{"id":13586603,"url":"https://github.com/KeyWeeUsr/OnionProxy","last_synced_at":"2025-04-07T18:34:09.344Z","repository":{"id":153046469,"uuid":"182547171","full_name":"KeyWeeUsr/OnionProxy","owner":"KeyWeeUsr","description":":whale2: :satellite: Create Containerized Clearnet Proxies","archived":false,"fork":false,"pushed_at":"2019-04-21T17:17:07.000Z","size":22,"stargazers_count":27,"open_issues_count":0,"forks_count":5,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-02-14T21:38:23.774Z","etag":null,"topics":["container","docker-compose","nginx","nginx-proxy","nginx-proxy-pass","onion","onion-address","onion-architecture","onion-domains","onion-routing","onion-service","onion-sites","proxy","proxy-server","tor","tor-hidden-services","tor-network","tor-proxy","tor-traffic","wrapper"],"latest_commit_sha":null,"homepage":"https://badida.sk/mantis/view_all_bug_page.php?project_id=5","language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/KeyWeeUsr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-04-21T14:57:58.000Z","updated_at":"2024-08-01T16:32:37.852Z","dependencies_parsed_at":null,"dependency_job_id":"5365c9e9-7dc6-484b-b5dc-607dbaed2227","html_url":"https://github.com/KeyWeeUsr/OnionProxy","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KeyWeeUsr%2FOnionProxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KeyWeeUsr%2FOnionProxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KeyWeeUsr%2FOnionProxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KeyWeeUsr%2FOnionProxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/KeyWeeUsr","download_url":"https://codeload.github.com/KeyWeeUsr/OnionProxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247707713,"owners_count":20982830,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["container","docker-compose","nginx","nginx-proxy","nginx-proxy-pass","onion","onion-address","onion-architecture","onion-domains","onion-routing","onion-service","onion-sites","proxy","proxy-server","tor","tor-hidden-services","tor-network","tor-proxy","tor-traffic","wrapper"],"created_at":"2024-08-01T15:05:40.562Z","updated_at":"2025-04-07T18:34:09.039Z","avatar_url":"https://github.com/KeyWeeUsr.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# OnionProxy\n\nImagine you have a spare computer or a virtual private server or you know\nsomeone who would host something for you and let's say you want to access\na website but you don't want to leave a trace on a specific device.\n\nNow let's scale it a bit and say you have multiple websites, multiple devices\nand you want to be able to access even non-clearnet stuff.\n\nCommon steps for that would perhaps be getting some tool for privacy for each\nof the client devices. But what if a clearnet website breaks your plans by just\nnot being compatible with the privacy solution? Let's use Tor as an example.\n\nImagine you want to access one of [these websites](\nhttps://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor\n)([onion link](\nhttp://ea5faa5po25cf7fb.onion/projects/tor/wiki/org/doc/ListOfServicesBlockingTor\n)). Well, you can't. You'll either need to visit the page without Tor, or\nsacrifice some of \"your\" privacy to stay hidden.\n\nThere are multiple situations when you need to stay hidden whether it's\ncensorship, personal interests or whatever. With this tool you can create\nyour own proxy which is not publicly visible nor easily guessable (.onion\naddress) to a server (website, DB, etc) that either completely blocks Tor\ntraffic or to a server that allows access only from a specific IP.\n\n### Ideas\n\nSince this allows you to create proxies and each proxy is a separate service,\nyou can easily wrap third-party websites (if they allow you to do so in\nToC/ToS) into services, therefore create your own network of onions.\n\nSome ideas with that in mind:\n\n* Public institutions running onion proxies\n* Onion addresses for your personal websites/servers\n* Separate network of proxies in a non-censorship country used in a country\n  with common censorship\n* Onion proxy to access a server that limits the traffic to a specific IP\n  (proxy running on that machine) while traveling/using VPN/having burner\n  device.\n\n### Limits\n\nCurrently the tool allows proxying only for clearnet websites, a single domain,\ntherefore websites with resources distributed across multiple domains, let's\nsay Wikipedia\n\n    https://wikimedia.org\n    https://meta.wikimedia.org\n    https://upload.wikimedia.org\n    https://wikipedia.org\n    https://en.wikipedia.org\n    ...\n\nproxying would mean creating a proxy for each of the domains and redirect all\nof the locations to the appropriate sub-locations (and rewrite response bodies,\nrewrite Host, Location and perhaps other headers to make it load properly)\nor even own onion services. Solutions such as this cause more work than they\nare useful, therefore depending on the use-case it might be more comfortable to\njust run an exit node. For such case though you allow everyone to access your\nserver due to the inclusion of your server to the network as the node anyone\ncan visit any page from.\n\nSee the sample config for Wikipedia in the ``confs`` folder.\n\n### Run\n\n1. Get [Docker](https://www.docker.com/get-started)\n2. Get Tor Browser\n   [via torproject.org](https://www.torproject.org/download/download-easy.html.en),\n   [via email](mailto://gettor@torproject.org),\n   [via twitter](https://twitter.com/get_tor)\n3. ``git clone https://github.com/KeyWeeUsr/OnionProxy``\n4. Create a ``proxies.txt`` template.\n5. Run the ``./opctl.sh --recreate`` (MacOS or GNU/Linux) to create Docker .yml\n6. Get your .onion addresses: ``./opctl.sh --hostnames``\n7. Navigate to the .onion address in the Tor Browser\n8. Enjoy\n\n### Warning\n\n#### Keys\n\nThe keys for the .onion services are stored in separate volumes named by the\n``proxies.txt`` template. Once you remove such volume or rename the service,\nthe stored key is no longer used. If by any chance you only rename the service\nyou can rename it back to get the same address or copy the old key from the\nold volume to the new one.\n\nOnce you delete the Docker volume with the keys, your .onion address is gone.\n\n#### Security\n\nOnce you access the .onion proxy **everything is unsecure**. You can see the\ndefault remote IP (``127.0.0.1`` by default), **the whole** incomming request\nand you can log, manipulate and prevent the traffic (as with any other proxy!)\ntherefore if you decide to deploy it, be sure the host is safe both system-wise\n(secure server, firewall, all that) and location-wise. :)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FKeyWeeUsr%2FOnionProxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FKeyWeeUsr%2FOnionProxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FKeyWeeUsr%2FOnionProxy/lists"}