Hey @Gargron heres that tor guide for mastodon
@Laurelai Eww that leaves you having to accept a broken ssl cert though :p
@Sir_Boops its the same cert as the cleartext site, all its for is encrypting the connection.
@Sir_Boops Because nobody will sign a .onion domain cert 🙃
@Sir_Boops Yeah special cases like them get them, but not us folks :p
@Laurelai No anyone can buy them https://www.digicert.com/blog/ordering-a-onion-certificate-from-digicert/
@Sir_Boops $95.00 USD who has that kind of money lmao
@Sir_Boops letsencrypt just needs to pull its head out of its ass
@Laurelai The .onion itself is the encryption for the .onion site :p
@Sir_Boops not without https everywhere. TOR is not encryption, its anonymity
@Laurelai When talking with clearnet sites yes you are correct .onions are e2e encrypted on there own making a .onion with ssl pointless -> https://www.torproject.org/docs/onion-services.html.en
@Sir_Boops if you want you can always make a seperate mastodon-tor.conf without the certificate links, but im sure you already know that :p
@Laurelai Masto won't play nice with that :p Your guide as it is now is as good as masto can handle tor without starting to compile custom versions of nginx/edit masto itself even then it still dosn't like to play nice with tor XD
@Sir_Boops @Laurelai Yeah there's no need to involve certificate authorities at all in .onion addresses. It's unnecessary... dns + SSL CAs separate the name from the key, but that's not the case for .onion names, where the name *is* the key.
Now if you want to trust that the site is an entity you know in particular, that's where petnames + edge names should come in: https://github.com/cwebber/rebooting-the-web-of-trust-spring2018/blob/petnames/draft-documents/making-dids-invisible-with-petnames.md
@Laurelai thanks for the guide!
because of using a onionv3 hidden service i also had to add to nginx.conf, in the http section:
otherwise it wouldn't start with the longer server name
@orionwl good to know
tl;dr= no fascists, no bullying, no doing fucked up shit. You know what that means. Otherwise a lot of us are socialists, leftists etc. Dont bully people either. Or start witch hunts. You can have bots as long as administration clears them first The site is available on TOR! https://www.starrev3tah2dnhj.onion Note: letsencrypt won't sign a .onion domain cert so you will have to make a security exception as it uses the same cert for the main domain