1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
---
title: "Tor"
date: 2021-06-30
icon: "tor.svg"
tags: ["service"]
short_desc: "Set your site up privately on the 'dark web.'"
---
Now that you have a website, why not offer it on a private alternative
such as the onion network?
## Setting up Tor
### Installing Tor
First, we need to ensure that our CPU architecture is supported. Ensure
that it is either amd64, arm64, or i386:
dpkg --print-architecture
We need to [add the Tor repos to our
system](https://support.torproject.org/apt/tor-deb-repo/) to get the
latest version of Tor:
apt install -y apt-transport-https gpg
echo "deb [signed-by=/usr/share/keyrings/deb.torproject.org-keyring.gpg] https://deb.torproject.org/torproject.org $(lsb_release -cs) main
deb-src [signed-by=/usr/share/keyrings/deb.torproject.org-keyring.gpg] https://deb.torproject.org/torproject.org $(lsb_release -cs) main" > /etc/apt/sources.list.d/tor.list
Then we need to add the GPG keys to our keyring:
curl -s https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor > /usr/share/keyrings/deb.torproject.org-keyring.gpg
Now install Tor:
apt update
apt install tor deb.torproject.org-keyring
### Enabling Tor
Next edit the file `/etc/tor/torrc`, uncommenting the following lines:
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80
#### Optional: Running multiple onion services
If you want to forward multiple virtual ports for a single onion
service, just add more HiddenServicePort lines (replace the 80 with any
unoccupied port).
If you want to run multiple onion services from the same Tor client,
just add another HiddenServiceDir line.
Now start and enable Tor at boot:
systemctl enable --now tor
If the next command outputs "active" in green you\'re golden!
systemctl status tor
Now your server is on the dark web. The following command will give you
your onion address:
cat /var/lib/tor/hidden_service/hostname
## Adding the Nginx Config
From here, the steps are almost identical to setting up a normal website
configuration file. Follow the steps as if you were making a new website
in the webserver [tutorial](/basic/nginx) up until the server block of
code. Instead, paste this:
server {
listen 127.0.0.1:80 ;
root /var/www/sich ;
index index.html ;
server_name your-onion-address.onion ;
}
#### Clarification
Nginx will listen on port 80 for your _server\'s_ localhost.
The `root` line is the path to whichever website of yours you\'d like to
mirror.
Now we are almost done, all we have to do is enable the site and reload
nginx which, is also covered in [the webserver
tutorial](/basic/nginx#enable).
### Advertise your onion service
You can add the Onion-Location header to your normal website to
advertise your onion service to Tor users. On your regular site\'s nginx
config, add the following line:
server {
...
add_header Onion-Location http://your-onion-address.onion$request_uri;
}
After doing this and reloading nginx, when visiting your regular site
via Tor, you should see a \".onion available\" button on the address
bar, which should take you to the onion service.
### Update regularly!
Make sure to update Tor on a regular basis by running:
apt update
apt install tor
#### Note:
You do **<u>not</u>** need to run certbot for an ssl certificate.
HTTP over tor is plenty secure!
|
