn&lines=30');
if (resp.ok) {
var data = await resp.json();
var logs = data.logs || data.stdout || '';
if (typeof logs === 'object') logs = JSON.stringify(logs);
document.getElementById('logs').textContent = logs || 'No logs available yet.';
var el = document.getElementById('logs');
el.scrollTop = el.scrollHeight;
}
} catch(e) { document.getElementById('logs').textContent = 'Waiting for container...'; }
}
fetchNodeIdentity();
fetchStatus();
fetchLogs();
setInterval(fetchStatus, 10000);
setInterval(fetchLogs, 15000);
</script>
</body>
</html>

11
docker/nostr-vpn-ui/nginx.conf Normal file
View File

@ -0,0 +1,11 @@
server {
listen 8201;
server_name _;
root /usr/share/nginx/html;
index index.html;
location / {
try_files $uri $uri/ /index.html;
}
}

24
image-recipe/configs/nginx-archipelago.conf
View File

@ -530,12 +530,28 @@ server {
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
}
location /app/nostr-vpn/ {
default_type application/json;
return 503 '{"error":{"code":"NO_WEB_UI","message":"Nostr VPN is managed via CLI"}}';
proxy_pass http://127.0.0.1:8201/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_hide_header X-Frame-Options;
add_header X-Frame-Options "SAMEORIGIN" always;
proxy_hide_header Content-Security-Policy;
add_header X-Content-Type-Options "nosniff" always;
}
location /app/fips/ {
default_type application/json;
return 503 '{"error":{"code":"NO_WEB_UI","message":"FIPS is managed via CLI"}}';
proxy_pass http://127.0.0.1:8202/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_hide_header X-Frame-Options;
add_header X-Frame-Options "SAMEORIGIN" always;
proxy_hide_header Content-Security-Policy;
add_header X-Content-Type-Options "nosniff" always;
}
location /app/ollama/ {
proxy_pass http://127.0.0.1:11434/;

22
image-recipe/configs/snippets/archipelago-https-app-proxies.conf
View File

@ -212,12 +212,26 @@ location /app/routstr/ {
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
}
location /app/nostr-vpn/ {
default_type application/json;
return 503 '{"error":{"code":"NO_WEB_UI","message":"Nostr VPN is managed via CLI"}}';
proxy_pass http://127.0.0.1:8201/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_hide_header X-Frame-Options;
add_header X-Frame-Options "SAMEORIGIN" always;
proxy_hide_header Content-Security-Policy;
}
location /app/fips/ {
default_type application/json;
return 503 '{"error":{"code":"NO_WEB_UI","message":"FIPS is managed via CLI"}}';
proxy_pass http://127.0.0.1:8202/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_hide_header X-Frame-Options;
add_header X-Frame-Options "SAMEORIGIN" always;
proxy_hide_header Content-Security-Policy;
}
location /app/ollama/ {
proxy_pass http://127.0.0.1:11434/;

4
neode-ui/src/views/appSession/appSessionConfig.ts
View File

@ -38,6 +38,8 @@ export const APP_PORTS: Record<string, number> = {
'fedimintd': 8175,
'fedimint-gateway': 8176,
'nostr-rs-relay': 18081,
'nostr-vpn': 8201,
'fips': 8202,
'routstr': 8200,
'indeedhub': 7777,
'dwn': 3100,
@ -85,6 +87,8 @@ export const HTTPS_PROXY_PATHS: Record<string, string> = {
'grafana': '/app/grafana/',
'indeedhub': '/app/indeedhub/',
'routstr': '/app/routstr/',
'nostr-vpn': '/app/nostr-vpn/',
'fips': '/app/fips/',
}
/** External HTTPS apps -- always loaded directly */

1
neode-ui/src/views/apps/appsConfig.ts
View File

@ -12,6 +12,7 @@ export const SERVICE_NAMES = new Set([
'mysql-mempool', 'mempool-api', 'archy-mempool-web',
'archy-bitcoin-ui', 'archy-lnd-ui', 'archy-electrs-ui',
'indeedhub-postgres', 'indeedhub-redis', 'indeedhub-minio',
'archy-nostr-vpn-ui', 'archy-fips-ui',
'indeedhub-api', 'indeedhub-ffmpeg',
'indeedhub-relay', 'indeedhub-build_api_1', 'indeedhub-build_ffmpeg-worker_1',
'indeedhub-build_postgres_1', 'indeedhub-build_redis_1', 'indeedhub-build_minio_1',

2
scripts/image-versions.sh
View File

@ -64,7 +64,9 @@ VALKEY_IMAGE="$ARCHY_REGISTRY/valkey:8.1.6"
NOSTR_RS_RELAY_IMAGE="$ARCHY_REGISTRY/nostr-rs-relay:0.9.0"
STRFRY_IMAGE="$ARCHY_REGISTRY/strfry:1.0.4"
NOSTR_VPN_IMAGE="$ARCHY_REGISTRY/nostr-vpn:v0.3.4"
NOSTR_VPN_UI_IMAGE="$ARCHY_REGISTRY/nostr-vpn-ui:latest"
FIPS_IMAGE="$ARCHY_REGISTRY/fips:v0.1.0"
FIPS_UI_IMAGE="$ARCHY_REGISTRY/fips-ui:latest"
# AI / Routing
ROUTSTR_IMAGE="$ARCHY_REGISTRY/routstr:v0.4.3"