In principle, it's the same as making any TCP service accessible from tor there's ...

npub1p23…rnl6

2024-09-28 07:59:59

in reply to nevent1q…ll26

In principle, it's the same as making any TCP service accessible from tor
there's many guides available for this, the basic steps are to install tor, then add to /etc/tor/torrc:

HiddenServiceDir /var/lib/tor/nostr_relay/
HiddenServicePort 80 127.0.0.1:8081

We're using port 80 instead of 443 because using TLS behind Tor is only a hassle in most cases (Tor already provides equivalent encryption). Where to redirect it depends on how your relay is configured.

In my case i use nostr-rs-relay (listening on 127.0.0.1:8081). In front of this i have nginx reverse-proxying to provide TLS. However, because nginx isn't really doing anything useful there, i can redirect Tor to its local HTTP port directly. Easy but YMMV.

Another option if you do want Tor connections to go through say, nginx (for example if you're providing extra pages or services on the domain), would be to add another plain http service port (say, port 81, then make Tor connect there), specifically configured for the onion HTTP. But that's web server specific.

Author Public Key

npub1p23eukh0nxsqpfaakz6fj9vvj27y4gs0kevnrffdq4d4adkl7uuq7crnl6

Show more details

Published at

2024-09-28 07:59:59

Kind type

1 Short Text Note

Event JSON

{ "id": "b2797e33191120014f38daa30ba92eeb12b51b35ed0a2725417b04b04b2597b3", "pubkey": "0aa39e5aef99a000a7bdb0b499158c92bc4aa20fb65931a52d055b5eb6dff738", "created_at": 1727510399, "kind": 1, "tags": [ [ "e", "000075070ea1901690e56a54fbeed6740f339e34a438c7dc7e3633937fafee19", "wss://relay.damus.io/", "root" ], [ "e", "45f32dff4fa766aff166dcd7b6ec15dcd8b32b94829cba91dd91280a057085cf", "", "reply" ], [ "p", "bd4ae3e67e29964d494172261dc45395c89f6bd2e774642e366127171dfb81f5", "", "mention" ], [ "client", "noStrudel", "31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546" ] ], "content": "In principle, it's the same as making any TCP service accessible from tor \nthere's many guides available for this, the basic steps are to install tor, then add to /etc/tor/torrc:\n\nHiddenServiceDir /var/lib/tor/nostr_relay/\nHiddenServicePort 80 127.0.0.1:8081\n\nWe're using port 80 instead of 443 because using TLS behind Tor is only a hassle in most cases (Tor already provides equivalent encryption). Where to redirect it depends on how your relay is configured.\n\nIn my case i use nostr-rs-relay (listening on 127.0.0.1:8081). In front of this i have nginx reverse-proxying to provide TLS. However, because nginx isn't really doing anything useful there, i can redirect Tor to its local HTTP port directly. Easy but YMMV.\n\nAnother option if you do want Tor connections to go through say, nginx (for example if you're providing extra pages or services on the domain), would be to add another plain http service port (say, port 81, then make Tor connect there), specifically configured for the onion HTTP. But that's web server specific.", "sig": "e67ddc4b1d7086c0393f56434ceb78b4cb3c26242f66ac026357ca215b941ecd37e76c841d9580a2ecc02ad0bdca71a5dc145075afe4f1c5942994b4d53358b7" }