Screenshot of the Hingst.net Mastodon server being reachable over Tor using an onion service

Setting up Tor for Mastodon (onion service)

This is a short guide on how to serve your Mastodon instance through Tor using an onion service.

First install the tor package,

apt install tor

Then change your Tor and nginx configs according to the Mastodon docs: https://docs.joinmastodon.org/admin/optional/tor/. You can verify that your nginx config is correct with the command, sudo nginx -c /etc/nginx/nginx.conf -t. It should tell you if you get any errors.

Increase the server_names_hash_bucket_size value from 64 to something higher, like 128 or 256 (due to the long onion address) by editing /etc/nginx/nginx.conf,

nano /etc/nginx/nginx.conf

and under the http block find server_names_hash_bucket_size = 64;, uncomment it and increase its value.

Don’t forget to reload nginx afterwards.

service nginx restart

Newer Rails versions block some hosts which makes you unable to access your onion address using Tor. This can be fixed by changing to the mastodon user,

su - mastodon

and edit the ~/live/config/environments/production.rb file.

nano ~/live/config/environments/production.rb

At the end of the file (before the ”end” tag) add you onion address such as,

config.hosts << "65kw3zrzvyzjhccatymit72h6p55yrtsblh7z5274jle2v7fibzcwnad.onion"

where you replace 65kw3zrzvyzjhccatymit72h6p55yrtsblh7z5274jle2v7fibzcwnad.onion with your own onion address (which is found in /var/lib/tor/hidden_service/hostname).

Save the file, and just to be sure reload the Mastodon services,

systemctl restart mastodon-sidekiq
systemctl reload mastodon-web

And you should be good to go!

 

Revisions:

2021-10-24: Added information about server_names_hash_bucket_size.
2021-10-25: Clarified some parts

Lämna en kommentar

Din e-postadress kommer inte publiceras.