HOW TO: Make a DIY Proxy to reconnect Iran to the web

September 23, 2022
Current 403 Proxy
https://signal.tube/#signal09.403.ie

22-year-old Mahsa Amini was detained by Iran's Guidance Patrol on 13th September for the crime of wearing her hijab too loosely. She was pronounced dead 3 days later while in their custody. Her death prompted Iranians to take to the streets of Tehran and at least 12 other cities in the country.

As of today 26 people are confirmed to have died in protests.

This has prompted a wave of internet lockdowns by the Iranian state.

Yesterday, Instagram and WhatsApp joined TikTok, YouTube, Twitter, Facebook and Signal in the Iranian blocklist.

Signal, however, is fighting back with full in-app support for proxy server integration with a couple of clicks - and you can too.

How to set up a Signal proxy server

  1. Spin up a server. I recommend Digital Ocean. Once logged in, click Create and then Droplets.
  2. Stick with the default Ubuntu version, select Basic for "Choose a plan" and choose the Regular with SSD CPU option, the $6 dollar version is generally going to be good enough as this is just a proxy.
  3. You can pick whatever you want for the Location but bare in mind Bangalore and London are the closest to Iran so there'll be less latency with these options.
  4. For Authentication, choose SSH Keys. If you're not familiar with how to set these up, check out this straightforward guide.
  5. Choose a hostname of your liking and then Create Droplet
  6. Once it's spun up, take note of the droplet IP address. You'll need to point a domain to this. If you don't already have a domain, I recommend grabbing one at NameCheap.
  7. Once you've purchased and pointed your domain at the droplet IP, you'll want to SSH in and install the proxy server. You can use this command (replacing the path to your key from step 4 and the IP from step 6): ssh -i [PATH/TO/YOUR/KEY]root@[DROPLET_IP_ADDRESS] (remove the []'s also)
  8. Install Docker, Docker Compose, and git:
    • sudo apt update && sudo apt install docker docker-compose git
  9. Clone the Signal TLS Proxy repository:
    • git clone https://github.com/signalapp/Signal-TLS-Proxy.git
  10. Enter the repo directory:
    • cd Signal-TLS-Proxy
  11. Run the helper script that configures and provisions a TLS certificate from Let’s Encrypt:
    • sudo ./init-certificate.sh
  12. Use Docker Compose to launch the proxy:
    • sudo docker-compose up --detach

Nice work! Your proxy is live. You can share your proxy using this URL format: 

https://signal.tube/#<your_domain_name>

Signal are encouraging proxy owners to share their proxy address on social media with the hashtag #IRanASignalProxy but that's totally up to you. Their specific recommendation is to make a post with that hashtag and not post the URL but rather encourage users to DM you for it:

A more discreet approach would be to only send the link via a DM or a non-public message. You can post something like this on your favorite social network: #IRanASignalProxy Reply to this thread if you want the connection details, and follow me so I can DM you the link.

Source: https://signal.org/blog/run-a-proxy/

See Signal's original post