Prerequisites

Software:

Hardware (see Hardware section for details):

Quick Install

  1. Clone and build:

    git clone https://github.com/gnarzilla/meshtastic.deadlight.git
cd meshtastic.deadlight
make clean && make UI=1

  2. Install CA certificate (for HTTPS interception):

    # The proxy generates these on first run:
# /etc/deadlight/ca.crt (install on clients)
# /etc/deadlight/ca.key (keep secret)

# Debian/Ubuntu
sudo cp /etc/deadlight/ca/ca.crt /usr/local/share/ca-certificates/deadlight-mesh.crt
sudo update-ca-certificates

  3. Connect your Meshtastic radio:

    # Most devices appear as /dev/ttyACM0 or /dev/ttyUSB0
ls -l /dev/tty*

# Give yourself permission (or run as root)
sudo usermod -a -G dialout $USER

  4. Run the proxy:

    sudo ./bin/deadlight -c meshtastic.conf

  5. Configure mesh clients to use the gateway's mesh address as their proxy (see Usage).

Hardware

Recommended Gateway Setup

Option 1: Raspberry Pi Gateway (most versatile)

Option 2: ESP32-S3 All-in-One (compact)

Option 3: Industrial/Outdoor

Client Devices

Any Meshtastic-compatible device works:

Radio Configuration

For best Internet gateway performance:

# In Meshtastic app or CLI
meshtastic --set lora.region US --set lora.modem_preset LONG_FAST
meshtastic --set lora.tx_power 30  # Maximum (check local regulations)
meshtastic --set lora.hop_limit 3  # Adjust for network size

Usage

Basic Configuration

Edit meshtastic.conf:

[core]
port = 8080
max_connections = 50
log_level = info

[meshtastic]
enabled = true
serial_port = /dev/ttyACM0
baud_rate = 115200
mesh_node_id = 0x12345678  # Your gateway's Meshtastic ID
fragment_size = 220        # Max payload per packet
ack_timeout = 30000        # 30 seconds for mesh ACKs
max_retries = 3

[ssl]
enable_interception = true
ca_cert = /etc/deadlight/ca/ca.crt
ca_key = /etc/deadlight/ca/ca.key

[network]
pool_max_per_host = 5      # Reuse connections aggressively
pool_idle_timeout = 600    # Keep idle connections longer
upstream_timeout = 120000  # Allow slow mesh responses

Client Setup

On mesh client devices, configure proxy settings:

# Linux/Mac
export http_proxy=mesh://gateway-node-id:8080
export https_proxy=mesh://gateway-node-id:8080

# Or in applications:
# HTTP Proxy: gateway-node-id port 8080
# SOCKS5: gateway-node-id port 8080

On Android (using Meshtastic app + ProxyDroid):

  1. Install ProxyDroid
  2. Set proxy to gateway node's mesh ID
  3. Connect Meshtastic app via Bluetooth

Testing

# From mesh client node
curl -x mesh://gateway:8080 http://example.com

# Send email via mesh
curl -x mesh://gateway:8080 \
  --mail-from sender@example.com \
  --mail-rcpt recipient@example.com \
  --upload-file message.txt \
  smtp://smtp.gmail.com:587

# SOCKS5 for SSH over mesh
ssh -o ProxyCommand="nc -X 5 -x gateway:8080 %h %p" user@remote-server

Configuration

Optimizing for Mesh Performance

Bandwidth Conservation:

[plugins]
# Enable aggressive compression
compressor.enabled = true
compressor.min_size = 512
compressor.algorithms = gzip,brotli

# Cache aggressively to reduce mesh traffic
cache.enabled = true
cache.max_size_mb = 500
cache.ttl_hours = 24

Latency Tolerance:

[meshtastic]
# Longer timeouts for multi-hop paths
ack_timeout = 60000
max_retries = 5

[network]
# Don't timeout on slow mesh responses
upstream_timeout = 300000  # 5 minutes
connection_timeout = 180000  # 3 minutes

Priority Shaping:

[plugins]
ratelimiter.enabled = true
# Reserve bandwidth for critical services
ratelimiter.priority_high = smtp,imap,dns
ratelimiter.priority_low = http_video,http_images

Advanced: Multi-Gateway Setup

For redundancy, run multiple gateways:

[meshtastic]
gateway_mode = true
announce_interval = 300  # Announce availability every 5 min
prefer_local = true      # Route via nearest gateway
load_balance = true      # Distribute across gateways