- Add embedded WireGuard VPN server using wireguard-go + netstack
- Implement deterministic /31 subnet allocation from seed + sequence
- Use Badger's built-in Sequence for atomic counter allocation
- Add NIP-46 bunker server for remote signing over VPN
- Add revoked key tracking and access audit logging for users
- Add Bunker tab to web UI with WireGuard/bunker QR codes
- Support key regeneration with old keypair archiving
New environment variables:
- ORLY_WG_ENABLED: Enable WireGuard VPN server
- ORLY_WG_PORT: UDP port for WireGuard (default 51820)
- ORLY_WG_ENDPOINT: Public endpoint for WireGuard
- ORLY_WG_NETWORK: Base network for subnet pool (default 10.0.0.0/8)
- ORLY_BUNKER_ENABLED: Enable NIP-46 bunker
- ORLY_BUNKER_PORT: WebSocket port for bunker (default 3335)
Files added:
- pkg/wireguard/: WireGuard server, keygen, subnet pool, errors
- pkg/bunker/: NIP-46 bunker server and session handling
- pkg/database/wireguard.go: Peer storage with audit logging
- app/handle-wireguard.go: API endpoints for config/regenerate/audit
- app/wireguard-helpers.go: Key derivation helpers
- app/web/src/BunkerView.svelte: Bunker UI with QR codes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replaced NDKPrivateKeySigner with PrivateKeySigner from applesauce-signers for improved signing functionality.
- Updated the Nostr client implementation to utilize nostr-tools for event management and connection pooling.
- Enhanced event fetching logic to support multiple versions of replaceable events based on limit parameters.
- Updated package dependencies in package.json and bun.lock, including the addition of applesauce-core and applesauce-signers.
- Refined event kind definitions and improved documentation for clarity and consistency with NIP specifications.
- Adjusted CSS styles in bundle.css for better visual consistency across components.
- Removed unnecessary entries from .gitignore related to the app/web/dist directory.
- Updated app/web/.gitignore to exclude the dist directory.
- Added rollup-plugin-copy to package.json and updated rollup.config.js to copy static assets during the build process.
- Introduced new CSS and JS files in the dist directory for improved styling and functionality.
- Updated index.html to reference new global CSS and JS files, enhancing the overall user interface.
- Added favicon and other image assets to the dist directory for branding consistency.
This commit introduces the Nostr Development Kit (NDK) to enhance the Nostr client functionality. Key changes include:
- Added `NDKPrivateKeySigner` for improved authentication methods in `LoginModal.svelte` and `App.svelte`.
- Refactored the Nostr client to utilize NDK for connection and event fetching, streamlining the connection process and event handling.
- Updated `go.mod` and `package.json` to include `@nostr-dev-kit/ndk` as a dependency.
- Created a new `package-lock.json` to reflect the updated dependency tree.
These changes improve the overall architecture and maintainability of the Nostr client.
