mayvaneday/tutorials/yggdrasil.html

<!DOCTYPE html>
<html lang="en">
	<head>
		<meta charset="UTF-8">
		<title>How to create a Yggdrasil hidden service on Caddy on Debian 10 - Archive - MayVaneDay Studios</title>
		<link href="../style.css" rel="stylesheet" type="text/css" media="all">
		<meta name="author" content="Vane Vander">
		<meta name="viewport" content="width=device-width, initial-scale=1.0">
	</head>
	<body class="mayvaneday">
		<article>
			<div class="box">
				<p><h1>How to create a Yggdrasil hidden service on Caddy on Debian 10</h1></p>
				<p>first published: 2021-01-16</p>
				<p>last updated: 2021-02-07</p>
			</div>
			<hr>
			<div class="box">
				<ol style="list-style-type: decimal">
					<li>Install Yggdrasil.</li>
				</ol>
				<p><code>sudo apt install dirmngr</code></p>
				<p><code>gpg --fetch-keys https://neilalexander.s3.dualstack.eu-west-2.amazonaws.com/deb/key.txt</code></p>
				<p><code>gpg --export 569130E8CA20FBC4CB3FDE555898470A764B32C9 | sudo apt-key add -</code></p>
				<p><code>echo 'deb http://neilalexander.s3.dualstack.eu-west-2.amazonaws.com/deb/ debian yggdrasil' | sudo tee /etc/apt/sources.list.d/yggdrasil.list</code></p>
				<p><code>sudo apt update; sudo apt install yggdrasil</code></p>
				<ol start="2" style="list-style-type: decimal">
					<li>Install the Caddy web server.</li>
				</ol>
				<p><code>echo "deb [trusted=yes] https://apt.fury.io/caddy/ /" | sudo tee -a /etc/apt/sources.list.d/caddy-fury.list</code></p>
				<p><code>sudo apt update; sudo apt install caddy -y</code></p>
				<ol start="3" style="list-style-type: decimal">
					<li>Get the IP Yggdrasil generates for you.</li>
				</ol>
				<p><code>sudo systemctl start yggdrasil; sudo systemctl enable yggdrasil</code></p>
				<p><code>sudo journalctl -xfe -u yggdrasil</code></p>
				<p>There will be a line that says "Your IPv6 address is". Copy the rest of that line somewhere safe.</p>
				<p>Press the Control and C buttons on your keyboard at the same time to exit <code>journalctl</code>.</p>
				<ol start="4" style="list-style-type: decimal">
					<li>Configure Caddy to serve the hidden service.</li>
				</ol>
				<p>Open <code>/etc/caddy/Caddyfile</code> as root with your favorite text editor.</p>
				<p>Type the following in:</p>
				<pre>
http://[YGGDRASIL_IP_ADDRESS_HERE] {
	root * /your/website/file/path/here
	file_server
	encode gzip
}
				</pre>
				<p>The &quot;http://&quot; in front of the address is important as that tells Caddy to not try to enable HTTPS for that website. HTTPS is unnecessary for Yggdrasil hidden services as all traffic to and from the server is already encrypted in transit. Besides, Let's Encrypt wouldn't be able to issue a certificate for an IP address anyway.</p>
				<ol start="5" style="list-style-type: decimal">
					<li>Restart Caddy to apply your changes.</li>
				</ol>
				<p><code>sudo systemctl restart caddy</code></p>
				<ol start="6" style="list-style-type: decimal">
					<li>Get some peers for Yggdrasil.</li>
				</ol>
				<p>Open <a href="https://github.com/yggdrasil-network/public-peers">this page</a> in a new tab on your browser. On your server, open <code>/etc/yggdrasil.conf</code> as root with your favorite text editor.</p>
				<p>At the top of the configuration file will be a section that looks like this:</p>
				<p><code>Peers: []</code></p>
				<p>Pick some peers from the list and add them to that section of the file (one per line) so it now looks something like this:</p>
				<pre>
  Peers:
  [
    tcp://50.236.201.218:56088
    tcp://lancis.iscute.moe:49273
    tcp://45.77.107.150:34660
    tls://longseason.1200bps.xyz:13122
    tcp://8.9.30.45:34371
    tls://107.189.4.167:42024
  ]
				</pre>
				<p>Substitute for the peers closest to your server geographically.</p>
				<p>Save the file and close it.</p>
				<p><code>sudo systemctl restart yggdrasil</code></p>
			</div>
			<hr>
			<div class="box">
				<p align=right>CC BY-NC-SA 4.0 &copy; Vane Vander</p>
			</div>
		</article>
	</body>
</html>