- Download latest version Minimal ISO CentOS from https://www.centos.org/
- Install centos with minimal required hardware configuration
- CPU - 1
- RAM - 1GB
- HDD - 20GB
- optional Create an additional user with the administrator privilages (ex: myuser)
-
Update and prepare packages
sudo yum update -y
sudo yum install epel-release -y
-
Install nginx and tor
sudo yum install nginx tor -y
-
Configure nginx to listen on port 9000. Port 80 will be used by tor. (You can also manually edit
/etc/nginx/nginx.conf
file if desired.)sudo sed -i 's/listen \+80 default_server/listen 9000 default_server/' /etc/nginx/nginx.conf
sudo sed -i 's/listen \+\[\:\:\]\:80 default_server/listen [::]:9000 default_server/' /etc/nginx/nginx.conf
-
Enable and start nginx. Check status. Status should be
active (running)
shown in green color.sudo systemctl enable nginx
sudo systemctl restart nginx
sudo systemctl status nginx
-
Configure Tor. (you can replace
hidden_service_01
with the desired name)sudo sed -i 's/\#HiddenServicePort 22 127\.0\.0\.1\:22/#HiddenServicePort 22 127.0.0.1:22\n\nHiddenServiceDir \/var\/lib\/tor\/hidden_service_01\/\nHiddenServicePort 80 127.0.0.1:9000/' /etc/tor/torrc
- add hidden service.- Default configuration is currently not compatible with SELinux (enforcing mode). The service runs tor on the first launch and then after service restart or system reboot tor does not start anymore. The following configuration needs to be set up in order to make it work (configuration changes are suggested by Michael Hampton: https://serverfault.com/a/891043/93635)
sudo sed -i 's/User toranon/#User toranon/' /usr/share/tor/defaults-torrc
- remove user definition from default configsudo mkdir /etc/systemd/system/tor.service.d; sudo touch /etc/systemd/system/tor.service.d/override.conf
- create overriden configuraiton fileecho -e '[Service]\nUser=toranon\nGroup=toranon\nPermissionsStartOnly=no\n' | sudo tee --append /etc/systemd/system/tor.service.d/override.conf
- write data to overriden configuration file
-
Enable and start tor. Check status. Status should be
active (running)
shown in green color.sudo systemctl enable tor
sudo systemctl restart tor
sudo systemctl status tor
-
Find out tor hidden service URL. (you can replace
hidden_service_01
with the desired name)sudo cat /var/lib/tor/hidden_service_01/hostname
-
Open tor browser and navigate to the generated .onion URL
@HubGrit, When you install nginx, by default it listens to port 80. The following lines in
/etc/nginx/nginx.conf
file make this happen (these entries are on line 39/40):This needs to be changed from 80 to 9000 (or any other port except 80) so that it looks like this:
The following commands, the ones you are referring to, make the above mentioned change:
The first line changes the first listen config address (IPv4) and the second line changes the second listen config (IPv6). You can manually edit the config file to change these values.
I have just tested these commands with the latest versions of software and I can confirm that they work and update the config as it should be. These command do not give any output, they just execute and quit. Maybe that was the reason of the confusion.