Protect your privacy and access Home Assistant via Tor.
About
This Tor add-on allows you to access your Home Assistant instance as an Onion site, trough Tor’s Hidden Service feature. With this feature enabled, you do not need to open your firewall ports or setup HTTPS to enable secure remote access.
This is useful if you want to have:
Access your Home Assistant instance remotely without opening a firewall port or setting up a VPN.
Don’t want to or know how to get an SSL/TLS certificate and HTTPS configuration setup.
Want to block attackers from even being able to access/scan your port and server at all.
Want to block anyone from knowing your home IP address and seeing your traffic to your Home Assistant.
The add-on also offers the possibility to open a Sock proxy into the Tor network. Allowing you to access Tor from any of your (SOCKS supporting) applications through your Hass.io installation.
Installation
The installation of this add-on is pretty straightforward and not different in comparison to installing any other add-on.
Search for the “Tor” add-on in the add-on store and install it.
Start the “Tor” add-on
Check the logs of the “Tor” add-on to see if everything went well. The log will also display your Tor .onion address.
Please read the documentation for more information about the use and configuration of this add-on.
Support
You can always try to get support from the community here at the Home Assistant community forums, join the conversation!
Questions? You have several options to get them answered:
The primary goal of our add-ons project is to provide you (as a Home Assistant user) with additional, high quality, add-ons that allow you to take your automated home to the next level.
I am Franck Nijhof, and I have 30 years of programming experience, in many languages. I am using this experience to work on the Home Assistant project by giving back my knowledge and time to the open source community.
The add-on you are currently looking at right now was developed/packaged by me. It is not the only add-on I have created; there are many many more
However, I have a problem… I am an addict. A addict that is. Lucky for you, I turn that C8H10N4O2 (caffeine molecule) into code (and add-ons)!
If you want to show your appreciation, consider supporting me for buying a cup of high octane wakey juice via one of the platforms below!
Enjoy your add-on, while I enjoy the brain juice.
Thanks for all the
…/Frenck
P.S.: In case you want to ask me a question: AMA (Ask Me Anything). Most of the time I am online at the Discord chat. (I go by @Frenck in there as well).
This Tor add-on allows you to access you Home Assistant instance as an Onion site, trough Tor’s Hidden Service feature. With this feature enabled, you do not need to open your firewall ports or setup HTTPS to enable secure remote access.
Added
Initial release
Since this is the first release of this add-on, I’m looking forward to your feedback!
Thanks to the following people for voting for this add-on:
Does this work well with the Mosquitto MQTT server add-on? I.E., will it make it difficult for me to access the HassIO MQTT server from outside my local network?
When the add-on starts I can see the onion address. When using Tor Browser I can access HASSIO without any problems.
The logging also states that the SOCKS proxy is running and listening on 127.0.0.1:9050, but it seems that the network configuration to map container 9050/tcp to host 9050 does not work. I can’t connect to the host:9050 port.
Something wrong in the logic to map the ports to the host?
Dec 30 22:43:34.810 [notice] Tor 0.3.1.8 (git-ad5027f7dc790624) running on Linux with Libevent 2.1.8-stable, OpenSSL LibreSSL 2.6.3, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
Dec 30 22:43:34.810 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Dec 30 22:43:34.810 [notice] Read configuration file "/etc/tor/torrc".
Dec 30 22:43:34.826 [notice] Opening Socks listener on 127.0.0.1:9050
Dec 30 22:43:34.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Dec 30 22:43:35.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Dec 30 22:43:36.000 [warn] You are running Tor as root. You don't need to, and you probably shouldn't.
Dec 30 22:43:38.000 [notice] Bootstrapped 0%: Starting
Dec 30 22:43:41.000 [notice] Starting with guard context "default"
Dec 30 22:43:41.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Dec 30 22:43:42.000 [notice] Bootstrapped 85%: Finishing handshake with first hop
Dec 30 22:43:43.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Dec 30 22:43:44.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Dec 30 22:43:44.000 [notice] Bootstrapped 100%: Done
Some minutes later I do see the following warning. But the service on the onion address seems to work fine.
Dec 30 22:48:12.000 [warn] Hidden service <REMOVED ONION ADDRESS> exceeded launch limit with 11 intro points in the last 278 seconds. Intro circuit launches are limited to 10 per 300 seconds.
Dec 30 22:48:12.000 [warn] Service configured in "/ssl/tor/hidden_service":
Dec 30 22:48:12.000 [warn] Intro point 0 at [scrubbed]: circuit is connecting to server
Dec 30 22:48:12.000 [warn] Intro point 1 at [scrubbed]: circuit is connecting to server
Dec 30 22:48:12.000 [warn] Intro point 2 at [scrubbed]: circuit is connecting to server
I would like to try this add-on on Hassio, but I’ve already installed and set up the Duck DNS add-on (with embedded Let’s Encrypt support). Must I uninstall Duck DNS before installing the Tor add-on; or perhaps simply “stop” the Duck DNS service and remove port forwarding? Or can I still keep all that in place and do a simple install of the Tor add-on? Thanks.
Thanks, I’ll try that out, once I’ve troubleshooted the issue with latest hassio update. For some reason the hassio panel does not load anymore. It says ‘Failed to load the Hass.io panel from supervisor’ and it seems the docker plugins are down, so no SSH or other remote access anymore. HA itself is running though. But I can’t reach any log files.
Hello,
is it possible to access to other Ressouces in the Home Network using the Tor Addon on hassio?
p.e. the NAS or other Web Interfaces.
In the Tor config i can only configure Ports, not IPs.
On the „on premise“ Tor config i can edit the torrc file and put some IPs with Ports.
My issues of hanging supervisor messages were solved in 0.61.1 and with that I could try your new Tor release. And the proxy is indeed accessible from other hosts. Thanks!
But when I upgraded to 1.1.1 I get:
s6-mkfifo: fatal: unable to mkfifo /var/run/s6/services/s6-fdholderd/supervise/control: No such file or directory
I’m using an RPi3. I just did a full reboot of the machine and when it came back online it was back on 0.61.0 again and Tor 1.1.0 version.
Really strange as before the reboot it mentioned the newer versions. I updated hassio again to 0.61.1 and the Tor plugin worked again. But the Tor plugin does not mention 1.1.1 is available.
Update: never mind, that was a timing issue. After using the refresh button on the addon page it is mentioning the update again. Just ran it and it came online without any issues. I suspect the 0.61.0 update to 0.61.1 failed. But I still find it strange that even though that update failed, it did report 0.61.1 in the advanced settings screen.