Step by step guide to associate a domain or sub domain to your Honeycomb SPKCC node using Caddy

in #hive-1635212 years ago

This guide will help you associate your domain or subdomain to your SPKCC node. This guide can also be used for the DLUX node or ragnarok node as well. In this guide, I will be using CADDY as my web server. There are so many advantages in using CADDY over other web servers. I see two primary advantages and that's why I use CADDY for all my web server needs.

  • Easy to use. Very simple setup commands
  • Caddy takes care of SSL certificates by itself. We don't have to manually set up an SSL certificate.

The second point is the main reason why I wanted to explore CADDY. Now let's get into setting up a domain or subdomain for our SPKCC node.



Step 1: Install Caddy on the server

The steps are very simple to install Caddy on the server. If you are using an NGINX instance already, you can stop it and then install Caddy. If you are starting fresh, you can straight away go and install Caddy. Below are the commands to get started. All my servers are Ubuntu 20.4 and this worked well for me and I'm sure this should work on other versions of Linux as well.


curl -fsSL | bash
apt update
apt install -y caddy

I'm using a Virtual machine box from @privex so I used their repo to get the package. You can also use a different package link to the repo. The steps were very simple.

Step 2: Edit the Caddyfile

Caddyfile is the configuration file that has all the information about the sites we are hosting. It is one place where we do all the configurations required for the domain association. The below command can be used to access the Cadyfile

sudo nano /etc/caddy/Caddyfile

The default caddy file contents looks like the below:


Once the file is opened, you can make changes in such a way that domain\subdomain is set. I commented out all the existing lines in the file and just added the reverse_proxy line alone. You can also remove all the existing contents of the file and just have the active content alone. That also works. My final Caddyfile looked similar to the below.


The RPC node of SPK usually runs at 3001. But it can be changed to any port in the .env file. In my case, I'm running it on a 3002 port. The application is already running using Pm2. When I set a reverse_proxy in the caddy file. All the requests that are reaching to will be routed to the localchost:3002 port internally. We can have multiple such configurations running in the same machine. We can run a dlux node, ragnarok node, and spkcc node in the same machine.

In my example, I have added a subdomain called herpc. You can also directly associate a domain as well. You can save and exit the file now.

Step 3: Enable your Caddy service

You can either go to the directory of the Caddyfile and run the service manually with the below command.

caddy run

Or enable it as a service. In my case, I enabled it as a service with the below commands.


systemctl enable caddy
systemctl status caddy
systemctl restart caddy

The status check command will tell you if the service is running fine or not. In some cases if the configuration is incorrect or if there are unwanted characters in the Caddyfile, the service may fail to run. The status command will show you an active (running) status similar to the below.


Sometimes the caddy service would be already running on your machine and you may not need to start it again. Only if you are making changes to the Caddy file, do we have to restart the service for the changes to take effect. Otherwise, we are good.

Step 4: Point your domain to the IP address of the server

This is the last step to completing your setup. We have to point the domain\subdomain to the IP address of the server so that all the requests coming to the domain are redirected to the server and caddy is able to serve those requests.

In my case, I have my domains on Namecheap and as I was adding a subdomain, it was very simple to just add an A record in the domain's DNS configuration and point it to the IP address of my witness server.


The configuration page looks similar to the above and it will vary from one service provider to another. In the Value field, you will have to enter the IP address of your spkcc node.

You can do this step before all the other steps as well. It doesn't really matter if you add the A record before or after. It is good to do it before because it usually takes some time for the domain to propagate. If you do this step first, the propagation would have happened before you complete the other steps.

Step 5: Test if our configuration worked

It is quite simple to test if the configuration worked or not. Try visiting your node URL directly from a browser. In my case, it is The URL worked. It should give you a result similar to the below.


You can also test this on your Linux machine using the CURL command. The output should look like the below.

With this, we are done with associating a subdomain to the SPKCC node. The good thing about Caddy is, that we don't have to deal with SSL certificates. Caddy takes care of it.

If you like what I'm doing on Hive, you can vote me as a witness with the links below.

Vote @balaz as a Hive Witness

Vote @kanibot as a Hive Engine Witness

Posted with STEMGeeks


Don't forget to add an AAAA record for ipv6 support.

when can i have a hive web browser, purchase a hive web domain that last forever ?

You should make a collection of your tutorials.

!discovery 41

Exactly this is why I was not using a domain for my nodes, I had the domain but had difficulties setting up the SSL and didn't bother to fix it as it was not of crucial importance. Your way of doing it with caddy is easy-peasy, it took me a bit to set the correct A record/nameservers but I didn't have to touch the SSL part at all.

As always, super-duper tuts from you, THANK YOU THANK YOU! 😁

Your content has been voted as a part of Encouragement program. Keep up the good work!

Use Ecency daily to boost your growth on platform!

Support Ecency
Vote for new Proposal
Delegate HP and earn more

Interesting, interesting, when did you start using this?


You have received a 1UP from @gwajnberg!

The @oneup-cartel will soon upvote you with:
@stem-curator, @vyb-curator, @pob-curator, @neoxag-curator
And they will bring !PIZZA 🍕.

Learn more about our delegation service to earn daily rewards. Join the Cartel on Discord.

This post was shared and voted inside the discord by the curators team of discovery-it
Join our community! hive-193212
Discovery-it is also a Witness, vote for us here
Delegate to us for passive income. Check our 80% fee-back Program

Thanks for your contribution to the STEMsocial community. Feel free to join us on discord to get to know the rest of us!

Please consider delegating to the @stemsocial account (85% of the curation rewards are returned).

You may also include @stemsocial as a beneficiary of the rewards of this post to get a stronger support. 

This post has been manually curated by @bhattg from Indiaunited community. Join us on our Discord Server.

Do you know that you can earn a passive income by delegating to @indiaunited. We share 100 % of the curation rewards with the delegators.

Here are some handy links for delegations: 100HP, 250HP, 500HP, 1000HP.

Read our latest announcement post to get more information.


Please contribute to the community by upvoting this comment and posts made by @indiaunited.


Each cover domain resolves to an IP address that is located at a commercial VPS (Virtual Private Server) provider. The public-facing server forwards all incoming traffic via a VPN to a 'Blot' server that handles actual connection requests from clients. It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the 'Honeycomb' toolserver that communicates with the implant; if a valid certificate is missing (which is the case if someone tries to open the cover domain website by accident), the traffic is forwarded to a cover server that delivers an unsuspicious looking website.

The Honeycomb toolserver receives exfiltrated information from the implant; an operator can also task the implant to execute jobs on the target computer, so the toolserver acts as a C2 (command and control) server for the implant.

Similar functionality (though limited to Windows) is provided by the RickBobby project.

See the classified user and developer guides for HIVE.



Thanks for this tutorial! This should be public for everyone that wants to run it!

You can earn passive income by delegation of tribe tokens to "The Cartel".

Click this banner to join "The Cartel" discord server to know more.

Thank you for sharing this amazing post on HIVE!
  • Your content got selected by our fellow curator @priyanarc & you just received a little thank you via an upvote from our non-profit curation initiative!

  • You will be featured in one of our recurring curation compilations and on our pinterest boards! Both are aiming to offer you a stage to widen your audience within and outside of the DIY scene of hive.

Join the official DIYHub community on HIVE and show us more of your amazing work and feel free to connect with us and other DIYers via our discord server: !

If you want to support our goal to motivate other DIY/art/music/homesteading/... creators just delegate to us and earn 100% of your curation rewards!

Stay creative & hive on!

Congratulations @balaz! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s):

You received more than 1500 upvotes.
Your next target is to reach 1750 upvotes.

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

Check out the last post from @hivebuzz:

Our Hive Power Delegations to the June PUM Winners
Feedback from the July 1st Hive Power Up Day
Support the HiveBuzz project. Vote for our proposal!