Policy Configuration

{#if isLoggedIn && (userRole === "owner" || isPolicyAdmin)}

Policy Editor

{policyEnabled ? "Policy Enabled" : "Policy Disabled"} {#if isPolicyAdmin} Policy Admin {/if}

Edit the policy JSON below and click "Save & Publish" to update the relay's policy configuration. Changes are applied immediately after validation.

Policy updates are published as kind 12345 events and require policy admin permissions.

{#if validationErrors.length > 0}

Validation Errors:

    {#each validationErrors as error}
  • {error}
    • {/each}
{/if}
{#if policyMessage}
{policyMessage}
{/if}

Policy Administrators

Policy admins can update the relay's policy configuration via kind 12345 events. Their follows get whitelisted if policy_follow_whitelist_enabled is true in the policy.

Note: Policy admins are separate from relay admins (ORLY_ADMINS). Changes here update the JSON editor - click "Save & Publish" to apply.

{#if policyAdmins.length === 0}

No policy admins configured

{:else} {#each policyAdmins as admin}
{admin.substring(0, 16)}...{admin.substring(admin.length - 8)}
{/each} {/if}
e.key === "Enter" && addPolicyAdmin()} />

Policy Follow Whitelist

Pubkeys followed by policy admins (kind 3 events). These get automatic read+write access when rules have write_allow_follows: true.

{policyFollows.length} pubkey(s) in whitelist
{#if policyFollows.length === 0}

No follows loaded. Click "Refresh Follows" to load from database.

{:else}
{#each policyFollows as follow} {/each}
{/if}

Policy Reference

Structure Overview

  • kind.whitelist - Only allow these event kinds (takes precedence)
  • kind.blacklist - Deny these event kinds (if no whitelist)
  • global - Rules applied to all events
  • rules - Per-kind rules (keyed by kind number as string)
  • default_policy - "allow" or "deny" when no rules match
  • policy_admins - Hex pubkeys that can update policy
  • policy_follow_whitelist_enabled - Enable follow-based access

Rule Fields

  • description - Human-readable rule description
  • write_allow / write_deny - Pubkey lists for write access
  • read_allow / read_deny - Pubkey lists for read access
  • write_allow_follows - Grant access to policy admin follows
  • size_limit - Max total event size in bytes
  • content_limit - Max content field size in bytes
  • max_expiry - Max expiry offset in seconds
  • max_age_of_event - Max age of created_at in seconds
  • max_age_event_in_future - Max future offset in seconds
  • must_have_tags - Required tag letters (e.g., ["d", "t"])
  • tag_validation - Regex patterns for tag values
  • script - Path to external validation script

Example Policy

{examplePolicy}
{:else if isLoggedIn}

Policy configuration requires owner or policy admin permissions.

To become a policy admin, ask an existing policy admin to add your pubkey to the policy_admins list.

Current user role: {userRole || "none"}

{:else}

Please log in to access policy configuration.

{/if}