| .design | ||
| .github/workflows | ||
| app/mobile | ||
| doc | ||
| net | ||
| .gitignore | ||
| LICENSE | ||
| README.md | ||
| todo | ||
Databag
Communication for the Decentralized Web
Mobile and Browser App Screens
Databag is a selfhosted messaging service. Notable features include:
- Decentralized (direct communication between app and server node)
- Federated (accounts on different nodes can communicate)
- Public-Private key based identity (not bound to any blockchain or hosting domain)
- End-to-End encryption (the hosting admin cannot view topics if sealed)
- Audio and Video Calls (nat traversal requires separate relay server)
- Topic based threads (messages organized by topic not contacts)
- Lightweight (server can run on a raspberry pi zero v1.3)
- Low latency (use of websockets for push events to avoid polling)
- Unlimited accounts per node (host for your whole family)
- Mobile alerts for new contacts, messages, and calls (supports UnifiedPush, FCM, APN)
The app is available on fdroid as well as the google and apple stores. You can test out the project here, but don't post anything important as this server is regularly wiped. Feedback on the UI/UX, bugs or features is greatly appreciated.
Project Vision
Imagine an internet where the services prioritized creating value over collecting data. Currently, these services exist primarily to subject us to advertisement. Triggering our fears drives engagement, fueling their revenue engine to our detriment. On top of this, these services make us more susceptible to surveillance and censorship.
It doesn't have to be this way. A data model in which we host and are responsible for our data would force internet services to prioritize their actual value, all while protecting us from surveillance and censorship. There is hope in the growing self-hosting community, and for it to be truly transformational, it will need to reach the average non-technical person.
Databag aims to bridge that gap by enabling self-hosting on consumer electronics. The hope is to one day be able to buy an inexpensive device like a router from a store and start self-hosting without any other technical knowledge. While self-hosting provides the most control and legal protections, people could choose to use cloud hosting services for their data when otherwise not possible.
Installation
To use databag, you will need a DNS name pointing to your node with a certificate. You can deploy a node manually, but you will have a much easier time using a container service. Containers for arm64 and amd64 are available here.
Docker Compose Command
From the net/container sub directory:
- sudo docker-compose -f compose.yaml -p databag up
Example with Portainer and Nginx Proxy Manager
From Portainer:
- In the volume view, click add volume:
- Enter a name, then click 'Create the volume'
- In the container view, click add container:
- In the 'Image' field enter 'balzack/databag:latest'
- Click 'publish a new network port', and select port 7000 for both host and container
- Under 'Advanced container settings', select 'Env', and click 'Add Environment Variable'
- Enter 'Name' as 'ADMIN' and your admin password [password]
- Under 'Advanced container settings', select 'Volumes', then 'map additional volume'
- Enter '/var/lib/databag' for 'container' and the created volume for 'volume'
- Click 'Deploy the Container'
From Nginx Proxy Manager:
- Add a host and specify:
- Hostname [hostname.domain]
- Portainer IP address [address]
- Port '7000'
- Request new SSL certificate
Nginx Proxy config ➡️ Click to expand ⬅️
server {
server_name your.site.tld;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:7000;
client_max_body_size 0;
proxy_max_temp_file_size 0;
}
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/your.site.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your.site.tld/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
add_header Strict-Transport-Security "max-age=0";
}
server {
if ($host = your.site.tld) {
return 301 https://$host$request_uri;
}
listen 80;
server_name your.site.tld;
return 404;
}
From Your Browser:
- Enter your server address in the address bar [hostname.domain]
- Click the cog icon in the top right
- Enter your admin password: [password]
- Click the cog icon in the dashboard
- Enter Federated Host as [hostname.domain]
- Click 'Save'
- Click the user icon to generate a new account link
- Follow the link to create an account
Other installation options
Install without a container on a Raspberry Pi Zero here.
Install without a container in AWS here.
Integrate Databag in an OpenWrt firmware here.
1-click installs in CapRover, CasaOS, Unraid, Runtipi, Kubero
Audio and Video Calls
Databag provides audio and video calling and relies on a STUN/TURN relay server for NAT traversal. Testing was done with both coturn and pion and should work with any implementation. Instructions for installing a coturn server are provided here.
If you want to enable audio and video calls, you should setup your own relay server. For testing purposes you can however use the demo relay server configuration. In the admin configuration modal, set:
- Enable WebRTC Calls: -switch on-
- WebRTC Server URL: turn:34.210.172.114:3478?transport=udp
- WebRTC Username: user
- WebRTC Password: pass