On 1/31/16 11:27 AM, Alec Muffett wrote:
I'd recommend targeting a few platforms (debian + ubuntu + centos ?) with a set of tools to set up a couple of webservers (apache, nginx) and CMSes (wordpress, ...?):
- platform hardening
- tor daemon and setup
Regarding Tor, it can be config-less following the implementation of https://trac.torproject.org/projects/tor/ticket/6411 in Tor 0.2.7 .
That way it's possible to avoid dumping to filesystem the TorHS descriptors or having to modify the torrc, with all those logic to be possibly handled by the webserver modules supporting "onionification" .
Regarding massive scale deployment, there is this limit actually https://trac.torproject.org/projects/tor/ticket/15251 that we encountered when thinking about "OnionFlare" https://github.com/globaleaks/Tor2web/issues/228 as a way to easily "Onionize" an existing HTTPS website, by putting that feature into Tor2web.
- web-server config
I feel that on Apache there should be an application module, like mod_tor, that once enabled will allow to do something like "OnionService on" in the <VirtualHost> directive, having the rest happening in a auto-magic way.
- cms config
...then put it all up on GitHub for review.
From past experience* a modular approach, treating each of these tasks separately, works best.
-a
tor-onions mailing list tor-onions@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions