How to Set Up Caddy, Tor Hidden Service & I2P Site on NixOS

Resources for setting up Caddy Reverse Proxy, Tor Hidden Service and I2P Site on NixOS

Feb 7, 2023 • 2 min read

Caddy Server instead of NGINX

Caddy is a powerful, open source web server with automatic HTTPS
Caddy takes care of TLS certificate renewals, static file serving, and reverse proxying
Single, static binary that compiles for any platform
Caddy has no dependencies — not even libc
Written in Go, Caddy offers greater memory safety than servers written in C, such as NGINX

NixOS is an independently developed GNU/Linux distribution that aims to improve the state of the art in system configuration management
The entire operating system, including the kernel, applications, system packages and configuration files, are built by the Nix package manager
Nix stores all packages in isolation from each other; as a result there are no /bin, /sbin, /lib or /usr directories and all packages are kept in /nix/store instead
Include reliable upgrades, rollbacks, reproducible system configurations, source-based model with binaries, and multi-user package management
Includes hardware detection, KDE as the default desktop, and systemd for managing system services

You want to serve content or data (Bitcoin Full Node) without having to buy and register a 'clearnet' domain name
You wish to avoid censorship and surveillance
To run a service that you want to hide/remain hidden and not tied to you in any way (Silk Road Model); operator may have a vested interest in remaining hidden, whether for political or other reasons
To provide a secure and anonymous way for visitors to reach you, even if you don’t care about the site being attributed to you (Facebook Model); owners and operators are known