How to host an onion service
You can now reach this site through the Tor Browser at:
http://37h4dzh25umqh3xnavapw6fe5uoiqc56i4qfjdb2m32hb5ziicy2zpid.onion/
The following instructions are assuming you are using Debian 12. You may need to do things slightly different if you are using another Debian based distro.
First, you need to ssh into your server and ensure your CPU architecture is supported. It has to be amd64, arm64, or i386.
dpkg --print-architecture
Add the Tor repos
apt install -y apt-transport-https gpg echo “deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org $(lsb_release -cs) main deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org $(lsb_release -cs) main” > /etc/apt/sources.list.d/tor.list
Add the GPG keys to your keyring
curl -s https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg –dearmor > /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null
Add the Debian package created by The Tor Project to help keep your signing key current
apt update apt install tor deb.torproject.org-keyring
Edit the file /etc/tor/torrc. I use nano.
nano /etc/tor/torrc
Locate the following lines and uncomment them.
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80
Now write out and save the file.
Start and enable Tor to start at boot
systemctl enable tor
Restart Tor
systemctl reload tor
Ensure Tor is working
systemctl status tor
Now get your onion address
cat /var/lib/tor/hidden_service/hostname
Note: there are ways to create a vanity address where the beginning of your onion address says your site name, like ‘cyberdiary’ for example, that is outside the scope of this short introduction. Read about that here .
Save your onion address on an open text editor or somewhere, you will need it soon.
Configuring nginx
apt update
apt upgrade
apt install nginx
Create a file at /etc/nginx/sites-available. Replace the part ‘your-site’ with your own site directory name.
nano /etc/nginx/sites-available/your-site
Inside that new file, copy and paste this configuration and replace ‘your-site’ with your own information and replace ‘your-onion-address.onion’ with your onion address that you have saved on your text editor.
server {
listen 127.0.0.1:80 ;
root /var/www/your-site ;
index index.html ;
server_name your-onion-address.onion ;
}
Write out and save the file
Create the directory where your site will located
mkdir /var/www/your-site
Make an index.html file so we know if the site is up and working
nano /var/www/your-site/index.html
Write a short message in that file for testing
Write and save the file
Create a symbolic link from sites-availabe to sites-enabled
ln -s /etc/nginx/sites-available/your-site /etc/nginx/sites-enabled/
Reload Tor and nginx
systemctl reload nginx
systemctl reload tor
Open the Tor Browser and paste in your onion address. Your site should be up.
Note:
This is a very basic guide on how to get an onion service online. There is a lot more that could and should be done.