- Download latest version Minimal ISO CentOS from https://www.centos.org/
- Install centos with minimal required hardware configuration
- CPU - 1
- RAM - 1GB
- HDD - 20GB
- optional Create an additional user with the administrator privilages (ex: myuser)
-
Update and prepare packages
sudo yum update -y
sudo yum install epel-release -y
-
Install nginx and tor
sudo yum install nginx tor -y
-
Configure nginx to listen on port 9000. Port 80 will be used by tor. (You can also manually edit
/etc/nginx/nginx.conf
file if desired.)sudo sed -i 's/listen \+80 default_server/listen 9000 default_server/' /etc/nginx/nginx.conf
sudo sed -i 's/listen \+\[\:\:\]\:80 default_server/listen [::]:9000 default_server/' /etc/nginx/nginx.conf
-
Enable and start nginx. Check status. Status should be
active (running)
shown in green color.sudo systemctl enable nginx
sudo systemctl restart nginx
sudo systemctl status nginx
-
Configure Tor. (you can replace
hidden_service_01
with the desired name)sudo sed -i 's/\#HiddenServicePort 22 127\.0\.0\.1\:22/#HiddenServicePort 22 127.0.0.1:22\n\nHiddenServiceDir \/var\/lib\/tor\/hidden_service_01\/\nHiddenServicePort 80 127.0.0.1:9000/' /etc/tor/torrc
- add hidden service.- Default configuration is currently not compatible with SELinux (enforcing mode). The service runs tor on the first launch and then after service restart or system reboot tor does not start anymore. The following configuration needs to be set up in order to make it work (configuration changes are suggested by Michael Hampton: https://serverfault.com/a/891043/93635)
sudo sed -i 's/User toranon/#User toranon/' /usr/share/tor/defaults-torrc
- remove user definition from default configsudo mkdir /etc/systemd/system/tor.service.d; sudo touch /etc/systemd/system/tor.service.d/override.conf
- create overriden configuraiton fileecho -e '[Service]\nUser=toranon\nGroup=toranon\nPermissionsStartOnly=no\n' | sudo tee --append /etc/systemd/system/tor.service.d/override.conf
- write data to overriden configuration file
-
Enable and start tor. Check status. Status should be
active (running)
shown in green color.sudo systemctl enable tor
sudo systemctl restart tor
sudo systemctl status tor
-
Find out tor hidden service URL. (you can replace
hidden_service_01
with the desired name)sudo cat /var/lib/tor/hidden_service_01/hostname
-
Open tor browser and navigate to the generated .onion URL
Hi, I love how clearly you have laid out all this.
But I am having a problem with the nginx configuration on Centos 7.
I copied the 2 lines of code you supplied to the terminal, but the nginx.conf file does not update with any new code.
I'm new to all this, so any advice would be appreciated.