Onion Service setup

Hi everyone! I’m trying to setup an onion service on Whonix and I’ve just completed this guide (Onion Services - Whonix) and have couple of questions.

Since we only edit the /usr/local/etc/torrc.d/50_user.conf file on the Gateway, but install the web server on the Workstation, how does this line HiddenServiceDir /var/lib/tor/hidden_service/ in the Tor configuration does anything, when the website is (presumably) stored in a folder in the Workstation, where the server is?

Also, how can I install mysql to have a database for the website as well?

Thank you! :slight_smile:

Tor data folder (onion service key) and server folder (html files…) are totally different.

There is no need to change anything inside folder /var/lib/tor/hidden_service/.

Same as in Debian. Unspecific to Whonix.

(Except in a complex setup, load balancing, where the mysql database should run in one VM and the web server in another VM or even a remote server. Let’s hope not since it would be very difficult to find help for that.)

Oh, my mistake, sorry, I thought that’s where the site goes as that’s how I (miss)remembered it from years ago when I was doing this on macOS.

Nevertheless, how does Tor from the Gateway knows where to look for the site on the Workstation? Is it the IP address on the HiddenServicePort line?

Got you, thanks! :slight_smile:

@Patrick Okay, I finally installed everything and setup nginx, but now I’ve got another issue. The PHP framework I’m using needs to create files in the website folder in temp/cache for caching, but it throws Permission denied error. Since everything had to be set-up via terminal with sudo because I couldn’t do anything via the File Browser due to permission issues, I guess the application doesn’t have the permissions to write anything.

How can I give the permissions to the app/PHP? Is it something to do with the Linux file system (chmod, etc) or is that a nginx issue?

It doesn’t. And it doesn’t need to. Tor source code doesn’t have a concept of web server, nginx, web server folder. Tor just allows a virtual port running available on an onion to be forwarded to an IP/port elsewhere. Only the web server needs to know about folders where html files are located.


You need to learn Linux file permissions. Unspecific to Whonix.

1 Like