Host a Web Site with a Domain on IPFS

This article describes how to host a web site on IPFS.

Access to a Registered Domain and DNS records.
Edit your DNS to point the A record to the IPFS server. We will need this to resolve in order to install a Let’s Encrypt Certificate.

Lets Start with an Update

# sudo apt update 
# sudo apt upgrade -y

Lets create a new user account to run IPFS and switch to it:

# adduser ipfs

Install sudo

# apt install sudo

Edit sudo and add the ipfs user

# visudo

Add the IPFS user below root

# User privilege specification
root    ALL=(ALL:ALL) ALL
ipfs    ALL=(ALL:ALL) ALL

change to the IPFS user.

# su ipfs

Install IPFS
Get the latest release at

$ wget
$ tar xfv kubo_v0.16.0_linux-amd64.tar.gz
$ cd kubo

Initialize IPFS:

$ ipfs init --profile=server

Switch to the root user:

$ exit

Allow the ipfs user to run long-running services by enabling user lingering for that user:

# loginctl enable-linger ipfs

Create the file /etc/systemd/system/ipfs.service with this content:

# nano /etc/systemd/system/ipfs.service


Description=IPFS Daemon
ExecStart=/usr/local/bin/ipfs daemon --enable-namesys-pubsub

Enable and start the service:

# systemctl enable ipfs
# systemctl start ipfs

IPFS should be up and running, and start when the server boots.

Check IPFS

$ su ipfs
$ ipfs swarm peers

Add Website Files

Create a folderfor your website files. Add this folder in the ipfs/home directory

$ cd ~
$ mkdir mysitefiles

Upload the site files to the directory. Now we can add these to IPFS with the following contect

$ ipfs add -r <path>

This adds all contents of the folder at to IPFS, recursively. You should see output similar to this:

$ ipfs add -r mysitefiles


 ipfs add -r mysitefiles/
added QmZrSe9TABdSsWL38FJTp4fW7TposFuzRLSBRYAEMVt1RE mysitefiles/about.html
added Qmdf1mYmCjivJWcXpGikf87PV5VkBo6DQugsjq6GdNZ1az mysitefiles/index.html
added QmW8U3NEHx3p73Nj9645sGnGa8XzR43rQh3Kd52UKncWMo mysitefiles/moon-logo.png
added QmQ91HDqAt1eE7X4DHuJ9r74U3KgKN3pDGidLM6sadK2q2 mysitefiles
 12.66 KiB / 12.66 KiB [==================================================================================================] 100.00%

Each of the long sequence of numbers is called a Content Identifier or CID. These are cryptographically hashed. We can now check to see if the site loads. You can check and use an active gateway here:

Add the main Content Identifier (CID) folder ID to the URL. How to link to content on IPFS.<CID>
# e.g

Now we can set up the DNS records. See:

Login to manage your DNS. Add the following TXT Record:


Here is my Namecheap DNS

Install nginx with Let’s Encrypt SSL certs
Change to root

$ su root 


# apt-get update
# apt-get install nginx

Check status to make sure it started and is not throwing any errors:

$ systemctl status nginx


● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: en
   Active: active (running) since Wed 2021-06-16 22:59:51 UTC; 1min 44s ago
     Docs: man:nginx(8)
  Process: 13062 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process
  Process: 13063 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (cod
 Main PID: 13064 (nginx)
    Tasks: 2 (limit: 1163)
   Memory: 5.3M
   CGroup: /system.slice/nginx.service
           ├─13064 nginx: master process /usr/sbin/nginx -g daemon on; master_pr
           └─13065 nginx: worker process

Jun 16 22:59:51 ip-10-0-1-209 systemd[1]: Starting A high performance web server
Jun 16 22:59:51 ip-10-0-1-209 systemd[1]: nginx.service: Failed to parse PID fro
Jun 16 22:59:51 ip-10-0-1-209 systemd[1]: Started A high performance web server
lines 1-16/16 (END)

Get your IP and open it with browser to make sure Nginx is serving its default page:

$ curl -s
$ curl -s Ip_address

Now browse to http://your-ip-here and you should see the Nginx default page “Welcome to Nginx”.

Set Up your nginx configs:

$ sudo mv /etc/nginx/sites-available/default /etc/nginx/sites-available/default_back
# sudo nano /etc/nginx/sites-available/default

Copy and paste this config (change to your domain)

server {
    server_tokens off;

    listen 80;
    listen [::]:80;
    listen 443 ssl;
    listen [::]:443 ssl;

    location / {
        proxy_pass http://localhost:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;

Test that new config syntax and make sure it is ok:

$ sudo nginx -t

If all good reload:

$ sudo systemctl reload nginx

Add Lets Encrypt according to this article –

The final config should resemble this:

server {
    server_tokens off;

    location / {
        proxy_pass http://localhost:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

server {
    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;
    return 404; # managed by Certbot

The site should now be available.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.