Creating a Cloud-Hosted Signal Proxy to Help People in Iran

Disclaimer

This guide requires knowledge of command line interfaces and public DNS.  For your safety, we recommend you only proceed with this guide if you have general knowledge about how to manage public DNS and are comfortable on command line interfaces. 

Create the Server on Linode

  • Go to Linode, create an account, and set input your credit card information
  • Go to the Create a Linode page, then the Marketplace tab.  Search for and select Docker
  • Leave all Advanced options blank.
  • Under Images, select Ubuntu
  • Select your desired region for the server
  • Under Linode Plan, select Shared CPU tab, then the smallest plan (~$5/mo)
  • Set a long, and complex root password
  • Check the box for Private IP
  • Click Create Linode to create the server.  It will take a while for the server to provision and boot.
  • Make note of the IPv4 address that was assigned to the server.

Create the DNS Record in your DNS Host

  • Your DNS Host is usually your registrar (but not always), and is typically one of the bigger ones, like GoDaddy, Cloudflare, or Google domains. Login to your DNS host.
  • Add an A record for your new server using the IP address you grabbed from the Linode server earlier, like this:
    • Graphical user interfaceDescription automatically generated with medium confidence
    • Make sure the record is not proxied
  • Make note of the A record you made, you’ll need it in the next step.

Start Running the Signal Proxy

  • Back in Linode, launch the LISH console on the server and use the root password you set to login as root. 
  • Type in all the red commands from this article: https://signal.org/blog/run-a-proxy/
    • On step 5, you’ll be prompted for the domain. This is the full domain name of the A record you created in your DNS host.
sudo apt update && sudo apt install docker docker-compose git
git clone https://github.com/signalapp/Signal-TLS-Proxy.git
cd Signal-TLS-Proxy
sudo ./init-certificate.sh
sudo docker-compose up --detach
  • After running all the commands, you’ll have an operating Singla proxy, and the URL you can give out to mobile users will be:

Update & Rebuild the Docker Signal Proxy

sudo apt update
sudo apt install docker docker-compose git -y
sudo apt upgrade
rm Signal-TLS-Proxy -r -d -f
git clone https://github.com/signalapp/Signal-TLS-Proxy.git
cd Signal-TLS-Proxy
sudo ./init-certificate.sh
sudo docker-compose up --detach