GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → systemli → ansible-role-hidden-service

systemli / ansible-role-hidden-service

Licence: other
Ansible role to install & maintain Tor Hidden Services

Labels

ansibleansible-roletorhidden-service

Projects that are alternatives of or similar to ansible-role-hidden-service

GhostNET
GhostNET script that will help you be safer on the cyber
Stars: ✭ 45 (+60.71%)
Mutual labels:  tor, hidden-service
docker-tor
TOR Server Docker image
Stars: ✭ 32 (+14.29%)
Mutual labels:  tor, hidden-service
torgo
A Golang library for Tor.
Stars: ✭ 36 (+28.57%)
Mutual labels:  tor, hidden-service
narnia
🚧 EXPERIMENTAL 🚧 Secure hidden service webserver
Stars: ✭ 24 (-14.29%)
Mutual labels:  tor, hidden-service
Ansible Relayor
An Ansible Role for Tor Relay Operators
Stars: ✭ 165 (+489.29%)
Mutual labels:  ansible-role, tor
ansible-role-tor
✳️🛡️ Securely build a system Tor and optionally configure numerous high-security Onion services.
Stars: ✭ 22 (-21.43%)
Mutual labels:  ansible-role, tor
tordam
A library for peer discovery inside the Tor network
Stars: ✭ 13 (-53.57%)
Mutual labels:  tor, hidden-service
haskell-ricochet
(WIP/Experimental) Ricochet implementation as Haskell Library.
Stars: ✭ 22 (-21.43%)
Mutual labels:  tor, hidden-service
onionjuggler
Manage your Onion Services via CLI or TUI on Unix-like operating system with a POSIX compliant shell.
Stars: ✭ 31 (+10.71%)
Mutual labels:  tor, hidden-service
ansible-bluegreen-docker
Ansible role, showing a concept of blue-green deployments with Docker containers
Stars: ✭ 23 (-17.86%)
Mutual labels:  ansible-role
ansible-role-rabbitmq
Ansible Role - RabbitMQ
Stars: ✭ 49 (+75%)
Mutual labels:  ansible-role
guessTor
Bruteforces [.onion] domains
Stars: ✭ 78 (+178.57%)
Mutual labels:  tor
ansible-role-containerd
Ansible Role - containerd.io
Stars: ✭ 45 (+60.71%)
Mutual labels:  ansible-role
ansible-role-xcode
Ansible Role - Xcode
Stars: ✭ 27 (-3.57%)
Mutual labels:  ansible-role
caddy-altonions
Opportunistic Onions plugin for Caddy
Stars: ✭ 20 (-28.57%)
Mutual labels:  tor
woodpecker
Custom security distro for remote penetration testing
Stars: ✭ 45 (+60.71%)
Mutual labels:  tor
ipChecker
Check if a IP is from tor or is a malicious proxy
Stars: ✭ 50 (+78.57%)
Mutual labels:  tor
ansible-drone
Ansible role to configure drone (server and agent)
Stars: ✭ 16 (-42.86%)
Mutual labels:  ansible-role
onionize-docker
Tor v3 onion services (hidden services) for Docker containers
Stars: ✭ 61 (+117.86%)
Mutual labels:  tor
bane
this is a python module that contains functions and classes which are used to test the security of web/network applications. it's coded on pure python and it's very intelligent tool ! It can easily detect: XSS (relected/stored), RCE (Remote Code/Command Execution), SSTI, SSRF, CORS Misconfigurations, File Upload, CSRF, Path Traversal,.... Also, …
Stars: ✭ 167 (+496.43%)
Mutual labels:  tor
View All Similar Projects ➔

ansible-role-hidden-service

DEPRECATED: Please use systemli.onion from now on.

Install and configure one or multiple Tor Hidden Services.

Hostname and private key will be generated if not supplied as variable.

Hint: It may take up to one minute, until the service is announced in the tor network and reachable.

Be careful: Using the default 127.0.0.1 as Hidden Service IP-address could possibly leak meta data: https://help.riseup.net/en/security/network-security/tor/onionservices-best-practices#be-careful-of-localhost-bypasses

Supports Next Gen Onion Services only if tor version >= 0.3.2.1!

Role Variables

# defaults file for hidden-service
hidden_service_active: True
hidden_service_ipaddr: 127.0.0.1
hidden_service_tor_apt_state: present
hidden_service_services:
  ssh:
    hidden_service_hostname:
    hidden_service_ports:
      - [22, 22]
    hidden_service_authorized_clients: []
    hidden_service_private_key:

hidden_services_configuration:
  SocksPort: 9050
  SocksPolicy: "reject *"

# List of auth cookies for connecting to Authenticated Tor Hidden Services.
#
hidden_service_hid_serv_auth: []

hidden_service_monit_enabled: False

Download

Download latest release with ansible-galaxy

ansible-galaxy install systemli.hidden-service

Example Playbook

    - hosts: servers
      roles:
         - { role: systemli.hidden-service }

Extended Variables Example

hidden_service_active: True
hidden_service_ipaddr: 192.168.3.12

hidden_service_services:
  ssh:
     hidden_service_hostname:
     hidden_service_ports:
        - [22, 22]
     hidden_service_private_key:
  mail:
     hidden_service_hostname:
     hidden_service_ports:
        - [25, 25] #[redirected_from, redirected_to]
        - [587,587]
     hidden_service_private_key:
  examplewithhostname:
     hidden_service_hostname: onionurl.onion
     hidden_service_ports:
        - [25, 25]
        - [587,587]
     hidden_service_private_key: |
      -----BEGIN RSA PRIVATE KEY-----
      the
      private
      key
      -----END RSA PRIVATE KEY-----
  absenthiddenservice:
     hidden_service_state: absent
     hidden_service_hostname: onionurl.onion
     hidden_service_ports:
        - [25, 25]
        - [587,587]
     hidden_service_private_key: |
      -----BEGIN RSA PRIVATE KEY-----
      the
      private
      key
      -----END RSA PRIVATE KEY-----
  #
  # nextgeneration hiddenservice only available in tor >= 0.3.2.1
  # https://trac.torproject.org/projects/tor/wiki/doc/NextGenOnions#Howtosetupyourownprop224service
  #
  nextgenhiddenservice:
     hidden_service_hostname:
     hidden_service_version: 3
     hidden_service_ports:
        - [25, 25] 
        - [587,587]
     hidden_service_private_key:


#
# Example for torrc with special hidden service configurations
# such as Sandboxing, custom data directory, auth cookies ...

hidden_service_services:
  ssh:
    hidden_service_ports:
      - [22, 22]
    hidden_service_authorized_clients:
      - admin

hidden_services_configuration:
  SocksPort: 9050
  SocksPolicy: "reject *"
  RunAsDaemon: 1
  # Enabling Sandbox for the first time may prevent
  # the tor service from restarting. Make sure your
  # SSH connection is not over Tor when enabling it.
  Sandbox: 1
  FetchDirInfoEarly: 1
  FetchDirInfoExtraEarly: 1
  DataDirectory: /var/lib/tor

# Hosts that specified `hidden_service_authorized_clients` will generate
# auth cookies for restricted access. Collect those values from the
# hostname file and add them to the torrc for intended clients, e.g.
# the Ansible controller, via the list var below.
hidden_service_hid_serv_auth:
  - "r7w3xdf3r5smxokv.onion p0xMVci7ffeQFA4IWkcBxR # client: admin"

Testing & Development

For developing and testing the role we use Travis CI and Vagrant. On the local environment you can easily test the role with

vagrant up trusty
# other available releases are precise, wheezy and jessie

License

GPLv3

Author Information

https://www.systemli.org

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].