Worried about today’s big issues of the internet, such as mass surveillance, tracking and censorship? Thinking of providing a bit of extra support to the Tor Project? Perhaps even by donating some computing power and bandwidth from your self-hosted Raspberry Pi Server? Great idea! And it’s easy to do – just read on.
How does the Tor browser work?
The Tor browser is currently one of the best ways to stay anonymous online and conceal a user’s location, online history and identity. Most importantly, Tor allows users in countries with restricted web access to safely surf the uncensored internet.
The ‘onion routing’ provided by Tor is based on a decentralized network. A user entering the network will have their traffic encrypted and is then passed through several relays, which are provided by volunteer hosts all over the world. This routing makes it difficult to track what each user is doing or where they came from.
What is a Snowflake proxy?
Users in countries with web restrictions typically have to access the internet via a proxy if they want to circumvent the censorship. Tor offers a bridge service for this, called Snowflake. Volunteers all over the world run Snowflake proxies, which rely on WebRTC to establish peer-to-peer connections between web browsers.
Snowflake proxies can either be set up via a handy browser extension (Firefox and Chrome only) or on a self-hosted web server. The obvious advantage of the server is that the connection stays continuously active, making it more reliable for Tor users. More technical details about how Snowflake works here.
The guide below will explain how to set up a standalone Snowflake proxy on a server, using one of two possible options (see Tor Project website).
I tested the first option using Docker on my Raspberry Pi 4 and it worked like a charm.
First, if you haven’t yet done so, you will have to install docker and docker-compose. An easy way to do this is to use a bash script provided by https://get.docker.com.
Log into your Raspberry Pi via ssh or use the terminal. As always, first update your system.
sudo apt-get update sudo apt-get upgrade -y
Remove any older, previously installed docker versions.
sudo apt-get remove docker docker-engine docker.io containerd runc
Next download and install docker using the following commands:
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
After the installation process finishes, you will get a list of details about your docker installation. You should ensure that the pi user (or your main user) is added to the docker group. If this step is skipped only the root user will be able to run docker.
sudo usermod -aG docker pi
After this step, type logout to log out and then log back in to the terminal so that the groups are updated. If you type groups you should now see the docker group listed there.
Now it’s time to test whether your installation has worked. One way to do this is with the hello-world test container. The following command will download and install the container from a library and then run it on your system.
docker run hello-world
If everything has installed as it should, you will now see a message telling you that the installation appears to be working correctly.
Now you can start installing snowflake by getting the snowflake image.
docker pull thetorproject/snowflake-proxy
Download the yaml file from the Tor Project:
curl -O https://gitlab.torproject.org/tpo/anti-censorship/docker-snowflake-proxy/raw/main/docker-compose.yml
Open the docker image you have just downloaded.
docker compose up -d snowflake-proxy
Once everything is installed you get a note that container snowflake-proxy was started.
Now you can type the following command to get a list of docker containers that are currently active and their details
sudo docker ps
The logs option will provide further information about how many users have connected within the past hour and upload/download traffic.
Please note that you will only get a result after the container has been online for at least an hour. Updates are provided in hourly intervals.
docker logs snowflake-proxy