Home Assistant Community Add-on: Tor

This add-on is provided by the Home Assistant Community Add-ons project.

GitHub Release GitLab CI Project Stage Project Maintenance

Supports armhf Architecture Supports armv7 Architecture Supports aarch64 Architecture Supports amd64 Architecture Supports i386 Architecture

Protect your privacy and access Home Assistant via Tor.

About


This Tor add-on allows you to access your Home Assistant instance as an Onion site, trough Tor’s Hidden Service feature. With this feature enabled, you do not need to open your firewall ports or setup HTTPS to enable secure remote access.

This is useful if you want to have:

  • Access your Home Assistant instance remotely without opening a firewall port or setting up a VPN.
  • Don’t want to or know how to get an SSL/TLS certificate and HTTPS configuration setup.
  • Want to block attackers from even being able to access/scan your port and server at all.
  • Want to block anyone from knowing your home IP address and seeing your traffic to your Home Assistant.

The add-on also offers the possibility to open a Sock proxy into the Tor network. Allowing you to access Tor from any of your (SOCKS supporting) applications through your Hass.io installation.

Installation


The installation of this add-on is pretty straightforward and not different in comparison to installing any other add-on.

  1. Search for the “Tor” add-on in the add-on store and install it.
  2. Start the “Tor” add-on
  3. Check the logs of the “Tor” add-on to see if everything went well. The log will also display your Tor .onion address.

:books: Please read the documentation for more information about the use and configuration of this add-on.

Support


You can always try to get support from the community here at the Home Assistant community forums, join the conversation!

Questions? You have several options to get them answered:

You could also open an issue on GitHub, in case you ran into a bug, or maybe you have an idea on improving the addon:

:information_source: At this moment our Home Assistant Community Add-ons Discord chat server and GitHub are our only official support channels. All others rely on community effort.

Repository on GitHub


Looking for more add-ons?


The primary goal of our add-ons project is to provide you (as a Home Assistant user) with additional, high quality, add-ons that allow you to take your automated home to the next level.

Check out some of our other add-ons in our Home Assistant Community Add-ons project.

4 Likes

About the author of this add-on

Hi there!

I am Franck Nijhof, and I have 30 years of programming experience, in many languages. I am using this experience to work on the Home Assistant project by giving back my knowledge and time to the open source community.

The add-on you are currently looking at right now was developed/packaged by me. It is not the only add-on I have created; there are many many more :wink:

However, I have a problem… I am an addict. A :coffee: addict that is. Lucky for you, I turn that C8H10N4O2 (caffeine molecule) into code (and add-ons)!

If you want to show your appreciation, consider supporting me for buying a cup of high octane wakey juice via one of the platforms below! :heart:

Sponsor Frenck via GitHub Sponsors

Support Frenck on Patreon

Enjoy your add-on, while I enjoy the brain juice. :coffee:

Thanks for all the :two_hearts:

…/Frenck

Join our Discord server Follow me on Twitter Flollow me on Instragram Follow me on GitHub Follow me on YouTube Follow me on Twitch patreon-icon

P.S.: In case you want to ask me a question: AMA (Ask Me Anything). Most of the time I am online at the Discord chat. (I go by @Frenck in there as well).

:tada: Add-on: Tor v0.1.0

Time for a new add-on. This is not the most requested add-on, but it was one of the least complex ones :wink:

This Tor add-on allows you to access you Home Assistant instance as an Onion site, trough Tor’s Hidden Service feature. With this feature enabled, you do not need to open your firewall ports or setup HTTPS to enable secure remote access.

Added

  • Initial release :tada:

Since this is the first release of this add-on, I’m looking forward to your feedback!

Thanks to the following people for voting for this add-on:

timkeizer, kostak, 3vasi0n, @Blueforcer, @bboti86, @IoTmessenger, RazorWire, sinbrkatetete, l_o_k_i, Penketh, falcon2k17, Michael_Trepanier, @atomicpapa, Rune_Pedersen, @apt, @mguedes, @sparkydave, @Sthope, jemmat, shindawg, motoolfan, @hijinx

5 Likes

Nice, definitely going to try this add-on! Keep up the good work :smiley:

Update: working great!
Made a PR for some extra info on the auth cookies in the torcc file.

1 Like

Thank you so much! this was a really long waiting addon.

Already working on the configs :slight_smile:

PS: works like a champ :blush:, again thank you for your awesome work!

1 Like

:tada: Add-on: Tor v0.1.1

Full Changelog

Changed

  • Authentication cookies will now be displayed in the add-on logs

This update is now available in your Hass.io panel.

Does this work well with the Mosquitto MQTT server add-on? I.E., will it make it difficult for me to access the HassIO MQTT server from outside my local network?

Yes, it is possible, but remember the client that connects to your MQTT server will need to be connected to the Tor network as well.

:tada: Add-on: Tor v1.0.0

Full Changelog

First stable release! :tada:

Changed

  • Promoted project stage to “production ready”
  • Upgrades add-on base image to v1.2.0
  • Improves tor S6 run script
  • Updates add-on URLs to new community forum URL
  • Moves copy of rootfs at a later stage

Fixed

  • Added Auth cookies in example torcc file #1 (@gerard33)

Removed

  • Removes repository.json to prevent user to install wrong repo
  • Removes Gratipay from README, since it is EOL

This update is now available in your Hass.io panel.

1 Like

can i use this addon, and have google assistant?

Hi, I installed the Tor addon and seems to run fine using the following config.

{
  "log_level": "info",
  "socks": true,
  "hidden_services": true,
  "stealth": false,
  "client_names": [],
  "ports": [
"8123:80"
  ]
}

When the add-on starts I can see the onion address. When using Tor Browser I can access HASSIO without any problems.

The logging also states that the SOCKS proxy is running and listening on 127.0.0.1:9050, but it seems that the network configuration to map container 9050/tcp to host 9050 does not work. I can’t connect to the host:9050 port.

Something wrong in the logic to map the ports to the host?

Dec 30 22:43:34.810 [notice] Tor 0.3.1.8 (git-ad5027f7dc790624) running on Linux with Libevent 2.1.8-stable, OpenSSL LibreSSL 2.6.3, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
Dec 30 22:43:34.810 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Dec 30 22:43:34.810 [notice] Read configuration file "/etc/tor/torrc".
Dec 30 22:43:34.826 [notice] Opening Socks listener on 127.0.0.1:9050
Dec 30 22:43:34.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Dec 30 22:43:35.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Dec 30 22:43:36.000 [warn] You are running Tor as root. You don't need to, and you probably shouldn't.
Dec 30 22:43:38.000 [notice] Bootstrapped 0%: Starting
Dec 30 22:43:41.000 [notice] Starting with guard context "default"
Dec 30 22:43:41.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Dec 30 22:43:42.000 [notice] Bootstrapped 85%: Finishing handshake with first hop
Dec 30 22:43:43.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Dec 30 22:43:44.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Dec 30 22:43:44.000 [notice] Bootstrapped 100%: Done

Some minutes later I do see the following warning. But the service on the onion address seems to work fine.

Dec 30 22:48:12.000 [warn] Hidden service <REMOVED ONION ADDRESS> exceeded launch limit with 11 intro points in the last 278 seconds. Intro circuit launches are limited to 10 per 300 seconds.
Dec 30 22:48:12.000 [warn] Service configured in "/ssl/tor/hidden_service":
Dec 30 22:48:12.000 [warn]   Intro point 0 at [scrubbed]: circuit is connecting to server
Dec 30 22:48:12.000 [warn]   Intro point 1 at [scrubbed]: circuit is connecting to server
Dec 30 22:48:12.000 [warn]   Intro point 2 at [scrubbed]: circuit is connecting to server

I would like to try this add-on on Hassio, but I’ve already installed and set up the Duck DNS add-on (with embedded Let’s Encrypt support). Must I uninstall Duck DNS before installing the Tor add-on; or perhaps simply “stop” the Duck DNS service and remove port forwarding? Or can I still keep all that in place and do a simple install of the Tor add-on? Thanks.

:tada: Release v1.1.0

Full Changelog

Fixed

  • Fixes an issue with the Tor SOCKS proxy

Changed

  • Removes Microbadger notification hooks
  • Prevents possible future Docker login issue
  • Pass local CircleCI Docker socket into the build container
  • Use image tagged as test as a cache resource
  • Updated maintenance year, it is 2018
  • Upgrades add-on base image to v1.3.1

Thanks, I’ll try that out, once I’ve troubleshooted the issue with latest hassio update. For some reason the hassio panel does not load anymore. It says ‘Failed to load the Hass.io panel from supervisor’ and it seems the docker plugins are down, so no SSH or other remote access anymore. HA itself is running though. But I can’t reach any log files.

Hello,
is it possible to access to other Ressouces in the Home Network using the Tor Addon on hassio?
p.e. the NAS or other Web Interfaces.
In the Tor config i can only configure Ports, not IPs.

On the „on premise“ Tor config i can edit the torrc file and put some IPs with Ports.

Thx

1 Like

Currently not!
But it certainly would be a nice addition to the addon!

Would you be so kind to create a ticket on the GitHub repository?

Thx!

:tada: Release v1.1.1

Full Changelog

Changed

  • Upgrades add-on base image to v1.3.2
1 Like

My issues of hanging supervisor messages were solved in 0.61.1 and with that I could try your new Tor release. And the proxy is indeed accessible from other hosts. Thanks!

But when I upgraded to 1.1.1 I get:

s6-mkfifo: fatal: unable to mkfifo /var/run/s6/services/s6-fdholderd/supervise/control: No such file or directory

Hmmm, that is unexpected and strange in a sense since the S6 overlay was not updated between those releases.

I’m unable to reproduce the issue as well. Could you tell me something about the system you are using? e.g. Pi3, etc…

Hi Fenck,

I’m using an RPi3. I just did a full reboot of the machine and when it came back online it was back on 0.61.0 again and Tor 1.1.0 version.

Really strange as before the reboot it mentioned the newer versions. I updated hassio again to 0.61.1 and the Tor plugin worked again. But the Tor plugin does not mention 1.1.1 is available.

Update: never mind, that was a timing issue. After using the refresh button on the addon page it is mentioning the update again. Just ran it and it came online without any issues. I suspect the 0.61.0 update to 0.61.1 failed. But I still find it strange that even though that update failed, it did report 0.61.1 in the advanced settings screen.