civildefense.io
v0.0.51
Published
Browser app to safely share live sightings on a map.
Readme
CivilDefense.io
The App
CivilDefense.io lets you report an immediate concern to the public by tapping its location on the map. The locations are shared over anonymous p2p with other users in your area, then fade away over 10 minutes. There is no login and no global tracking of your Internet address or physical location.
See here.
FIXME: The app is not ready public use just yet.
The Implementation
Some apps of this type have been removed from mobile app stores, while others remain. CivilDefense.io is implemented as a web page, so that it does not have to rely on an app store.
Additionally, the source code is available right here so that a mirror can be hosted by anyone.
Finally, all mirrors share the same data through peer-to-peer connections, so all reporting is automatically shared among all mirrors, regardless of which mirror the user entered through. There is no central database to be taken down.
The Bigger Project
YZ.social ("wise social") is building a secure, free, and open source, peer-to-peer network for a new class of applications. The YZ network has no servers, no central database, no single point of failure. It is a true, fully decentralized network constructed, controlled and owned by its users. CivilDefense.io is the first application built on the YZ network.
Running a Portal
Visitors enter network through a "portal", which serves the web pages and connects the user to other peers in the network. Anyone can run such a portal.
A local, private copy for development can be run with:
git clone https://github.com/YZ-social/civildefense.io.git; cd Yz.social
npm install
npm run local # Now visit http://localhost:3000Sharing
This network can only be reached through http://localhost:3000. To run a network that is connected to the world-wide YZ network, instead to
npm run sharedTo allow people visit the page from another device, the server must use https. This is usually done with a front end (aka reverse proxy server) such as nginx or OpenResty, and most commercial setups already operate this way. For example, at civildefense.io and our own mirror at ki1r0y.com, nginx handles https connection handshake and certificate (tcp inbound 443), and passes the request to NodeJS running on port 3000.
What It Does
The application server does a few things:
- It serves the static client files - i.e., the web page.
- It launches 2 or more separate NodeJS processes, each with an a network node just like the one that is run in the browser when someone visits the site. These "portal nodes" allow web visitors to connect to the network. If the box has 6 logical cores or more, it lauches nCores/2 nodes. These will each make outgoing UDP Webrtc connections for each node that connects to them on high-numbered ports. The only difference between
npm run localandnpm run sharedis that withshared, the first portal node connects to a portal node athttps://civildefense.io. All remaning portal nodes connect to that one. - It provides a means of connecting to the p2p network. Specifically, it provides
postendpoints that deliver Webrtc connection information to the portal nodes. The server passes this info to the requested node process via NodeJS InterProcess Communication (IPC). - It runs a TURN relay (within the web server process). The TURN server listens for setup requests incoming on udp or tcp on 3478. (We do not currently use (D)TLS, which would be 5349.) Additionally, the actual relay traffic happens on incoming udp ports 49152 - 65535.
Building Your Own
This is all done with a very minimal ExpressJS server. The one we provide is in app.js. If you already have such a server set up, you can just:
- Add or link public/ to the directory of static client files already being served. E.g.,
- If you want to serve the static client files from an nginx front end, you can specify
root path_to_yz.social_directory/public;in your nginx.conf. - If you want to serve the static client files from an existing ExpressJS app server, you can specify
app.use(express.static(path_to_yz.social_directory/public));
- Fork one or more portal nodes. Our
app.jsdoes this with:
import cluster from 'node:cluster';
if (cluster.isPrimary) {
for (let i = 0; i < nPortals; i++) cluster.fork();
...
} else {
const portalNode = await import('@yz-social/kdht/portal');
portalNode.setup({});
}- Serve some endpoints so that visitors to your page can find and connect with one of the portal nodes you forked. Our
app.jsdoes this with:
if (cluster.isPrimary) {
for (let i = 0; i < nPortals; i++) cluster.fork();
const portalServer = await import('@yz-social/kdht/router');
app.use('/kdht', portalServer.router);
...
}- Run a TURN relay. The portal nodes and visitors to your web page are automatically configured to expect a relay at the default STUN/TURN port (3478). The
@yz-social/kdht/routerimported in step 3 does this automatically.
