How to Set Up Caddy, Tor Hidden Service & I2P Site on NixOS

Resources for setting up Caddy Reverse Proxy, Tor Hidden Service and I2P Site on NixOS

How to Set Up Caddy, Tor Hidden Service & I2P Site on NixOS

Caddy Server instead of NGINX

  • Caddy is a powerful, open source web server with automatic HTTPS
  • Caddy takes care of TLS certificate renewals, static file serving, and reverse proxying
  • Single, static binary that compiles for any platform
  • Caddy has no dependencies β€” not even libc
  • Written in Go, Caddy offers greater memory safety than servers written in C, such as NGINX


  • NixOS is an independently developed GNU/Linux distribution that aims to improve the state of the art in system configuration management
  • The entire operating system, including the kernel, applications, system packages and configuration files, are built by the Nix package manager
  • Nix stores all packages in isolation from each other; as a result there are no /bin, /sbin, /lib or /usr directories and all packages are kept in /nix/store instead
  • Include reliable upgrades, rollbacks, reproducible system configurations, source-based model with binaries, and multi-user package management
  • Includes hardware detection, KDE as the default desktop, and systemd for managing system services

Reasons to Run a Tor Hidden Service or an I2P Site (eepsite)

  • You want to serve content or data (Bitcoin Full Node) without having to buy and register a 'clearnet' domain name
  • You wish to avoid censorship and surveillance
  • To run a service that you want to hide/remain hidden and not tied to you in any way (Silk Road Model); operator may have a vested interest in remaining hidden, whether for political or other reasons
  • To provide a secure and anonymous way for visitors to reach you, even if you don’t care about the site being attributed to you (Facebook Model); owners and operators are known

Tutorials: How to set up Caddy, a Tor hidden service and an I2P Eepsite on NixOS