tor-hs: add new package

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>

1 files changed, 104 insertions, 0 deletions

diff --git a/net/tor-hs/README.md b/net/tor-hs/README.md
new file mode 100644
index 000000000..649ff31f6
--- /dev/null
+++ b/net/tor-hs/README.md
@@ -0,0 +1,104 @@
+# Tor Hidden service configurator
+**tor-hs** packages tries to simplify creating of hidden services on OpenWrt routers.
+
+## Requirements
+To run **tor-hs**, you need Tor package with uci config support (it was added
+with [this commit](https://github.com/openwrt/packages/commit/ca6528f002d74445e3d0a336aeb9074fc337307a) ).
+
+## Instalation
+To install package simple run
+```
+opkg update
+opkg install tor-hs
+```
+
+## Configuration
+Uci configuration is located in **/etc/config/tor-hs**
+
+### Required section of configuration
+There is  one required section **common**
+
+Example of this section
+```
+config tor-hs common
+	option GenConf "/etc/tor/torrc_hs"
+	option HSDir "/etc/tor/hidden_service"
+	option RestartTor "true"
+	option UpdateTorConf "true"
+```
+
+#### Table with options description
+| Type | Name | Default | Description |
+| ------ | ------ | ------ | ------ |
+| option |GenConf | /etc/tor/torrc_generated|Generated config by tor-hs.|
+| option | HSDir |/etc/tor/hidden_service|Directory with meta-data for hidden services (hostname,keys,etc).|
+| option | RestartTor | true| It will restart tor after running **/etc/init.d/tor-hs start**.|
+| option | UpdateTorConf | true|Update /etc/config/tor with config from **GenConf** option.|
+
+### Hidden service configuration
+If you want to create a new hidden service, you have to add a hidden-service section. For every hidden service, there should be a new **hidden-service** section.
+
+Example of hidden service section for ssh server:
+
+```
+config hidden-service
+	option Name 'sshd'
+	option Description "Hidden service for ssh"
+	option Enabled 'false'
+	option IPv4 '127.0.0.1'
+	#public port=2222, local port=22
+	list PublicLocalPort '2222;22'
+```
+
+#### Table with options description
+
+| Type | Name | Example value | Description |
+| ------ | ------ | ------ | ------ |
+|	option | Name | sshd| Name of hidden service. It is used as directory name in **HSDir**|
+|	option | Description| Hidden service for ssh| Description used in **rpcd** service|
+|	option | Enabled |false| Enable hidden service after running **tor-hs** init script|
+|	option |IPv4 |127.0.0.1|Local IPv4 address of service. Service could run on another device, in that case OpenWrt will redirect comunication.  |
+|	list | PublicLocalPort| 2222;22| Public port is port accesible via Tor network. Local port is normal port of service.|
+|option| HookScript |'/etc/tor/nextcloud-update.php'| Path to script which is executed after starting tor-hs. Script is executed with paramters **--update-onion** **hostname** . Hostname is replaced with Onion v3 address for given hidden service.
+
+## Running service
+
+To enable tor-hs service run
+```
+/etc/init.d/tor-hs enable
+/etc/init.d/tor-hs start
+
+```
+In case you enabled option *RestartTor* and *UpdateTorConf* hidden service should be running.
+Otherwise, you should also restart tor daemon.
+
+```
+/etc/init.d/tor restart
+```
+
+After that you should also restart rpcd daemon, so you can use tor-hs RPCD service.
+```
+/etc/init.d/rpcd restart
+```
+
+### RPCD
+
+RPCD servis helps users to access basic informations about hidden services on router. After running HS it contains onion url for given hidden service in hostname value.
+```
+root@turris:/# ubus call tor_rpcd.sh list-hs '{}'
+{
+	"hs-list": [
+		{
+			"name": "sshd",
+			"description": "Hidden service for ssh",
+			"enabled": "1",
+			"ipv4": "127.0.0.1",
+			"hostname": "****hidden-service-hostname****.onion",
+			"ports": [
+				"22;22"
+			]
+		}
+	]
+}
+```
+