How to create an I2P eepsite on Caddy on Debian 10

first published: 2021-02-08

1. Install I2PD (an I2P router that is lighter on resources than the original I2P).

sudo apt install i2pd

2. Install the Caddy web server.

echo "deb [trusted=yes] https://apt.fury.io/caddy/ /" | sudo tee -a /etc/apt/sources.list.d/caddy-fury.list

sudo apt update; sudo apt install caddy -y

3. Edit /var/lib/i2pd/tunnels.conf to create the eepsite.

Open /var/lib/i2pd/tunnels.conf in your favorite text editor. (Please note that this usually requires root privileges.)

Go to the end of the file and add:

[mycooleepsite]
type = http
host = 127.0.0.1
port = 80
keys = mycooleepsite.dat
				

4. Restart I2PD.

sudo systemctl restart i2pd

5. Find out your new eepsite's hash.

Open http://127.0.0.1:7070 in a web browser that can access that machine's localhost.

If you don't know what you're doing, run the following:

sudo apt install lynx -y

lynx http://127.0.0.1:7070

Go to the "I2P Tunnels" page. (In Lynx, press the down arrow until "I2P Tunnels" is highlighted, and then press the enter key.)

In the "Server Tunnels" section, there should be a string that looks something like VERYLONGHASH.b32.i2p. Copy the VERYLONGHASH part.

6. Configure Caddy to serve the eepsite.

Open /etc/caddy/Caddyfile as root with your favorite text editor.

Type the following in:

http://VERYLONGHASH.b32.i2p {
	root * /your/website/file/path/here
	file_server
	encode gzip
}
				

The "http://" in front of the address is important as that tells Caddy to not try to enable HTTPS for that website. HTTPS is unnecessary for I2P eepsites as all traffic to and from the server is already encrypted in transit. And since I2P eepsites aren't accessible on the normal clearnet, the request for Let's Encrypt to give Caddy a certificate would fail as they wouldn't be able to access the domain.

7. Restart Caddy to apply your changes.

sudo systemctl restart caddy

CC BY-NC-SA 4.0 © Vane Vander