Now an onion website

zimbatm.com is now available over Tor at zimbatm57ylpu75c.onion !

All my (2) servers are now running under NixOS which made the install fairly easy.

First install and run the tor client and setup the hidden service. I tried running a relay for a while but it ate trough my Vultr 3GB quota in a day. So back to just having a client:

{
  services.tor.enable = true;
  services.tor.extraConfig = ''
      HiddenServiceDir /var/lib/tor/hidden_service/
      HiddenServicePort 80 127.0.0.1:80
    '';
}

So that works, tor automatically generates a key-pair under /var/lib/tor/hidden_service/ but I wanted a somewhat memorable address. The general approach is to generate a random pair until a satisfying result emerges. I found a little tool called eschalot to do the brute-forcing but it had some dependencies for the build. So time to write a quick derivation:

{ pkgs }:
pkgs.stdenv.mkDerivation rec {
  name = "eschalot-${version}";
  version = "1.2.0";

  src = pkgs.fetchFromGitHub {
    owner = "ReclaimYourPrivacy";
    repo = "eschalot";
    rev = "e9e085e286bcb8a62f8325f2d82c8a150aa3a450";
    sha256 = "149jsn5xf4363q7n88kd978i9iz33725k393imp7s8bnkw5s9gp6";
  };

  buildInputs = [ pkgs.openssl ];

  installPhase = ''
    mkdir -p $out/bin
    make install PREFIX=$out "INSTALL=install -m 0755"
  '';

  meta = {
    homepage = https://github.com/ReclaimYourPrivacy/eschalot;
  }
}

After installing this I’m back on track. eschalot -vt4 -r '^zimbatm' >> result.txt

And after 6 hours computing nearly 4M hashes per second, I found this address. Now all I had to do was to replace the key-pair on the server manually and configure apache to serve the proper page. Which amounts to adding:

{
  services.http.virtualHost = [
    {
      documentRoot = mypkgs.zimbatm-website; # it's static !
      hostName = "zimbatm57ylpu75c.onion";
    }
  ];
}

Feel free to contact me if you want to reproduce this and something isn’t clear.