diff --git a/README.md b/README.md
index 28c8107..f61666e 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@ Simple way to run a Monero node with some monitoring and anonymity tools package
 * [nodemapper](./dockerfiles/nodemapper.py) - gathers GeoIP data for peers
 * [Prometheus](https://prometheus.io/docs/introduction/overview/) - monitors the exporter
 * [Grafana](https://grafana.com/) - shows visualizations and dashboards
-* [tor](https://www.torproject.org/) - provides tx relays over tor proxy
+* [tor](https://www.torproject.org/) - provides tx relays over tor proxy and hidden service
 * [i2pd](https://i2pd.website/) - provides tx relays over i2p proxy
 
 
@@ -49,6 +49,8 @@ docker compose build
 docker compose up -d
 ```
 
+### Port Configurations
+
 The following ports will be bound for `monerod` by default, but you can override in `.env`:
 - 18080   # p2p
 - 18081   # restricted rpc
@@ -70,6 +72,20 @@ You will want to open/allow ports 18080 and 18081 in your firewall for usage as
 
 Also, you may want to setup a reverse proxy to Grafana if you would like to expose the visualizations for the world to see. Be sure to lock down the administrative settings or leave login disabled! You can see sample images below.
 
+### Onion Address
+
+Your `tor` container will be proxying outbound traffic (hiding transactions) and also allowing incoming connections to the Tor network (hidden service). A random onion address will be generated automatically. To view the address, either check the `monerod` container logs (it will be the first few lines), or read the file like so:
+
+```bash
+docker compose exec -ti tor cat /var/lib/tor/monerod/hostname
+```
+
+Load the URL in your Tor browser at port 18081 to confirm it's availability or for personal usage. http://<onion_address>:18081/get_info
+
+![](./static/tor.png)
+
+It may take a few minutes for it to be reachable. Check the tor container logs to monitor bootstrap progress.
+
 ## Usage
 
 It's fairly simple, use `docker compose` to bring the containers up and down and look at logs.
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 3056864..55d13ea 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,6 +1,7 @@
 volumes:
   grafana:
   prometheus:
+  tor:
 
 x-log-config: &log-config
   logging:
@@ -52,17 +53,17 @@ services:
       - ./files/grafana/dashboards:/var/lib/grafana/dashboards:ro
     environment:
       HOSTNAME: grafana
-      GF_SERVER_ROOT_URL: ${GRAFANA_URL}
+      GF_SERVER_ROOT_URL: ${GRAFANA_URL:-}
       GF_ANALYTICS_REPORTING_ENABLED: "false"
       GF_ANALYTICS_CHECK_FOR_UPDATES: "false"
       GF_USERS_ALLOW_SIGN_UP: "false"
       GF_USERS_ALLOW_ORG_CREATE: "false"
-      GF_LOG_LEVEL: "debug"
+      GF_LOG_LEVEL: "info"
       GF_AUTH_ANONYMOUS_ENABLED: "${GF_AUTH_ANONYMOUS_ENABLED:-true}"
       GF_AUTH_BASIC_ENABLED: "${GF_AUTH_BASIC_ENABLED:-false}"
       GF_AUTH_DISABLE_LOGIN_FORM: "${GF_AUTH_DISABLE_LOGIN_FORM:-true}"
-      GF_SECURITY_ADMIN_PASSWORD: "${GF_SECURITY_ADMIN_PASSWORD}"
-      GF_SECURITY_ADMIN_USER: "${GF_SECURITY_ADMIN_USER}"
+      GF_SECURITY_ADMIN_PASSWORD: "${GF_SECURITY_ADMIN_PASSWORD:-}"
+      GF_SECURITY_ADMIN_USER: "${GF_SECURITY_ADMIN_USER:-}"
     networks:
       - tor_net
     <<: *log-config
@@ -110,6 +111,8 @@ services:
     restart: unless-stopped
     # ports:
       # - 127.0.0.1:9050:9050
+    volumes:
+      - tor:/var/lib/tor/monerod
     networks:
       tor_net:
         ipv4_address: 172.31.255.250
@@ -137,30 +140,12 @@ services:
     restart: unless-stopped
     volumes:
       - ${DATA_DIR:-./data}:/data
+      - tor:/var/lib/tor/monerod:ro
     ports:
       - ${P2P_PORT:-18080}:18080                    # p2p
       - ${RESTRICTED_PORT:-18081}:18081             # restricted rpc
       - 127.0.0.1:${ZMQ_PORT:-18082}:18082          # zmq
       - 127.0.0.1:${UNRESTRICTED_PORT:-18083}:18083 # unrestricted rpc
-    command:
-      - monerod
-      - --data-dir=/data
-      - --p2p-bind-ip=0.0.0.0
-      - --p2p-bind-port=18080
-      - --rpc-restricted-bind-ip=0.0.0.0
-      - --rpc-restricted-bind-port=18081
-      - --zmq-rpc-bind-ip=0.0.0.0
-      - --zmq-rpc-bind-port=18082
-      - --rpc-bind-ip=0.0.0.0
-      - --rpc-bind-port=18083
-      - --non-interactive
-      - --confirm-external-bind
-      - --public-node
-      - --log-level=0
-      - --rpc-ssl=disabled
-      - --ban-list=/ban_list.txt
-      - --tx-proxy=tor,172.31.255.250:9050,disable_noise,24
-      - --tx-proxy=i2p,172.31.255.251:4447,disable_noise,24
     networks:
       - tor_net
     <<: *log-config
diff --git a/dockerfiles/monero b/dockerfiles/monero
index 68df78d..8579830 100644
--- a/dockerfiles/monero
+++ b/dockerfiles/monero
@@ -58,6 +58,10 @@ COPY --from=og /usr/local/bin/monerod /usr/local/bin/monerod
 COPY --from=og /usr/local/bin/monero-wallet-cli /usr/local/bin/monero-wallet-cli
 COPY --from=og /usr/local/bin/monero-wallet-rpc /usr/local/bin/monero-wallet-rpc
 COPY --from=og /tmp/ban_list.txt /ban_list.txt
+COPY ./dockerfiles/monerod_entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]
 
 EXPOSE 18080
 EXPOSE 18081
diff --git a/dockerfiles/monerod_entrypoint.sh b/dockerfiles/monerod_entrypoint.sh
new file mode 100644
index 0000000..af5dc46
--- /dev/null
+++ b/dockerfiles/monerod_entrypoint.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+while [ ! -f /var/lib/tor/monerod/hostname ]; do
+    echo -e "[+] Waiting for onion address to be generated"
+    sleep 1
+done
+
+export ONION_ADDRESS=$(cat /var/lib/tor/monerod/hostname)
+
+echo "=========================================="
+echo "Your Monero RPC Onion address is: ${ONION_ADDRESS}"
+echo "=========================================="
+
+sleep 3
+
+monerod \
+    --data-dir=/data \
+    --p2p-bind-ip=0.0.0.0 \
+    --p2p-bind-port=18080 \
+    --rpc-restricted-bind-ip=0.0.0.0 \
+    --rpc-restricted-bind-port=18081 \
+    --zmq-rpc-bind-ip=0.0.0.0 \
+    --zmq-rpc-bind-port=18082 \
+    --rpc-bind-ip=0.0.0.0 \
+    --rpc-bind-port=18083 \
+    --non-interactive \
+    --confirm-external-bind \
+    --public-node \
+    --log-level=0 \
+    --rpc-ssl=disabled \
+    --ban-list=/ban_list.txt \
+    --anonymous-inbound=${ONION_ADDRESS}:18081,127.0.0.1:18089,24 \
+    --tx-proxy=tor,172.31.255.250:9050,disable_noise,24 \
+    --tx-proxy=i2p,172.31.255.251:4447,disable_noise,24
\ No newline at end of file
diff --git a/dockerfiles/tor b/dockerfiles/tor
index 91c6ff2..a6b9e43 100644
--- a/dockerfiles/tor
+++ b/dockerfiles/tor
@@ -2,9 +2,9 @@ FROM ubuntu:22.04
 
 RUN apt-get update && apt-get install tor -y
 
-RUN mkdir -p /run/tor \
-  && chown -R debian-tor:debian-tor /run/tor \
-  && chmod 700 -R /run/tor
+RUN mkdir -p /run/tor /var/lib/tor/monerod \
+  && chown -R debian-tor:debian-tor /run/tor /var/lib/tor/monerod \
+  && chmod 700 -R /run/tor /var/lib/tor/monerod
 
 COPY dockerfiles/tor-config /etc/tor/torrc
 
diff --git a/dockerfiles/tor-config b/dockerfiles/tor-config
index a89b34b..41e0c78 100644
--- a/dockerfiles/tor-config
+++ b/dockerfiles/tor-config
@@ -5,3 +5,5 @@ IPv6Exit 0
 Log notice stdout
 PublishServerDescriptor 0
 SOCKSPort 0.0.0.0:9050
+HiddenServiceDir /var/lib/tor/monerod
+HiddenServicePort 18081 monerod:18081
\ No newline at end of file
diff --git a/static/tor.png b/static/tor.png
new file mode 100644
index 0000000..d240e49
Binary files /dev/null and b/static/tor.png differ