Skip to content
/ onionpi Public

Ansible role to build an Onion Pi Tor proxy with a Raspberry Pi 4 Model 4 B

License

GPL-3.0 license
11 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

d-vb/onionpi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
defaults
defaults
 
 
handlers
handlers
 
 
tasks
tasks
 
 
templates
templates
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

onionpi

Ansible role to build an Onion Pi Tor proxy with a Raspberry Pi 4 Model 4 B.

You can plug the Ethernet cable into any Internet provider in your home, work, hotel or conference/event, power up the Pi with the USB cable to your laptop or to the wall adapter. The Pi will boot up and create a new secure wireless access point. Connecting to that access point will automatically route any traffic from your computer through the anonymizing Tor network.

Prepare your Pi

  • Download the latest image of Raspberry Pi OS (32-bit) Lite and follow the installation manual.

    unzip YYYY-MM-DD-raspios-bullseye-armhf-lite.zip
sudo dd if=YYYY-MM-DD-raspios-bullseye-armhf-lite.img of=/dev/sdX bs=4M conv=fsync status=progress
sudo dd if=/dev/sdX of=from-sd-card.img bs=4M count=xxx
sudo truncate --reference YYYY-MM-DD-raspios-bullseye-armhf-lite.img from-sd-card.img
diff -s from-sd-card.img YYYY-MM-DD-raspios-bullseye-armhf-lite.img
sync

  • Login as user pi with the password raspberry (don't worry about the default password, we will delete this user while installtion). Start the Raspberry Pi configuration tool, set a hostname, enable SSH and log out.

    sudo raspi-config
1 System Options -> S4 Hostname -> onionpi
3 Interfacing Options -> P2 SSH -> Yes

  • Configure SSH access for root user.

    cat ~/.ssh/id_rsa.pub | ssh pi@onionpi "sudo sh -c 'mkdir -p /root/.ssh && chmod 700 /root/.ssh && cat >> /root/.ssh/authorized_keys'"

Deploy Ansible role

  • Change to a suitable local directory and clone this repository to roles/onionpi.

    git clone https://github.com/d-vb/onionpi.git roles/onionpi

  • Create an Ansible inventory inventories/onionpi.yml and specify the Wifi passphrase you want to use to connect to your Onion Pi.

    all:
  children:
    onionpi:
      hosts:
        onionpi:
          ansible_user: "root"
          wpa_passphrase: "ENTER_YOUR_PASSPHRASE_HERE"

  • Create an Ansible playbook onionpi.yml that will run your Ansible role.

    - hosts: onionpi
  become: true
  roles:
    - onionpi

  • Install Ansible and run ansible-playbook.

    ansible-playbook onionpi.yml -i inventories/onionpi.yml

And finally

  • Connect to your Onion Pi Tor Wifi (default SSID is onionpi) with the passphrase you specified earlier.

  • Visit https://check.torproject.org/ to verify you are using Tor.

Customizing

If you want to adjust some default settings like SSID and IP-Addresses, just edit defaults/main.yml.

About

Ansible role to build an Onion Pi Tor proxy with a Raspberry Pi 4 Model 4 B

Topics

ansible raspberrypi tor opsec onion-pi

Resources

Readme

License

GPL-3.0 license
Activity

Stars

11 stars

Watchers

2 watching

Forks

1 fork
Report repository

Contributors 2

  •  
  •