Hello everyone.
INSTALL INSTRUCTIONS: >>825
I've been teasing this project for a couple of months as I worked out all the implementation details, so here's the payoff. In the classic Dreamcast RPG Skies of Arcadia, the heroes are a band of Blue Rogue air pirates; swashbucking heroes pursued across the world by an evil empire. In the middle of the game the party discovers a tiny, uncharted island in the corner of the map and they turn it into a hidden fortress paradise. A base of operations, safely hidden from their enemies in a place called Crescent Isle.
What is Crescent Isle?
It is a clearnet portal to 8moe's onion created with the implementation of a specially configured Tor2Web multiproxy coupled to an aggressive HTTP accelerator cache, and protected from DDoS by a CDN.
What does it do?
It allows anons to potentially access any number of imageboard .onions from the clearnet, using any browser and viewing/posting from anywhere. And they can do it almost as fast as using the site on the clearnet due to the CDN and aggressive dynamic caching system.
How does it work?
There is a separate server that is currently running the open source Tor, Tor2Web, and Varnish Cache software programs, all specially configured to play nice together and with LynxChan software. The system uses a single .onion site as a default (8moe in our case) but through the use of specially configured custom subdomains a single Crescent Isle server can proxy traffic for any number of imageboard sites on an opt-in basis.
When you go to the site running Crescent Isle, it connects you via encrypted HTTPS to the proxy server, then Tor encrypts your traffic and connects you to the onion site. Due to the HTTP accelerator caching things like CSS, HTML, and thumbnails the site will load and function much faster than it normally would connecting over just Tor.
What is Redchannit?
A meme, son. "Redchannit" or "Redchanit" was the name of the evil darknet site used by the badguys in the infamous #GamerGate Law and Order episode "Intimidation Game." Since I owned a couple domains for it I used one for the first Crescent Isle server:
https://redchannit.net
How is Redchannit's Crescent Isle system configured?
For the more technical among you: The multiproxy works but is currently disabled by leaving the subdomains blanked, and the tor2web server is locked to HTTP mode, receiving HTTPS connections courtesy of Vanwanet due to lacking support for SSL termination in Varnish cache. The Translation mode is locked to 8moe's onion address and the debug log disabled. The Varnish cache is not running any of the optional logging systems, and varnishlog is not set up to log to disk. There is a temporary log that is held in active memory and overwrites itself. The system is configured to not pass valid XFF headers, REAL-IP or REFERER. This gives the most security and anonymity for users, but it means that User Account functions are unavailable through the proxy and have to be used via Tor Browser.
Why is this system important?
>Server protection. The actual webserver can stay hidden, safe, and anonymous on the Tor network.
>Public portal. Even with the server itself buried in the Tor network, it still has a public face with a human readable domain and doesn't require special tools to access.
>Deniability. As a public proxy Redchannit hosts nothing, stores nothing, logs nothing, and caches only to industry standards.
>Deplatforming-resistant. The argument that "this public proxy is capable of displaying content from shitlord site X" is a much harder sell to a business than "shitlord site X has Y content on its server pls deplatform." Public proxies are everywhere and even picky registrars and hosts rarely try to hold them accountable for displayed content that they do not store, especially for legal content.
>Clearnet fallback. In the event of a catastrophic deplatforming of the main site, Crescent Isle can be used (or brought online on a different server) very quickly if domain names are made public in advance.
>One or All. A single imageboard can run a Crescent Isle system very cheaply to serve as the front door to its service. It needs only a mediocre processor and ~4GB of RAM. The prototype was built and tested on a $15 DigitalOcean Droplet before being moved to a production server, and it works with Cloudflare's free DDoS protection. For a small, low traffic site you could run the portal on a laptop in your kitchen. A "full monty" install like Redchannit can serve as a central portal to many different sites as well.
>Free, open source. All of the required software is open source and free of charge. The magic is in the esoteric configurations which will also be made available for free, by us. If you don't trust Redchannit for whatever reason, I'll show you how to set up your own Crescent Isle.
What's required
>A VPS or Droplet with at least 4GB of RAM and a not-shit processor[Expand Post]
>A domain name for the portal
>Debian 10 with Sudo and Nano installed
>Tor, Tor2Web, and Varnish installed
>Properly set up tor2web.conf and varnish default.vcl config files
>The .onion address of your imageboard(s)
>Enough IT knowledge to do basic things like service port configurations, systemd configurations, and a little bit of C programming language for the Varnish .vcl configuration syntax.
How did you come up with this?
Zeronet has clearnet proxy sites that have been around for a while. I conceived of something like that for Tor to make a distributed imageboard system resulting in the first prototype pic above. Doing further research I learned that Tor proxies like onion.ws already exist, but are widely shit on by the tor community because of them using tracking cookies and Google ads, logging and selling user IPs, eavesdropping on logins and cookies, and other sketchy things to pay their bills. Deciding the only safe way was to do it in-house, I looked into adapting their same system (tor2web) to do what I wanted, and I nearly forked it until I figured out that I could use their byzantine config system to make it cooperate out of the box. Once I got it working through a lot of trial and error (due to tor2web being maligned by the tor community and very nearly being abandonware with dead support channels and no updates in 9 months), combining it with an HTTP accelerator cache to speed up user experience was my idea.
The End Result
You can browse and post on 8moe anonymously via the Tor network from any clearnet connection anywhere, almost as fast as on clearnet, and the proxy and the site server both are far more resistant to being deplatformed. If you use DNS over HTTPS on top of this I think you're about as anonymous as you can get. If the domain gets taken down you can access the site via Redchannit, and if Redchannit gets taken down another one can pop up in minutes as opposed to reworking the entire site itself. From a user standpoint the only things that do not work are post editing and deletion due to the referer header being invalid. Board owners and moderators will need to use Tor Browser to access their tools for the same reason.
What's Next?
I was going to release this in ~10 days, so there are a couple remaining little QoL bugs and things I've yet to fix/tweak. There are experimental ideas on how to make the proxy work and feel more like the clearnet site in regards to user function to explore, and I'm writing up detailed setup guides for a minimalist and a full monty install so it'll be far easier for other imageboard sites to copy what I've done. The system will work closely with the LynxChan tor-control addon that we're developing to allow somewhat better moderation of Tor users. If other sites would like to opt-in to Redchannit they can contact me via the usual admin email.
Edited last time by Acidadmin on 08/11/2020 (Tue) 02:17:39.