Using YunoHost as a Tor Hidden Service

warning

This tuto is not finished ! Some data could leak with this setup like the main domain of your YunoHost, so it's not a "Hidden Service". See The official Tor hidden service documentation.

Installing Tor

apt install tor

Configuring our hidden service

Edit /etc/tor/torrc, and add these lines:

HiddenServiceDir  /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80
HiddenServicePort 443 127.0.0.1:443

Restart Tor

service tor restart

Get your Tor Hidden Service hostname

cat /var/lib/tor/hidden_service/hostname

Your domain looks like random123456789.onion

Add the .onion domain to YunoHost

yunohost domain add random123456789.onion

Avoid SSO redirection (optional)

If you want to avoid being redirected to the SSO portal at login, you can deactivate SSOwat for this specific tor domain, by editing the file /etc/nginx/conf.d/random123456789.onion.conf and commenting the following line (two times):

#access_by_lua_file /usr/share/ssowat/access.lua;

Restart NGINX

service nginx restart

Installing Tor​

Configuring our hidden service​

Restart Tor​

Get your Tor Hidden Service hostname​

Add the .onion domain to YunoHost​

Avoid SSO redirection (optional)​

Restart NGINX​