[tor-onions] Onion Enterprise Toolkit - ALPHA

George Kadianakis desnacked at riseup.net
Fri Feb 3 15:49:44 UTC 2017 

Alec Muffett <alec.muffett at gmail.com> writes:

> Hi All,
>
> Yesterday I pushed this out to the world:
>
>   https://github.com/alecmuffett/eotk - The Enterprise Onion Toolkit
>
> - currently EOTK works on OSX and could probably be coerced to run on
> various Linux but I have not documented nor tested that yet.
>

Cool stuff Alec :) I have no OSX boxes around here so I can't get past
000-setup-osx.sh unfortunately.

BTW, is this tool designed to be useful mainly for "enterprise"
installations, or is it also useful to casual cases like "I just want a
quick HTTP HS, no DNS names or SSL or anything".

Cheers!

> The aim is that a site administrator can edit a very simple config file:
>
> # default project
> hardmap secrets.d/s2kpvtwjbawr3mx3.key aclu.org
> hardmap secrets.d/77bytc6x3bqdf7s6.key liberty-human-rights.org.uk
>
> # topical project
> set project digital-rights
> hardmap secrets.d/oh7b6dpvd3kgchfb.key openrightsgroup.org
> hardmap secrets.d/zbboaoeo6ruhqnu2.key eff.org
> hardmap secrets.d/m4x6zoaflrjez7dh.key accessnow.org
> hardmap secrets.d/wn74m5ts4r5xe4r4.key digitalrights.ie
>
>
> ...and run a couple of simple commands, and immediate get onion sites which
> do bidirectional rewriting of requests and responses between the given
> onion address and the given DNS domain.
>
> SSL support is afforded by automatically-generated self-signed certificates
> - an ugly hack, but it means that site owners can prototype an onion
> offering, and (eventually) put it into production with an equivalent EV
> cert.
>
> I am working on amendments to make EOTK very onionbalance-friendly; the
> eventual goal is to provide a filetree of NGINX + Tor configurations which
> can be rsync'd to a cloud of machines, and the onion-addresses thereby
> created get scraped for Onionbalance to publish.
>
> This will offer linear scalability for Enterprise Tor Onions.  More users?
> Add more machines! And less "heavy" deployments can just use a single
> config without Onionbalance.
>
> There's a lot of work still to be done, but I thought I would mention it
> here in case folk would like to experiment and provide feedback so far.
>
>     -a
>
> -- 
> http://dropsafe.crypticide.com/aboutalecm
> _______________________________________________
> tor-onions mailing list
> tor-onions at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions

More information about the tor-onions mailing list