Featured image of post Setup a onion version of your website
General Docs

Setup a onion version of your website

Using a cheap PI Zero W or similar

Intro

So.. you want a .onion version of your website, whether thats a blog like this, or any other type of website.

  • Hardware

All you need is a spare SBC Raspberry Pi, even the cheapest Pi Zero W for £15, but you can even get a cheapo SBC from Ali (OS installation will be different) Also a note, you can use the pi to do simple server tasks on top of the .onion creation.

Also have a SD Card handy!

How does it work?

Pretty much the pi just relays the data from my site to the Tor network and from there to your pc.

  • Why?

Privacy, to learn, Proof of concept.

Setup

  1. Download: Raspberry Pi Imager
  2. Run it, Choose your device (eg, Pi Zero W) For OS, choose Other > Pi OS LIte, And you will get a configuration pop up, open config and put wifi details, enable ssh, i set my hostname to piserver, set a password and turn off telementery.
  3. Plug in your sd card with some adapter and flash the OS. Once flashed, insert the SD Card to the Pi, and power it
  4. If your on linux, just open terminal and do ssh piserver.lan (If your router doesnt see .lan, find the IP if the Pi), type your password and your in!
  5. Run sudo apt update && sudo apt upgrade -y, then sudo apt install tor nginx -y, then sudo nano /etc/tor/torrc, Scroll to the bottom and add:
1
2

HiddenServiceDir /var/lib/tor/icmt_hidden_service/
HiddenServicePort 80 127.0.0.1:8080

after, do CTRL+S, CTRL+X

Next, do sudo systemctl restart tor@default, and then sudo cat /var/lib/tor/icmt_hidden_service/hostname, great! you should see:

1
2

user@piserver:~ $ sudo cat /var/lib/tor/icmt_hidden_service/hostname
zooodzyg777g7vsfj2h26w2wi7wkfrkppdocvokxaon6jqynrv5j3bid.onion

You got your onion address!

Next, run sudo nano /etc/nginx/sites-available/icmt and paste in this code:

(Change sussus.org to the website you want to be on Tor!!!)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

server {
    listen 127.0.0.1:8080;
    server_name _;

    location / {
        proxy_pass https://sussus.org;
        proxy_set_header Host sussus.org;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header User-Agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36";
        proxy_ssl_server_name on;
    }
}

after, do CTRL+S, CTRL+X

Now run: sudo ln -s /etc/nginx/sites-available/icmt /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl restart nginx

  1. To test if it works, Run: curl -I http://127.0.0.1:8080, If you see HTTP/1.1 200 OK at the top, all works!

  2. Optionally, if you want tor users to see: this at the top of your site

Go to your _headers file and add:

(Change the .onion to the address you got from sudo cat /var/lib/tor/icmt_hidden_service/hostname )

1
2
3
4

/*
  Onion-Location: http://zooodzyg777g7vsfj2h26w2wi7wkfrkppdocvokxaon6jqynrv5j3bid.onion
  Referrer-Policy: strict-origin-when-cross-origin
  X-Content-Type-Options: nosniff

Note, only Onion-Location: is required, other 2 are for privacy.

If you dont have _headers, make one, if your using hugo, it will go into the static folder, if not, it will go in root directory, or public dir.

Licensed under CC BY-SA 4.0
© 2020 - 2025 ICantMakeThings
Built with Hugo
Theme Stack designed by Jimmy