- Add embedded WireGuard VPN server using wireguard-go + netstack
- Implement deterministic /31 subnet allocation from seed + sequence
- Use Badger's built-in Sequence for atomic counter allocation
- Add NIP-46 bunker server for remote signing over VPN
- Add revoked key tracking and access audit logging for users
- Add Bunker tab to web UI with WireGuard/bunker QR codes
- Support key regeneration with old keypair archiving
New environment variables:
- ORLY_WG_ENABLED: Enable WireGuard VPN server
- ORLY_WG_PORT: UDP port for WireGuard (default 51820)
- ORLY_WG_ENDPOINT: Public endpoint for WireGuard
- ORLY_WG_NETWORK: Base network for subnet pool (default 10.0.0.0/8)
- ORLY_BUNKER_ENABLED: Enable NIP-46 bunker
- ORLY_BUNKER_PORT: WebSocket port for bunker (default 3335)
Files added:
- pkg/wireguard/: WireGuard server, keygen, subnet pool, errors
- pkg/bunker/: NIP-46 bunker server and session handling
- pkg/database/wireguard.go: Peer storage with audit logging
- app/handle-wireguard.go: API endpoints for config/regenerate/audit
- app/wireguard-helpers.go: Key derivation helpers
- app/web/src/BunkerView.svelte: Bunker UI with QR codes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix base64 encoding to use URL-safe format (- instead of +, _ instead of /)
- Remove padding characters (=) from base64 output
- Apply fix to LogView, BlossomView, and api.js
Files modified:
- app/web/src/LogView.svelte: URL-safe base64 for NIP-98 auth
- app/web/src/BlossomView.svelte: URL-safe base64 for Blossom auth
- app/web/src/api.js: URL-safe base64 for NIP-98 auth
- pkg/version/version: Bump to v0.39.2
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Include query parameters in signed NIP-98 auth URL
- Auth event URL must match actual request URL including ?offset=&limit=
Files modified:
- app/web/src/LogView.svelte: Fix auth URL to include query params
- pkg/version/version: Bump to v0.39.1
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Show full npub on screens > 720px, truncated on smaller screens
- Make admin users list extend to full width
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Make Blossom view use full available width
- Add "Upload new files" label with Select Files button on right
- Show image/video thumbnails in file list (48x48px)
- Add emoji icons for audio (🎵) and documents (📄)
- Show full hash on screens > 720px, truncated on smaller
Files modified:
- app/web/src/BlossomView.svelte: UI layout and thumbnail changes
- app/web/dist/*: Rebuilt bundle
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add nsec-crypto.js library with Argon2id+AES-GCM encryption
- Generate new nsec keys using secure system entropy
- Encrypt nsec with password (~3 sec Argon2id derivation in Web Worker)
- Add unlock flow for returning users with encrypted keys
- Add deriving modal with live timer during key derivation
- Auto-create default profile for new users with ORLY logo avatar
- Fix NIP-42 auth race condition in websocket-auth.js
- Improve header user profile display (avatar fills height, no truncation)
- Add instant light/dark theme colors in HTML head
- Add background box around username/nip05 in settings drawer
- Update CLAUDE.md with nsec-crypto library documentation
Files modified:
- app/web/src/nsec-crypto.js: New encryption library
- app/web/src/LoginModal.svelte: Key gen, encryption, unlock UI
- app/web/src/nostr.js: Default profile creation
- app/web/src/App.svelte: Header and drawer styling
- app/web/public/index.html: Instant theme colors
- CLAUDE.md: Library documentation
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Updated event loading logic in App.svelte to reset the attempt flag when toggling filters or switching tabs, preventing infinite load loops.
- Modified role-based permissions to include "read" access for viewing events, ensuring users with "read", "write", "admin", or "owner" roles can access the event list.
- Adjusted alert messages to reflect the updated permission structure.
- Incremented the version number to v0.19.5 to reflect these changes.
- Modified role-based permissions in App.svelte and EventsView.svelte to include "read" access for viewing events, enhancing user access control.
- Updated conditional rendering logic to reflect the new permission structure, ensuring users with "read", "write", "admin", or "owner" roles can view events.
- Incremented the version number to v0.19.4 to reflect these changes.
- Added new components: Header, Sidebar, ExportView, ImportView, EventsView, ComposeView, RecoveryView, SprocketView, and SearchResultsView to enhance the application's functionality and user experience.
- Updated App.svelte to integrate the new views and improve the overall layout.
- Refactored existing components for better organization and maintainability.
- Adjusted CSS styles for improved visual consistency across the application.
- Incremented version number to v0.19.3 to reflect the latest changes and additions.
- Changed the event signing method in App.svelte from `sign` to `signEvent` for clarity and consistency.
- Updated the privileged events test to replace `PrivateDirectMessage` with `DirectMessage`, aligning with the latest event kind definitions.
- Adjusted the bundle.js and bundle.js.map files to reflect the latest build changes and optimizations.
- Introduced a new permission menu and role view settings to manage user access more effectively.
- Updated tab filtering logic to accommodate role-based permissions, ensuring users see only relevant options based on their roles.
- Enhanced the App.svelte component with new CSS styles for the view-as section, improving user experience and visual consistency.
- Added debug logging for tab filtering to assist in development and troubleshooting.
- Incremented the version number to reflect the latest changes and improvements.
- Modified the NostrClient's publish method to allow for specific relay usage and added event storage in IndexedDB.
- Introduced a debug function for IndexedDB to inspect stored events and their counts by kind.
- Updated the App.svelte component to expose the debug function globally for easier access during development.
- Enhanced the CSS styles for better user feedback on export results and status messages.
- Incremented the IndexedDB version to accommodate new indexes and improve event storage management.
- Updated the version number to v0.19.1.
- Replaced NDKPrivateKeySigner with PrivateKeySigner from applesauce-signers for improved signing functionality.
- Updated the Nostr client implementation to utilize nostr-tools for event management and connection pooling.
- Enhanced event fetching logic to support multiple versions of replaceable events based on limit parameters.
- Updated package dependencies in package.json and bun.lock, including the addition of applesauce-core and applesauce-signers.
- Refined event kind definitions and improved documentation for clarity and consistency with NIP specifications.
- Adjusted CSS styles in bundle.css for better visual consistency across components.
- Updated CSS styles for modal and tab components to enhance visual consistency and responsiveness.
- Refactored JavaScript imports in App.svelte for better readability and organization.
- Improved layout and padding in ManagedACL.svelte for a more user-friendly interface.
- Adjusted event handling and state management in App.svelte to streamline user interactions.
- Updated bundle files to reflect the latest changes in the application structure and styling.
- bump to v0.17.1
- Remove app/web/dist/** from .gitignore
- Add built web assets to repository for deployment
- Includes bundle.css, bundle.js, index.html and other static assets
- Removed unnecessary entries from .gitignore related to the app/web/dist directory.
- Updated app/web/.gitignore to exclude the dist directory.
- Added rollup-plugin-copy to package.json and updated rollup.config.js to copy static assets during the build process.
- Introduced new CSS and JS files in the dist directory for improved styling and functionality.
- Updated index.html to reference new global CSS and JS files, enhancing the overall user interface.
- Added favicon and other image assets to the dist directory for branding consistency.
- Improved logging for delete events in handle-delete.go, including detailed information about the event and its tags.
- Added checks for admin and owner deletions, with appropriate logging for each case.
- Updated HandleEvent to process delete events more robustly, including success and error logging.
- Introduced a new fetchEventById function in nostr.js to verify event deletion.
- Updated App.svelte to handle event deletion verification and state management.
- Changed favicon references in HTML files to use the new orly-favicon.png.
- Added orly-favicon.png to the public and docs directories for consistent branding.
- Cleaned up the `app/web/dist/` directory by deleting an unreferenced and outdated build artifact.
- Maintained a lean and organized repository structure.
- Cleaned up the `app/web/dist/` directory by deleting an unreferenced and outdated build artifact.
- Maintained a lean and organized repository structure.
- Cleaned up the `app/web/dist/` directory by deleting an unreferenced and outdated build artifact.
- Maintained a lean and organized repository structure.
- Cleaned up the `app/web/dist/` directory by deleting an unreferenced and outdated build artifact.
- Maintained a lean and organized repository structure.
- Implemented an "All Events Log" section accessible only to admin users.
- Added WebSocket-based data fetching to retrieve all events from the relay.
- Included profile caching and metadata fetching for event authors.
- Updated UI components to display events with expandable raw JSON details.
- Adjusted CSS for avatar sizes and improved layout.
- Refactored logout logic to reset all event states.
- Deleted `index-zhtd763e.css` and `index-zqddcpy5.js` to streamline the build artifacts.
- Simplified repository by removing unused generated files to maintain a clean structure.
- Introduced `index-zhtd763e.css` with a tailored CSS rule set for performance optimization.
- Added `index-zqddcpy5.js` containing essential JavaScript for React app functionality and improved compatibility.
- Added a minimal `tailwind.min.css` with utilities tailored to app needs (`app/web/dist/`).
- Updated `.gitignore` to include specific `dist/` paths while maintaining clean build artifacts.
- Added local `dist` files (`index.css`, `index.js`) for better control over UI styling and build outputs.
