Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • A admin-fe
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 40
    • Issues 40
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 18
    • Merge requests 18
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • Pleroma
  • admin-fe
  • Issues
  • #200
Closed
Open
Created Aug 09, 2021 by mindofjoe@mindofjoe

Option to not require HTTPS (Tor-Only Access)

Pleroma maintains a guide for running a Tor-only instance (link). The guide runs users through configuration for HTTP-only access, since conventional wisdom says (1) Tor's encryption and methodology are sufficient and (2) dealing with SSL certificates for onion addresses is tedious at best. Pleroma's Tor guide gives instruction to force the instance's scheme to HTTP as well as disabling CSP.

Unfortunately, when attempting to use AdminFE for administration, it seems AdminFE is requiring HTTPS.

Instructions to disable the requirement in AdminFE or additional instructions in Pleroma's Tor guide to deal with the requirement (additional nginx server blocks for port 443 listening & self-signed certs, maybe?) would help make the user experience seamless.

Assignee
Assign to
Time tracking