191c59d230
## Description Update the readme file ## Related Issues none ## Type of Change - [ ] Bug fix (non-breaking change) - [ ] New feature (non-breaking change) - [ ] Breaking change (fix or feature that changes existing functionality) - [x] Documentation update - [ ] Other (please describe): ## Checklist - [x] I have updated relevant documentation - [x] My code follows the project's coding style - [x] My changes generate no new warnings/errors ## Notes for Reviewers none ## Screenshots/Demo none ## Additional Context none <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Documentation** - Major overhaul of documentation structure and content for improved clarity, modern presentation, and ease of navigation. - Updated and expanded guides for installation, setup, architecture, and command-line interfaces. - Enhanced FAQ and troubleshooting sections with more comprehensive answers and technical details. - Added new guides for self-hosting with reverse proxy examples (Caddy, Traefik) and developer notes. - Improved theming, styling, and home page layout for the documentation site. - Simplified main README to a minimalistic project header and tagline. - Added new documentation files for Nestri Relay introduction and container CLI parameters. - Removed outdated or redundant documentation files and components to streamline content. - **Chores** - Updated, reorganized, or removed configuration files for dependencies, linting, and environment setup. - Switched to a new documentation theme and updated related project dependencies. - Removed Renovate configuration and ESLint config specific to docs app. - Adjusted TypeScript and package configurations for better compatibility. - **Style** - Improved dark mode support and visual consistency across documentation and components. - Introduced new Tailwind CSS theming and animation support for the documentation site. - **New Features** - Added example configuration files for deploying Nestri Relay with Caddy and Traefik reverse proxies. - Introduced new Tailwind CSS theming and animation support for the documentation site. - Added a new logo component supporting light/dark mode and optional title display. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Victor Pahuus Petersen <49293748+victorpahuus@users.noreply.github.com> Co-authored-by: Wanjohi <elviswanjohi47@gmail.com> Co-authored-by: DatCaptainHorse <DatCaptainHorse@users.noreply.github.com>
7.1 KiB
Should I Self-Host a Nestri Relay?
If you want to use and enjoy the simplicity of the Nestri ecosystem, then you should not set up the Nestri Relay locally. Our free BYOG (Bring Your Own GPU) plan includes free shared relay access, which we highly recommend for those who want to start playing quickly on their own hardware without additional setup.
However, if you prefer to install and manage the Nestri Relay yourself, there are some important considerations to keep in mind.
Important Considerations for Self-Hosting Nestri Relay
- WebRTC and Firewall Issues
- WebRTC, by default, attempts to access your public IP even if both the relay and Nestri Node are on the same local network.
- This behavior can cause firewalls to block traffic, as the connection may attempt to access itself, resulting in connection failures.
- Unordered Third
- Recommended Deployment Strategy
- Instead of hosting the relay on your local network, we strongly recommend deploying the Nestri Relay on a VPS (Virtual Private Server) in the cloud.
- Using a cloud-based VPS minimizes potential firewall conflicts and ensures a more stable connection between your Nestri Node and the relay.
If you're set on self-hosting despite the potential challenges, proceed with caution and ensure you have a proper understanding of firewall configurations and networking setups to mitigate connectivity issues.
Self-hosted Nestri Relay
For those who prefer full control over the Nestri stack, it is possible to self-host the Nestri Relay. However, setting this up can be a bit complex, as it requires SSL Certificates for secure communication between your Nestri Node and your gaming devices. There are three main options:
-
Let's Encrypt Certificate: This is the most common certificates for self-hosting and requires a domain name. You can generate a certificate using tools like certbot or acme.sh. Let's Encrypt provides free SSL certificates that are trusted by most browsers and are relatively straightforward to set up.
-
Purchased SSL Certificate: The easiest option for most users is to buy an SSL certificate from a trusted Certificate Authority (CA). This option eliminates much of the hassle involved with certificate generation and renewals, as these certificates are already trusted by browsers and don’t require as much manual setup.
While self-hosting offers more flexibility, most users will find the Nestri-hosted Relay to be the easiest and most reliable option for getting started with cloud gaming on Nestri. This hosted relay is available to everyone using the BYOG package and requires no configuration.
Prerequisites
-
Server Requirements:
- Ensure port 443 is open for both TCP and UDP (
:443/udp & :443/tcp). - The server should have at least 6-8GB RAM and 2 vCPUs.
- Supports both ARM or AMD64 architecture.
- Ensure port 443 is open for both TCP and UDP (
-
Software Requirements:
- Docker and
docker-composemust be installed on the server. You can use this installation script to set up Docker. - Git must be installed to clone the necessary repository.
- Docker and
-
Certificates:
- You will need both private and public SSL certificates. It is recommended to use certificates from a trusted Certificate Authority (CA), either by using Let's Encrypt or purchasing a commercial SSL certificate, for secure communication. Avoid using self-signed certificates, as they can lead to compatibility issues and security warnings in browsers.
Self-hosted Nestri Relay with an Reverse Proxy
Caddy
As caddy user you can use the following docker-compose.yml file:
services:
caddy:
image: caddy:latest
container_name: caddy
ports:
- "443:443"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile # your caddyfile
- ./cert:/etc/caddy/certs
depends_on:
- relay
networks:
- relay_network
restart: unless-stopped
relay:
#image: ghcr.io/nestrilabs/nestri/relay:nightly # Offical relay image
image: ghcr.io/datcaptainhorse/nestri-relay:latest # Most current relay image
container_name: relay
environment:
#- AUTO_ADD_LOCAL_IP=false # use with WEBRTC_NAT_IPS
#- WEBRTC_NAT_IPS=1.2.3.4 # Add the LAN IP of your container here if connections fail
- VERBOSE=true
- DEBUG=true
ports:
- "8088:8088/udp"
networks:
- relay_network
restart:
unless-stopped
networks:
relay_network:
driver: bridge
The Caddyfile should look like this:
relay.example.com {
@ws {
header Connection Upgrade
header Upgrade websocket
}
tls you@example.com
reverse_proxy @ws relay:8088
reverse_proxy relay:8088
}
Please modify it to your needs and replace the placeholder values with your own. You should also setup the Caddyfile to match your domain.
Traefik
As traefik user you can use the following docker-compose.yml file:
services:
traefik:
image: "traefik:v2.3"
restart: always
container_name: "traefik"
networks:
- traefik
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.network=traefik"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entrypoint.to=web-secure"
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
- "--entrypoints.web-secure.address=:443"
- "--certificatesresolvers.default.acme.tlschallenge=true"
- "--certificatesresolvers.default.acme.email=foo@example.com" # Your email for tls challenge
- "--certificatesresolvers.default.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "./letsencrypt:/letsencrypt" # Your letsencrypt folder for certificate persistence
- "/var/run/docker.sock:/var/run/docker.sock:ro"
restart:
unless-stopped
relay:
#image: ghcr.io/nestrilabs/nestri/relay:nightly # Offical relay image
image: ghcr.io/datcaptainhorse/nestri-relay:latest # Most current relay image
container_name: relay
environment:
- AUTO_ADD_LOCAL_IP=false # Use with WEBRTC_NAT_IPS
#- WEBRTC_NAT_IPS=1.2.3.4 # Add the LAN IP of your container here if connections fail
- VERBOSE=true
- DEBUG=true
ports:
- "8088:8088/udp"
networks:
- traefik
restart:
unless-stopped
labels:
- traefik.enable=true
- traefik.http.routers.relay.rule=Host(`relay.example.com`) # Your domain for tls challenge
- traefik.http.routers.relay.tls=true
- traefik.http.routers.relay.tls.certresolver=default
- traefik.http.routers.relay.entrypoints=web-secure
- traefik.http.services.relay.loadbalancer.server.port=8088
networks:
traefik:
external: true
Please modify it to your needs and replace the placeholder values with your own.
Where to find the relay compose files?
You will also find the relay compose files in our github repository.