Open Source · Self-Hosted · Noise Protocol XX

Your devices.
Your server.
Your data.

Relayly is a self-hosted WebSocket relay that syncs your own devices using end-to-end encryption, run it anywhere you own, no accounts, no cloud, no third party ever sees your data.

bash
# Start the relay server with Docker
$ docker compose up --build -d

# Register your first device
$ docker exec relayly /relayly pair "My Phone"

✓ Device registered
  Pairing code: 483 921
  QR code displayed in terminal
  Relay running at ws://localhost:8080/ws
Single Binary
🔒
Zero Accounts
🛡️
Noise Protocol XX
MIT License
Built Different

Everything you need.
Nothing you don't.

Relayly is built on a radical premise: your relay server should be dumb, tiny, and trustless.

🔐

End-to-End Encryption

Noise Protocol XX with X25519 + ChaChaPoly. The server never sees plaintext, only opaque encrypted blobs.

📱

Device Pairing

6-digit short code or QR code. Pair devices in seconds with no accounts, emails, or cloud registration.

Real-time Forwarding

Low-latency WebSocket relaying with minimal server overhead. Built for local-first architectures.

♻️

Auto-reconnect

Exponential-backoff reconnection built into both Go and TypeScript SDKs. Never drop a connection silently.

🗄️

Zero-Config Storage

Embedded SQLite, no PostgreSQL, no Redis. A single portable binary with no external dependencies.

🐳

Docker Ready

Pre-built Docker images and a single portable binary. Deploy with one command on any Linux host.

🖥️

Admin Dashboard

HTMX-powered live dashboard for device management, connection monitoring, and one-click revocation.

🔑

Trustless Architecture

Public Key Locking prevents server-side impersonation. Even a compromised relay can't swap device keys.

How It Works

Three steps.
That's the whole setup.

No accounts. No configuration files to wrestle. Just a server you control and devices that trust only each other.

01

Run the Server

One Docker command. Runs on your VPS, Raspberry Pi, or any machine you own. No sign-up, no cloud account, no configuration required to get started.

$ docker compose up --build -d
✓ Relay running at ws://localhost:8080/ws
02

Pair Your Devices

Generate a 6-digit code or QR scan from any paired device. The code expires in 5 minutes, no long-lived secrets, no manual key exchange.

$ docker exec relayly /relayly pair "My Phone"
✓ Pairing code: 483 921  |  Expires in 5 min
03

Everything Stays Yours

Every message is end-to-end encrypted before it leaves your device. The relay server sees only opaque ciphertext, so even a compromised relay learns nothing.

// Relay sees:  [0xc3 0x4f 0x8a ... 48 bytes]
// Device B decrypts: "Hello from My Phone"

Privacy by Design. Not by Promise.

Relayly was built on a radical premise: your relay server should know nothing about your data. No accounts, no tracking, no analytics. The server is just a dumb pipe that forwards encrypted bytes it cannot read.

Mutual Authentication

Both devices verify each other's static public keys via Noise Protocol XX.

Forward Secrecy

Session keys are ephemeral and discarded after each use. Past sessions cannot be decrypted.

Public Key Locking

Once connected, the server locks a device to its public key. Even a compromised relay can't swap keys.

Support Relayly

Relayly is open-source and community-funded. Your support helps us maintain the infrastructure and continue developing a private, decentralized future.

GitHub Sponsors

Direct support via GitHub

Support us monthly or with a one-time donation through our GitHub organization.

Become a sponsor

Open Collective

Transparent funding

Contribute to our collective and help us fund specific features and maintenance.

Support on Open Collective

Want to contribute code instead?

Join our Discord

Get started in 60 seconds.

Self-host your own relay server with Docker. No cloud provider, no subscription, no lock-in. Your data, your infrastructure.

Read the Docs Star on GitHub

MIT licensed · No telemetry · Go + TypeScript SDKs included