- Download latest version Minimal ISO CentOS from https://www.centos.org/
- Install centos with minimal required hardware configuration
- CPU - 1
- RAM - 1GB
- HDD - 20GB
- optional Create an additional user with the administrator privilages (ex: myuser)
-
Update and prepare packages
sudo yum update -y
sudo yum install epel-release -y
-
Install nginx and tor
sudo yum install nginx tor -y
-
Configure nginx to listen on port 9000. Port 80 will be used by tor. (You can also manually edit
/etc/nginx/nginx.conf
file if desired.)sudo sed -i 's/listen \+80 default_server/listen 9000 default_server/' /etc/nginx/nginx.conf
sudo sed -i 's/listen \+\[\:\:\]\:80 default_server/listen [::]:9000 default_server/' /etc/nginx/nginx.conf
-
Enable and start nginx. Check status. Status should be
active (running)
shown in green color.sudo systemctl enable nginx
sudo systemctl restart nginx
sudo systemctl status nginx
-
Configure Tor. (you can replace
hidden_service_01
with the desired name)sudo sed -i 's/\#HiddenServicePort 22 127\.0\.0\.1\:22/#HiddenServicePort 22 127.0.0.1:22\n\nHiddenServiceDir \/var\/lib\/tor\/hidden_service_01\/\nHiddenServicePort 80 127.0.0.1:9000/' /etc/tor/torrc
- add hidden service.- Default configuration is currently not compatible with SELinux (enforcing mode). The service runs tor on the first launch and then after service restart or system reboot tor does not start anymore. The following configuration needs to be set up in order to make it work (configuration changes are suggested by Michael Hampton: https://serverfault.com/a/891043/93635)
sudo sed -i 's/User toranon/#User toranon/' /usr/share/tor/defaults-torrc
- remove user definition from default configsudo mkdir /etc/systemd/system/tor.service.d; sudo touch /etc/systemd/system/tor.service.d/override.conf
- create overriden configuraiton fileecho -e '[Service]\nUser=toranon\nGroup=toranon\nPermissionsStartOnly=no\n' | sudo tee --append /etc/systemd/system/tor.service.d/override.conf
- write data to overriden configuration file
-
Enable and start tor. Check status. Status should be
active (running)
shown in green color.sudo systemctl enable tor
sudo systemctl restart tor
sudo systemctl status tor
-
Find out tor hidden service URL. (you can replace
hidden_service_01
with the desired name)sudo cat /var/lib/tor/hidden_service_01/hostname
-
Open tor browser and navigate to the generated .onion URL
Apologies, my bad, I just did a fresh VM install and the nginx.conf is as it should be. The nginx.conf file I had before had no server {..} section in it(don't know how that happened), so there was no server listener lines to update with your code. Thank you, I would not have realised something had gone wrong without you.