Everything described below is the result of a technical experiment. The material is not advertising, does not call for any action, is provided for informational purposes only, and was prepared as part of research.
Introduction
The Open Network (TON) is a high-performance L1 blockchain with a sharded architecture. Unlike the traditional web, where content depends on centralized hosting providers and DNS registrars, TON Sites use the TON Storage component and the TON ADNL protocol to create a fully autonomous ecosystem. This makes it possible to deploy web resources that are censorship-resistant, protected from DDoS attacks at the protocol level, and use .ton domains as cryptographically provable addresses.
This note assumes that:
- the site has already been built;
- a server is available (Debian/Ubuntu);
- the built site is served by nginx on the server (having an SSL certificate does not matter);
- there is a registered .ton domain.
Installing tonutils-reverse-proxy
For the TON network to understand that the domain exists, an ADNL address must be attached to the domain name (which sounds like nothing new). This requires installing tonutils-reverse-proxy from the GitHub repository, which does exactly that. To do this:
Create a folder where everything will be stored and go into it:
sudo mkdir -p /home/tonutils && cd /home/tonutils
Download tonutils-reverse-proxy for the required architecture and grant permissions:
sudo wget https://github.com/tonutils/reverse-proxy/releases/latest/download/tonutils-reverse-proxy-linux-amd64
sudo chmod +x tonutils-reverse-proxy-linux-amd64
After installation, perform the first launch:
./tonutils-reverse-proxy-linux-amd64 --domain YOUR-DOMAIN-NAME.TON
A QR code will appear on the screen so that the TON network can attach the ADNL address to the domain name, naturally for a fee. The easiest way to pay is through Tonkeeper. After the payment is completed, the logs will show that everything succeeded and the site is ready to respond, which means the domain name has been attached and the network has learned about it. Now stop tonutils-reverse-proxy. After the first launch, a configuration file named “config.json” will be created next to the binary file.
Configuration
In “config.json”, configure the connection between tonutils-reverse-proxy and nginx. To do this, set the port and address where nginx is ready to serve the site. By default, this is “http://127.0.0.1:80/” under the “proxy_pass” key. If you do not like it, the port and interface can be changed to your own values:
sudo mcedit ./config.json
Next, tell nginx where and what to serve by editing the configuration:
sudo mcedit /etc/nginx/sites-available/site-directory
and add a new server:
server {
listen 127.0.0.1:80; # same as TON Proxy in config.json
server_name YOUR-DOMAIN-NAME.TON; # TON domain
root /var/www/SITE-NAME;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
Check and restart:
sudo nginx -t
sudo systemctl restart nginx
Now you can run tonutils-reverse-proxy without additional flags. It will load the configuration located next to it, that is, “config.json”.
sudo ./tonutils-reverse-proxy-linux-amd64
The site should become available at tonsite://YOUR-DOMAIN-NAME.ton. Most likely, it will not be accessible without a VPN/Proxy.
Autostart
To make everything start automatically, create and write an autostart configuration. Open the file:
sudo mcedit /etc/systemd/system/ton-proxy.service
Insert:
[Unit]
Description=TON Reverse Proxy
Documentation=https://github.com/tonutils/reverse-proxy
After=network.target
[Service]
User=RUN_USER
NoNewPrivileges=true
ExecStart=/home/tonutils/tonutils-reverse-proxy-linux-amd64
WorkingDirectory=/home/tonutils/
Restart=on-failure
RestartPreventExitStatus=23
RuntimeDirectoryMode=0755
[Install]
WantedBy=multi-user.target
Reload the service list:
sudo systemctl daemon-reload
Enable autostart:
sudo systemctl enable ton-proxy
Restart and check the status:
sudo systemctl restart ton-proxy && sudo systemctl status ton-proxy