.onion support?

I’m not sure how to ask this. Does Caddy support .onion Tor hidden services? Like can I run a hidden service from Caddy?

1 Like

Yes, just like Apache and nginx can be used as well. It doesn’t really depend on the web server. You perform your usual Caddy configuration and then configure Tor to listen on Caddy’s port.

I can’t give you more details as I’ve never done it before, but that should give you a basic idea :slight_smile:

Edit: You will probably need to disable Caddy’s automatic HTTPS (add “tls off” to your website directives).

1 Like

I have tried this successfully. Just set up a fancy Hugo site. First you configure the hidden service and start tor, then copy over the address generated to the Caddyfile. I’ve tested this on FreeBSD 10 with Caddy 0.9.1.

http://838ntocanthubaua.onion:80 http://838ntocanthubaua.onion:8080 localhost:8080 127.0.0.1:8080 {
    root /usr/local/www/hiddensite/public
    hugo /usr/local/www/hiddensite {
        buildDrafts
        watch
        theme paperback
    }
    log ./hiddensite.log
    tls off
    gzip
    basicauth /admin hidden mysuperstrongcomplexpassword
    header / {
        X-XSS-Protection "1; mode=block"
        X-Content-Type-Options "nosniff"
        X-Frame-Options "DENY"
        Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; font-src https://fonts.gstatic.com; style-src 'self' https://fonts.googleapis.com"
    }
}

Edit: Removed HSTS header. Tor hidden services do not need https, but it doesn’t hurt to have it. I haven’t tried it and don’t know how it would be possible to get a cert for an onion site using letsencrypt.

1 Like

Wow, thanks for such the comprehensive response. Looks easy enough, thank you!

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.