iTranslated by AI

The content below is an AI-generated translation. This is an experimental feature, and may contain errors. View original article
🌮

Setting up a Misskey Instance on Tor

に公開
Docker
Tor
Misskey
tech

Introduction

I wanted to try ActivityPub on Tor, so I set up a Misskey instance on the Tor network. Since there are currently no other instances to federate with, the ActivityPub aspect is essentially non-functional right now.

Project

Link: http://misskey6c32sh6c4hmq6tzd6k2pafovzfoxd3jpujcfpofymy524o6ad.onion/
Repo: https://github.com/p1atdev/onionskey

Onionskey screenshot

Workflow

  1. Obtain a .onion domain
  2. Clone Misskey
  3. Configure Misskey
  4. Configure Docker
  5. Publish

Environment

About Misskey versions

Tor Browser (13.0.6 (Mozilla Firefox 115.5.0esr)) cannot keep up with the latest version of Misskey [1], so it is necessary to use a slightly older version.

Specifically, it needs to be a version prior to v2023.11.0.
I used v13.14.2 this time.

I believe that once Tor Browser catches up with Misskey, we will be able to use the latest version.

Hoping for that day—

Implementation

Obtain an onion domain

First, we get the domain.

We'll use mkp224o.

https://github.com/cathugger/mkp224o

Download the executable file somehow and run:

mkp224o.exe -d domains -n 5 misskey

By doing this, a folder for the .onion domain will be created in the domains directory. Since we will use the files inside this folder later, repeat this process until the address you want is generated.

A 7-character name like misskey takes a bit of time. If you're in a hurry, you should use a different name.

git clone

Clone the repository while specifying the tag.

git clone -b 13.14.2 --depth 1 https://github.com/misskey-dev/misskey

Misskey Configuration

The settings are almost the same as a normal Misskey setup.

Copy .config/docker_example.env to create .config/docker.env.

.config/docker_example.env
# db settings
POSTGRES_PASSWORD=your_password
POSTGRES_USER=db_user
POSTGRES_DB=misskey

Copy .config/docker_example.yml to create .config/default.yml.

.config/docker_example.yml

# (omitted)

#   ┌─────┐
#───┘ URL └─────────────────────────────────────────────────────

# Final accessible URL seen by a user.
url: http://the_onion_domain_generated_earlier.onion/

# (omitted)

#   ┌──────────────────────────┐
#───┘ PostgreSQL configuration └────────────────────────────────

db:
# (omitted)

  # Database name
  db: misskey

  # Auth
  user: db_user
  pass: your_password

# (omitted)

# Proxy for HTTP/HTTPS
proxy: http://tor:8118

# (omitted)

I've set it to use the Tor proxy in proxy, but it might not be necessary. It's a mystery.

Addition: Proxies are meaningless unless they are SOCKS, so there's no need to set up an HTTP tunnel. I won't be covering SOCKS support in this article.

Tor Configuration

Create a tor directory in the root and place the Tor-related files there.

Create tor/torrc as follows:

tor/torrc
HiddenServiceDir /etc/tor/hidden_service/
HiddenServicePort 80 web:3000
#HTTPTunnelPort 0.0.0.0:8118

This points web:3000 (misskey) to its own port 80. By setting HTTPTunnelPort to 0.0.0.0:8118, it would allow other containers to use the HTTP tunnel.

Next, create the tor/hidden_service directory and copy the contents of the .onion domain folder generated earlier into it.

Confirm that tor/hidden_service/hostname, tor/hidden_service/hs_ed25519_public_key, and tor/hidden_service/hs_ed25519_secret_key are present.

Docker Configuration

Create Dockerfile.tor and entrypoint_tor.sh in the root.

Dockerfile.tor
FROM debian:trixie-slim as tor

# Setting up Tor
RUN apt update
RUN apt install -y tor

COPY entrypoint_tor.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

ENTRYPOINT ["/entrypoint.sh"]

CMD ["tor"]
entrypoint_tor.sh
#!/bin/sh

chmod 700 /etc/tor/hidden_service

exec "$@"

(I learned this way of writing it from ChatGPT.)

Edit docker-compose.yml.

docker-compose.yml
version: "3"

services:
  web:
    ...(omitted)
  redis:
    ...(omitted)
  db: 
    ...(omitted)
  # meilisearch: others as you like

  tor:
    build:
      context: .
      dockerfile: Dockerfile.tor
    restart: always
    networks:
      - internal_network
      - external_network
    volumes:
      - ./tor:/etc/tor

In this volumes configuration, the torrc and various domain information are passed to the container.

Publishing

For the first time, please follow the official instructions.

After that, start it with:

docker compose up -d --build

(The --build flag might not be needed.)

Conclusion

All done. Thank you for following along.

You can access Misskey by opening the specified domain in Tor Browser.

Revision History

2023/12/19

Corrected the description regarding the HTTP tunnel.

脚注

  1. In fact, with this version of Tor Browser, https://misskey.io/ cannot be used normally and displays a "Failed to load" message. ↩︎

GitHubで編集を提案

Discussion