I’ve finally decided to get my hands dirty and look into Nostr.
I learned something interesting that I thought might be useful to others.
A domain can be used to validate user accounts. This is done in practice by creating a file called “nostr.json”, populating it with a list of usernames and their public keys (in hex format), and making it reachable at https://{domain}/.well-known/nostr.json
For more detailed instructions, see: https://nostr.how/en/guides/get-verified
The syntax of the nostr.json file is:
{
"names": {
"YOUR_NOSTR_NAME1": "YOUR_NOSTR_PUBLIC_KEY_HEX1",
"YOUR_NOSTR_NAME2": "YOUR_NOSTR_PUBLIC_KEY_HEX2"
}
}
This file can be presented via nginx with a block such as this one:
location = /.well-known/nostr.json {
alias /path/to/nostr.json;
add_header Access-Control-Allow-Origin *;
}
Here is the list of mander.xyz: https://mander.xyz/.well-known/nostr.json
And here is an example of a large list: https://nostr-check.com/.well-known/nostr.json
Once a user is added to this file, they need to go to their settings and add their Nostr address. If using iris.to as the client, it looks like this:
In Iris, I had the best results when I writethe address and then did not click anything else for like a minute.
After verification, your profile gets labeled with the verified username:
This is not permanent. The Nostr address can be easily removed or changed to a different one.
I can think of two benefits of “verifying”. One is that it is easier to share your username. For example, if one uses iris.to as a client, they can find me at: iris.to/Sal@mander.xyz, or search for Sal@mander.xyz. This is a lot better than using the public key or trying to search only with the username that can be duplicated.
The other benefit is that the nostr.json file can serve as a directory to link members in other communities in Nostr. Theoretically, if members of mander.xyz were to join the nostr.json file, then they would also be able to easily find each other in the site. That’s a good feature now since Nostr is not very populated.
If any user from Mander would like me to add them to the “verified” list, just send me a message with your public key and I will add you!
Cool tutorial! I never thought to try to use nginx to do it like that.
Oh, what’s the normal way of doing this?
I’m not formally educated in web development or computer science, so everything I do is kind of a hack. It’s funny that you say this, because now I think I might have done something strange here 😅 😂
Actually, the nginx block with the direct location using an alias was provided by ChatGPT. I didn’t know how to route directly to that location since the /.well-known/ location is already linked above and it points to the Lemmy docker container.
It’s probably just as easy to implement it in a programming language than nginx configs. I just never even thought to do it in nginx. That’s a good way to do it! Especially since you already have your certs set up there
Interesting, thanks for letting me know. I don’t know to do this in a programming language, but it’s good to be aware that this is a possibility.
I’ve also been looking into this. I hope someone some day will make it possible to do it with DNS reccords instead of .well-known files
Is the reason of using DNS records that you would not need a server to host and serve this file? Other than this, I think that updating DNS records would take more work, it would take longer to refresh, and I’m not sure if DNS records have a limit on how long they can be - in the case that you want to verify multiple accounts.
But maybe there is some way of using the DNS records that I’m unaware of that would make this is easy.
No, the reason is that I host a lemmy instance and when updating it the script deletes the current nginx configuration file.
DNS records will prevent it at least for small users. In the case that you are like one of those big nostr only sites you’ll have no issue with a script deleting your config.
Ah, I see! I set up my Lemmy instance before the Nginx config was taken care of by docker, so my Nginx file is independent of the Lemmy instance, and it just points at the docker containers.
