Run a Signal Proxy using DigitalOcean Droplets and Cloudflare Domains! #IRanASignalProxy

Photo by Edrece Stansberry on Unsplash

Run a Signal Proxy using DigitalOcean Droplets and Cloudflare Domains! #IRanASignalProxy

Run a Signal Proxy for those who can't reach Signal. Help the oppressed!

Nabil Ridhwan's photo
Nabil Ridhwan
·

3 min read

I have already set up a proxy. Please email me at contact@nabilridhwan.com privately!

Read more here: signal.org/blog/run-a-proxy

This article uses DigitalOcean Droplets and a Domain name from Cloudflare to run a Signal Proxy and focuses on being as user-friendly as possible.

What you'll need

  • A VPS (DigitalOcean) ($4/month) - Free credits for students under the GitHub Student Developer pack
  • A Domain Name (Cloudflare) ($14 per year)

Creating a DigitalOcean Droplet

  1. Create a new Droplet in DigitalOcean. The basic $4.00/mo plan will help. 1.png
  2. Create new SSH Keys by clicking the new SSH Keys. The generation of SSH keys could be found in the original DigitalOcean documentation. But in this case, I used 1Password to generate an SSH key. 2-create-ssh-keys.png

Configure domain in Cloudflare Dashboard

  1. Copy your Droplet's IP Address 1-copy-ip-address.png
  2. Go to your Cloudflare dashboard, log in and configure one of your domains. (We are going to add a subdomain)
  3. Configure accordingly by making an A record with the name which points to the IP address you copied. image.png
  4. Click save.
  5. Wait. (Different timing for different domain name providers but mine took approximately ~10 minutes)

Installing the proxy on your new Droplet

Note, you can follow the instructions written by Signal: signal.org/blog/run-a-proxy

  1. After creating the droplet, wait a little while for the droplet to set up, and then right-click on the three dots and click on 'Access Console.' 3-access-console.png
  2. You'll be redirected to a new page, remember to log in as root and click on launch droplet console. 4-login-as-root.png
  3. From here on, you can follow the article written by Signal: signal.org/blog/run-a-proxy

What I Did

If you didn't follow the article, you could follow what I did.

  1. Install docker, docker-compose, and git by running sudo apt update && sudo apt install docker docker-compose git 7-install-docker-docker-compose-git.png
  2. Clone the Signal TLS Proxy repo from GitHub by running git clone https://github.com/signalapp/Signal-TLS-Proxy.git and change directory to the newly cloned repo by running cd Signal-TLS-Proxy. 9-clone-and-cd.png
  3. Run the helper script provided by Signal that configures and provisions a TLS certificate from Let's Encrypt by running sudo ./init-certificate.sh. At some point, you'll be asked to enter your domain name. Enter the domain name you configured. 10-configure-cert.png
  4. Use Docker Compose to launch the proxy by running sudo docker-compose up --build -d 11.1-run-docker-compose-build-detatched-sudo.png

Voila!

You're done! Share your Proxy with the world. A recommendation is not to share your proxy URL in public since they can just add your IP to a blacklist. Instead Signal encourages people to DM each other!

Credits

Signal for having an easy-to-follow article: signal.org/blog/run-a-proxy

Footnote

Sorry if this article is not explained in detail on the background information. It's just a simple article to get users with resources to join and help!

Did you find this article valuable?

Support Nabil Ridhwan by becoming a sponsor. Any amount is appreciated!