Xenia's Website




meowings

Tor Your Server!

30/07/2025

In an age of censorship and surveillance, TOR provides a degree of anonymity and privacy which is gradually being lost to the crazied control-obsessed governments of the same countries which promise "freedom of speech". There's a whole lot to be said about the UK's Orwellian Online Safety Act, and the subsequent censorship proposals coming from the US and EU and Mexico and Ireland and Canada and...

One of the points behind these "online safety" regulations is protecting children from harmful online content such as terrorism and sexual content. In my personal opinion, children should be allowed some terrorism at least... right? Of course, there are concerns about abuse of vague terminology for widespread censorship, but I wrote all about that on my main personal blog and I'd like to keep the two separate. For the sake of this blogpost, just remember how governments have spent the last few years branding LGBTQ+ people as groomers and pedophiles and how our existence is a threat to the innocence and sanctity of children.

So, to make sure you can keep accessing my (a transgender and bisexual mf) website, I have setup a TOR endpoint for this website!

For starters, this website is hosted on an nginx server in Kubernetes. It's really simple stuff, and for the most part we can ignore that everything is held together by the complexities of Kubernetes. If you want though, you can read about how I deployed this website here. So, for running the TOR endpoint, I will create a container image with TOR, and just "point" the tor service to this nginx server.

Creating the Container Image

I probably could use someone else's image, but I have a habit of rolling my own containerfiles anyway. It's super simple.
I start with a SUSE BCI. Since I need zypper to install TOR, I just use the base SUSE SLE base container image. Then, I add the repository containing the TOR package and install the package.
Dockerfile
🔴 🟡 🟢

FROM registry.suse.com/bci/bci-base:15.7

RUN rpm --import https://download.opensuse.org/repositories/network/SLE_15/repodata/repomd.xml.key

RUN zypper -n addrepo https://download.opensuse.org/repositories/network/SLE_15/network.repo
RUN zypper -n refresh
RUN zypper -n install tor

CMD ["tor"]


I'll build the image and push it to my repository. Then it's ready to be used in my Kubernetes cluster.
The absolute last thing to do is to write the config file which TOR will use to know to send the network traffic to the nginx server.
torrc
🔴 🟡 🟢

HiddenServiceDir /var/lib/tor/nyanyamachine/
HiddenServicePort 80 nyanyamachine-service.default.svc.cluster.local:80


I won't go into the details of running it on Kubernetes as it is incredibly straightforward with a deployment and configmap. Though if you have any issues or want to ask questions, my Twitter is always pingable!
Simply, now, when you go to the onion link, it will hit the TOR container which then forwards the traffic to my nginx server, and returns this beautiful website to be rendered on your device, privately and securely and in a way that the government can cry and seethe about you still seeing trans people on the internet.

Fuck censorship.
~ Love, Xenia ♡