diff --git a/nodes/bitcoin-2.json b/nodes/bitcoin-2.json
index ee268e9..1a71313 100644
--- a/nodes/bitcoin-2.json
+++ b/nodes/bitcoin-2.json
@@ -26,6 +26,8 @@
       "kosmos-bitcoin::dotnet",
       "kosmos-bitcoin::nbxplorer",
       "kosmos-bitcoin::btcpay",
+      "tor-full",
+      "tor-full::default",
       "apt::default",
       "timezone_iii::default",
       "timezone_iii::debian",
@@ -82,6 +84,7 @@
     "recipe[kosmos-bitcoin::c-lightning]",
     "recipe[kosmos-bitcoin::lnd]",
     "recipe[kosmos-bitcoin::rtl]",
-    "role[btcpay]"
+    "role[btcpay]",
+    "recipe[tor-full]"
   ]
 }
\ No newline at end of file
diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb
index 054639a..1cf96a2 100644
--- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb
+++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb
@@ -25,6 +25,9 @@ node.default['bitcoin']['conf'] = {
   zmqpubrawtx: 'tcp://127.0.0.1:8338'
 }
 
+# Also enables Tor for LND
+node.default['bitcoin']['tor_enabled'] = true
+
 node.default['c-lightning']['repo'] = 'https://github.com/ElementsProject/lightning'
 node.default['c-lightning']['revision'] = 'v0.10.0'
 node.default['c-lightning']['source_dir'] = '/opt/c-lightning'
diff --git a/site-cookbooks/kosmos-bitcoin/metadata.rb b/site-cookbooks/kosmos-bitcoin/metadata.rb
index fe6cd0c..c8bb476 100644
--- a/site-cookbooks/kosmos-bitcoin/metadata.rb
+++ b/site-cookbooks/kosmos-bitcoin/metadata.rb
@@ -26,3 +26,4 @@ depends 'kosmos-nginx'
 depends 'kosmos-nodejs'
 depends 'firewall'
 depends 'application_javascript'
+depends 'tor-full'
diff --git a/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb b/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb
index bcf1cd0..47bbe7e 100644
--- a/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb
+++ b/site-cookbooks/kosmos-bitcoin/recipes/lnd.rb
@@ -71,6 +71,9 @@ template "#{lnd_dir}/lnd.conf" do
   notifies :restart, "systemd_unit[lnd.service]", :delayed
 end
 
+exec_flags = ""
+exec_flags += "--tor.active --tor.v3" if node['bitcoin']['tor_enabled']
+
 systemd_unit 'lnd.service' do
   content({
     Unit: {
@@ -83,7 +86,7 @@ systemd_unit 'lnd.service' do
       User: bitcoin_user,
       Group: bitcoin_group,
       Type: 'simple',
-      ExecStart: '/opt/go/bin/lnd',
+      ExecStart: "/opt/go/bin/lnd #{exec_flags}",
       Restart: 'always',
       RestartSec: '30',
       TimeoutSec: '240',
@@ -108,3 +111,8 @@ firewall_rule 'lnd' do
   protocol :tcp
   command  :allow
 end
+
+if node['bitcoin']['tor_enabled']
+  node.override['tor']['ControlPort'] = 9051
+  node.override['tor']['CookieAuthentication'] = true
+end
diff --git a/site-cookbooks/kosmos-bitcoin/recipes/source.rb b/site-cookbooks/kosmos-bitcoin/recipes/source.rb
index e92a80f..51df04f 100644
--- a/site-cookbooks/kosmos-bitcoin/recipes/source.rb
+++ b/site-cookbooks/kosmos-bitcoin/recipes/source.rb
@@ -81,6 +81,14 @@ user bitcoin_user do
   shell "/bin/bash"
 end
 
+if node['bitcoin']['tor_enabled']
+  group 'debian-tor' do
+    action :modify
+    members bitcoin_user
+    append true
+  end
+end
+
 [bitcoin_datadir, bitcoin_walletdir].each do |path|
   directory path do
     owner bitcoin_user