diff --git a/provider_base/services/tor_hidden_service.json b/provider_base/services/tor_hidden_service.json
index 137932fa2577ed7911fad6e38f2828970428f3ac..d7f3ec27fe69cc117e48d9d5c2e679da345933b9 100644
--- a/provider_base/services/tor_hidden_service.json
+++ b/provider_base/services/tor_hidden_service.json
@@ -5,7 +5,8 @@
       "public_key": "= tor_public_key_path(:node_tor_pub_key, tor.hidden_service.key_type)",
       "private_key": "= tor_private_key_path(:node_tor_priv_key, tor.hidden_service.key_type)",
       "address": "=> onion_address(:node_tor_pub_key)",
-      "single_hop": false
+      "single_hop": false,
+      "v3": false
     }
   }
 }
diff --git a/puppet/modules/site_static/manifests/hidden_service.pp b/puppet/modules/site_static/manifests/hidden_service.pp
index f23727f7cfcc9d7bbe7c69f31f48a58cbd5128f3..c5d12c3463cca0b74690988d9eb4d9e111c35b12 100644
--- a/puppet/modules/site_static/manifests/hidden_service.pp
+++ b/puppet/modules/site_static/manifests/hidden_service.pp
@@ -1,11 +1,12 @@
 # create hidden service for static sites
-class site_static::hidden_service ( $single_hop = false ) {
+class site_static::hidden_service ( $single_hop = false, $v3 = false ) {
   Class['site_tor::hidden_service'] -> Class['site_static::hidden_service']
   include site_tor::hidden_service
 
   tor::daemon::hidden_service { 'static':
     ports      => [ '80 127.0.0.1:80'],
-    single_hop => $single_hop
+    single_hop => $single_hop,
+    v3         => $v3
   }
 
   file {
diff --git a/puppet/modules/site_static/manifests/init.pp b/puppet/modules/site_static/manifests/init.pp
index 1a92c29e9a19595047673c8f4a11645f5d81513a..fdc5782fb87baa4a78b897ae3368a2dc6ab370fa 100644
--- a/puppet/modules/site_static/manifests/init.pp
+++ b/puppet/modules/site_static/manifests/init.pp
@@ -79,7 +79,8 @@ class site_static {
     $hidden_service = $tor['hidden_service']
     $onion_domain     = "${hidden_service['address']}.onion"
     class { 'site_static::hidden_service':
-      single_hop => $hidden_service['single_hop']
+      single_hop => $hidden_service['single_hop'],
+      v3         => $hidden_service['v3']
     }
 
     # Currently, we only support a single hidden service address per server.
diff --git a/puppet/modules/site_webapp/manifests/hidden_service.pp b/puppet/modules/site_webapp/manifests/hidden_service.pp
index 1f87da6b66ef8cfc60da3c9bda92a705f0531887..290f96653509a7fe686815154cb4e87e9d5f7735 100644
--- a/puppet/modules/site_webapp/manifests/hidden_service.pp
+++ b/puppet/modules/site_webapp/manifests/hidden_service.pp
@@ -14,7 +14,8 @@ class site_webapp::hidden_service {
 
   tor::daemon::hidden_service { 'webapp':
     ports      => [ '80 127.0.0.1:80'],
-    single_hop => $hidden_service['single_hop']
+    single_hop => $hidden_service['single_hop'],
+    v3         => $hidden_service['v3']
   }
 
   file {
diff --git a/puppet/modules/tor/.gitrepo b/puppet/modules/tor/.gitrepo
index 5e3e3c1fab1cfb94ff917cce39f3331a5dafb8ac..ea3c14954a173bfb6c9f19290a235b48c4330e69 100644
--- a/puppet/modules/tor/.gitrepo
+++ b/puppet/modules/tor/.gitrepo
@@ -6,6 +6,6 @@
 [subrepo]
 	remote = https://leap.se/git/puppet_tor
 	branch = master
-	commit = 5ef29012dccc90e68afc215be9521629a0903bc6
-	parent = 747d3e9b55c8b7b7d98a63474b6de82d7114c389
-	cmdver = 0.4.0
+	commit = 4380e2eabd94d8f0df7f63c642dd46ec4783ef07
+	parent = be4182d7227d57b4da20d088b4750c756f759888
+	cmdver = 0.3.1
diff --git a/puppet/modules/tor/manifests/daemon/hidden_service.pp b/puppet/modules/tor/manifests/daemon/hidden_service.pp
index 07121bd67307432591e34cecfe7500d7362df324..d91bdc892ae01b26e0bae980b5b16b309e3f01df 100644
--- a/puppet/modules/tor/manifests/daemon/hidden_service.pp
+++ b/puppet/modules/tor/manifests/daemon/hidden_service.pp
@@ -2,6 +2,7 @@
 define tor::daemon::hidden_service(
   $ports         = [],
   $single_hop    = false,
+  $v3            = false,
   $data_dir      = $tor::daemon::data_dir,
   $ensure        = present ) {
 
diff --git a/puppet/modules/tor/templates/torrc.directory.erb b/puppet/modules/tor/templates/torrc.directory.erb
index c7dc4ab5abc781618a9e7afcf0329829dcc25e5d..23ed339236e46d743e08c52b8bd1dafb77a1e708 100644
--- a/puppet/modules/tor/templates/torrc.directory.erb
+++ b/puppet/modules/tor/templates/torrc.directory.erb
@@ -2,7 +2,7 @@
 <%  if @port != '0' -%>
 DirPort <%= @port %>
 <%  end -%>
-<%  listen_addresses.each do |listen_address| -%>
+<%  @listen_addresses.each do |listen_address| -%>
 DirListenAddress <%= listen_address %>
 <%  end -%>
 <%  if @port_front_page != '' -%>
diff --git a/puppet/modules/tor/templates/torrc.hidden_service.erb b/puppet/modules/tor/templates/torrc.hidden_service.erb
index 5b6afe1cde31d20ea3ccc1d4dc3dcbe28cdc58a1..8a691c6b3ac1eb477049f730f811545fe7a8fc39 100644
--- a/puppet/modules/tor/templates/torrc.hidden_service.erb
+++ b/puppet/modules/tor/templates/torrc.hidden_service.erb
@@ -10,3 +10,11 @@ HiddenServiceDir <%= @data_dir %>/<%= @name %>
 HiddenServicePort <%= port %>
 <% end -%>
 
+<% if @v3 != false %>
+# hidden service v3 static
+HiddenServiceDir <%= @data_dir %>/<%= @name -%>3
+HiddenServiceVersion 3
+<% @ports.each do |port| -%>
+HiddenServicePort <%= port %>
+<% end -%>
+<% end -%>