Enabling peer-to-peer communication of DIVA.EXCHANGE clients. Architecture: STUN/ICE in combination with this DIVA signal server. https://diva.exchange
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Konrad Bächler cd04a6ad73 version bump, logging update (dev) 8 months ago
app version bump, logging update (dev) 8 months ago
bin v2.2.6 APGLv3, version bump 8 months ago
.eslintrc.json Support for multiple idents per websocket 9 months ago
.gitignore inital commit to codeberg 1 year ago
Dockerfile v2.2.6 APGLv3, version bump 8 months ago
LICENSE v2.2.6 APGLv3, version bump 8 months ago
README.md document fixes 8 months ago
entrypoint.sh v2.2.6 APGLv3, version bump 8 months ago
package-lock.json version bump, logging update (dev) 8 months ago
package.json version bump, logging update (dev) 8 months ago



More about DIVA.EXCHANGE on https://diva.exchange.

Overview and Architecture

A generic rendezvous server to enable NAT traversal of services located behind firewalls. Let's take a look at the architecture. The figure below uses - as an example - "Iroha" clients as peers. These clients just want to talk to each other.

Architecture DIVA.EXCHANGE Signal Server

Getting Started

Using Docker

If you have docker available on your system, simply start the DIVA signal server as

docker pull divax/signal

docker run -d -p 3903:3903 --name diva-signal-server divax/signal

Now you have a DIVA signal server running on port 3903 on your host. Test it by accessing http://localhost:3903. If you'd like to expose this DIVA signal server to the outside, either configure port 3903 on your firewall, or use something like an nginx proxy to forward the traffic to your server.

nginx Configuration, Reverse Proxy, Example

If you want to set up nginx as a reverse proxy, the following example configuration might be useful:

map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;

server {
  listen 80;
  listen [::]:80;
  server_name your.server.name;
  root /path/to/your/web-server-content;
  location /.well-known/acme-challenge/ { allow all; }
  location / { return 301 https://$host$request_uri; }

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name your.server.name;

  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:10m;

  root /path/to/your/web-server-content;

  location / {
    try_files $uri @proxy;

  location @proxy {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Proxy "";
    proxy_pass_header Server;

    proxy_buffering off;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    tcp_nodelay on;

  ssl_certificate /etc/letsencrypt/live/your.server.name/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/your.server.name/privkey.pem;

Using npm

Start the server:

npm start

Stop the server:

npm stop

How to Run Unit Tests

npm run test

Coverage reports are stored within ./coverage. Use any browser and open ./coverage/index.html.

How to Lint (eslint)

npm run lint

API Documentation

The API is only available via a websocket connection. It supports a few calls:

  • ident
  • join
  • signal

A call and its related data must be sent as an Array packed into a JSON string over the socket. The response is also an Array packed into a JSON string.


  • Call: ["ident"]

  • Response: ["ident", "some-unique-ident"]

  • Call: ["join", "some-unique-ident", "some-room"]

  • Response: ["join", "some-room:some-ident"]

  • Response: ["stun", "some-room:some-ident", "some-room:some-other-ident", false]

Call: ident

Request a unique identifier from the connected signal server.



Call: join

Request to join a room on the connected signal server. All peers within a room shall be connected to each other (mesh net).

  "ident <string>"
  "room <string>"

Call: signal

Send connection data received from the STUN server to another peer via the signal server. This will initiate a direct connection between two peers.

  "from-room <string> : from-ident <string>",
  "to-room <string> : to-ident <string>",
  "signal-data-from-STUN-server <object>"

Response: ident

  "ident <string>"

Response: join

  "room <string> : ident <string>"

Response: stun

  "from-room <string> : from-ident <string>",
  "to-room <string> : to-ident <string>",
  "isInitiator <boolean>"

Response: signal

  "from-room <string> : from-ident <string>",
  "to-room <string> : to-ident <string>",
  "signal-data-from-STUN-server <string>"

Contact the Developers

On DIVA.EXCHANGE you'll find various options to get in touch with the team.

Talk to us via Telegram https://t.me/diva_exchange_chat_de (English or German).


Your donation goes entirely to the project. Your donation makes the development of DIVA.EXCHANGE faster.

XMR: 42QLvHvkc9bahHadQfEzuJJx4ZHnGhQzBXa8C9H3c472diEvVRzevwpN7VAUpCPePCiDhehH4BAWh8kYicoSxpusMmhfwgx

BTC: 3Ebuzhsbs6DrUQuwvMu722LhD8cNfhG1gs

Awesome, thank you!