I have no experience with mixing Raspberry Pi and OpenBSD, but my default go-to is Void Linux, in my experience the best operating system you can install on a RPI, Void has a really fast package manager, even on slow SD cards. One of my redundant I2P routers is running on an RPI4 like yours, though I got 4GiB of RAM, works like a charm.

you can run some stuff off of that, i'd look for things that are light on memory requirements.

• IRC servers run light, probably other chat servers minus matrix
• java/i2p+ can host personal sites and have plugins for blog and zzzot open tracker with no extra overhead. You can reduce the wrapper memory usage. new zzzot uses less memory so i think if you give the router 256mb it should do fine, but can't confirm
• js-free filehost or pastebin
• books
• radio
• privacy frontends: we have lots of reddit ones now, how about a more rare one like libermbd or soundcloak

It's a Raspberry PI 4 that I got for dirt cheap, 1GB LPDDR4-3200 SDRAM with a Broadcom BCM2711, Quad core Cortex-A72 (ARM v8) 64-bit SoC @ 1.8GHz (I know not the best specs) I was thinking of trying OpenBSD on it, wanted to dip my toes in it.

i am also interested

give us an idea of what the ram/cpu limits are

For me, the experience having tested i2p and tor I wonder why this is so unknown. We all need privacy after all. Also once you have the client it's pretty easy to use if you have basic tech skills (like knowing how to setup a proxy in your browser). I tried using outproxies for ease use (it's kinda annoying having to go back and forth from another window or browser to go to clearnet stuff) but I acknowledge tor is better for that and intended for it.

yea use what you're gonna be most productive with. i2p+ has a good throttle/filter system that helps a lot, not a lot of problems because of that, but like if you try to host a wordpress site here with i2pd you're gonna have a bad time

sort of fun challenge for me to try doing stuff without js, depends what you wanna do though, but get pretty far using some combination of frames refresh and cookies. http://simp.i2p/chat is jank, no doubt, but, no js needed lmao. possibly relevant to your security outfit, the chat page http://simp.i2p/botcheck attempts to do a bot challenge with css. unless you're specifically worried about bot spam that's completely unnecessary, just giving some ideas for stuff that can be done without js

lots of neat css tricks out there, like http://simp.i2p/search the styled dropdown is a checkbox, and http://gatheryourparty.i2p has a star rating on the posts but the stars are radio buttons. snex has that one setup with a ruby backend

not so familiar with those ecosystems, but think it's a little slower getting started like this but once you've got some templates it gets faster ;)

Are you sure this JSX template not gonna generate any JS on client side? I have a doubt about it :)

i forgot to mention this in the first post but i recommended hono because you can use jsx for templating https://hono.dev/docs/guides/jsx for hosting you should deno or bun instead of node. you might get better performence

You can install i2pd over Termux, and then tweak and edit the config files using nano or vim from Termux as well so I assume adding keyrings must be trivial, you technically could even host an eepsite if you use i2pd running on top of Termux. I have no idea if the Java implementation can run over Termux as I never tried but it probably can.

Seems like PHP the way for darknet. As you mention, even I am using JS blockers on my browser while surfing on darknet. I never work with C# ecosystem but I heard about Blazor. Looks fine for darknet as long as not creating any JS on client side.

Thank you for sharing your experience.

Flask also good option on backend but it's been a while I don't use python, and don't feel productive the syntax :) Thank you for sending me scanners tools tho, I will definitely gonna check it out before publishing it.

Seems like PHP + HTML + CSS still solid option for my case. I still wanna figure out how can I find a way to become more productive on PHP. I like the Laravel ecosystem but seems like most of the frontend from JS tech which is not suitable for me. I checked the symfony but seems like they are also continue with some other JS tech on frontend.

Thanks for your comment and good projects

Looks promising but looks like cloudflare backed, in documentation they showing cloudflare and other cloud providers deployment ways. If I would create something on hidden service or i2p, i probably would host myself, i mean managing on linux server with Nginx. I assume you can do it with pm2 but still not like strong way to manage. In the other hand, I didn't find any template engine like pug on node.js, maybe I couldn't find it. Thanks for writing it tho, learned a new tech on JS ecosystem :)

I'm guessing the best backend would be anything that does serverside rendering (SSR), like PHP. This means the HTML page is built on the server dynamically before it is sent to your web browser. Many people on the darkweb use javascript blockers so any sort of interactivity will likely be broken, so no React or whatever people use nowadays. PHP is a great choice because of how old it is and how easy it is to set up, though anything is fair game. I personally use Blazor (C#) for my website and it lets me create reusable components and easy integration with databases through EF Core

hono looks pretty interesting for building a website without client javascirpt.

don't think that's a bad idea. probably any decent web framework just with html/css would probably be fine. http://terminus.i2p does this with php/html/css, it's source is on http://git.simp.i2p/fuzzykitten/dev_endboard. i've used flask a lot for some things like http://git.simp.i2p/simp/i2music. there's a rust based wsgi/asgi server granian that offers better performance over the normal gunicorn/uvicorn, also some good web frameworks in rust too though not as mature as many of the standard options. there's vulnerability scanners active in i2p even if you don't publish it to a registrar just to keep in mind, i'm always a little concerned about which endpoints are exposed and how they'd be abused

By "unsecure JS" they usually mean the fact that clientside javascript can make XHR requests to clearnet servers that try to impersonate you. It was historically an attack vector during the early days of I2P when the recommended way to use it was FoxyProxy which was installed in your normal browser and only routed through your 4444 links ending with "*.i2p". This setup was unsecure as fuck because clearnet XHR requests from i2p page weren't routed through i2p and thus revealed your real IP address. I think those days are long gone and people mostly don't use I2P like that. I personally use "multi-account containers" Firefox extension and everything within I2P container is required to route through 4444 even if it's XHR to clearnet. Average users probably use a dedicated browser or run it within Tor browser. And even then, if you still consider clientside JS to be unsecure, in case of tech like NextJS when you can have purely serverside JS, it's no different from PHP. Idk about Nuxt, but I assume you can also have 100% SSR there.

I am using Nuxt.js and Vue.js on my professional job. But whenever I research about creating webapp or website on hidden service or i2p, people start talking about how unsecure JS. Even some of the marketplaces on hidden services have two options, no js and js modes. Already talked a bit with ChatGPT but seems like not giving any good answer, that's why decided to create this post.

Maybe I will go with PHP on backend and Pure HTML, CSS on frontend. Seems like it will take a lot of time to setup my boilerplate. Thank you for answer :)

PHP is a fine choice, but I'd use NextJS personally. I wouldn't go for NoJS, but it's entirely possible to create 100% NoJS website (even forum, imageboard, store) using NextJS. You need to learn a bit of modern web technology to understand how this works. My best suggestion is to talk to ChatGPT about web development in context of I2P and keep asking questions for clarification until you get all the details.

True dat

So purdy

"getting I2P up and running is more of a challenge. It's not a deal-breaker, but it does require more technical know-how than the average user is likely to have."

Honestly I see this as a strength. It gives a barrier of entry to block out stupid asf normies such as the ones on Tor. Most people here are actually cool, I guarantee the seed/leech ratio on postmans tracker would be 1000% worse if it was as easy as Tor simply because normies ruin everything. also the people that run most of the biggest services here are easily reachable because of the smaller and more chill user base. I can fr just hit up notbob on irc or idk (probably postman as well but havent done that).

TL;DR Tor users are sux because there is not a barrier of entry.

This is much cleaner, thanks!

Hi. I2P rulez, ya.

Can anybody tell my what's wrong with exit.stormycloud.i2p outproxy last week? Can not open many sites, unsable connection...

it's good to hear newcumers experience bc it exposes these sorts of weaknesses. i have some guides available that need to be reworked/organized anyway, would appreciate input or like topics you think important that's lacking http://simp.i2p/i2p-guide. didn't have one on eepsites since there's more than a few floating around. the "chat" tab will also let you ask questions on #i2p, which is the support channel for i2p (links to IRC2P) without JS or a proper IRC client setup.