Become Sovran

Mirroring your existing site to the Tor network.

Aug 28, 2022

Back for more Tor fun. I’ve covered hosting on the Tor network in a previous post but that post is focused on hosting your .onion site on the same server that is hosting your website via a NGINX proxy. Ill be using a tool called “The Enterprise Onion Toolkit” or EOTK in this post.


This walk-through is focused on setting up a VPS for mirroring but id like to note that EOTK can be set up on a Raspberry Pi as well. Since both Raspbian and Ubuntu are Debian based it should translate over fairly well but I have not tested this on a RasPi as of writing. I’m choosing a VPS purely for up-time.


EOTK acts as a “man in  the middle” style proxy for your existing sites making it a fairly low maintenance way to get a presence on Tor.


This walk-through also assumes some familiarity with a command line.


INSTALLING


Spin up a VPS on your favorite hosting service. I used Ubuntu 20.04 on a cheap VPS. Do not use 22.04 as it no longer uses libssl1.1 and this service will not work with libssl3 at the time of writing.


Its generally not a good idea to mix system wide resources like the libssl library. You could spin up a VM and run libssl1.1 inside that VM with EOTK if your already on 22.04 server but I’m not covering that in this guide. Moving on.


Before installing things run an update with

    sudo apt update && sudo apt upgrade -y

After that is done go a head a clone the package with :


    Git clone https://github.com/alecmuffett/eotk.git


then navigate to the directory :

   cd eotk

and then run :

    ./opt.d/build-ubuntu-20.04.s


This will take a little while to install. Go stretch or something.


Once its done we need to generate some files run :


    ./eotk make-scripts


Take some time to read these files. You still should be in the /eotk file path so after the last command is done type :


    ls


This should show you a mess of files. The ones your after are :


    eotk-housekeeping.sh


    eotk-init.sh


View them with nano

Each file asks you to do a few things. eotk-init.sh asks you to run something like :


   sudo cp eotk-init.sh /etc/init.d && sudo update-rc.d eotk-init.sh defaults


Go ahead and run it. It copys the eotk-init.sh file in the proper place and updates your services.

Next the housekeeping file wants you to add something to your crontab do that with :


    crontab -e


then copy and paste :


    00 08 * * 1 exec /root/eotk/eotk-housekeeping.sh


this will make sure the housekeeping file is ran periodically. (At 08:00 AM, only on Monday to be specific)


Site setup


Now its time to start feeding EOTK sites to mirror. Its fairly straight forward you start by making a file named after your project (site) you want mirrored. Make the file :

    nano your_project.tc


then go ahead and enter into your new conf file :


    set project your_project

    hardmap %NEW_V3_ONION% your_website.com


hit CRL+S to save then CTL+X to get out of there. Then run :


    ./eotk config your_project.tconf


This will generate your .onion address. Copy and paste that into a file for later.

At this point you don’t need the conf file you just ran. You can remove it or not but I prefer less clutter in my file systems.

Start the project :


    ./eotk start your_project


Now copy and paste that saved Tor address into your Tor browser and you’ll more than likely see a “security risk ahead” warning. This because modern browsers demand SSL but its not strictly necessary for .onion sites. But you can click Advanced > proceed to url_of_site.onion to see your site.


After thoughts


There you have it. You should be off and running with EOTK. I find it to be a much easier way to get your presence on the tor network fairly fast especially if you have more than one site or a massive site.


So far it works just fine even my radio station works. I'm going to experiment with swapping out the EOTK generated address with some vanity addresses and possibly look into SSL to get rid of that "security risk ahead" error that modern browsers pop by default and I'll update the post if I do that. Tell next time.


My sites hosted via EOTK


This blog


lw4fb4sybmosni7vprn3hm5mxzwr3obgpphuofv4neytigu47fvnxuyd.onion


Radio station


jmacxylxawjoufytkqrt4zo5saezwu5w6byh2bp73r73ukwhv4xjmgyd.onion


Music portfolio and podcasting.


mdb27kkfeygnueuoezggjxynw5th7wjx6zahaoyun4zfs7b4qvzah6qd.onion