Hi All,
Yesterday I pushed this out to the world:
- currently EOTK works on OSX and could probably be coerced to run on various Linux but I have not documented nor tested that yet.
The aim is that a site administrator can edit a very simple config file:
hardmap secrets.d/s2kpvtwjbawr3mx3.key
aclu.orgset project digital-rights
hardmap secrets.d/zbboaoeo6ruhqnu2.key
eff.org
...and run a couple of simple commands, and immediate get onion sites which do bidirectional rewriting of requests and responses between the given onion address and the given DNS domain.
SSL support is afforded by automatically-generated self-signed certificates - an ugly hack, but it means that site owners can prototype an onion offering, and (eventually) put it into production with an equivalent EV cert.
I am working on amendments to make EOTK very onionbalance-friendly; the eventual goal is to provide a filetree of NGINX + Tor configurations which can be rsync'd to a cloud of machines, and the onion-addresses thereby created get scraped for Onionbalance to publish.
This will offer linear scalability for Enterprise Tor Onions. More users? Add more machines! And less "heavy" deployments can just use a single config without Onionbalance.
There's a lot of work still to be done, but I thought I would mention it here in case folk would like to experiment and provide feedback so far.