From 34362af2a7de0e2a97d407062fe0b15d3564e898 Mon Sep 17 00:00:00 2001 From: Alec Muffett Date: Fri, 10 Jul 2020 23:55:07 +0000 Subject: [PATCH] commit: cleanup tpo demo code --- demo.d/tpo.tconf | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/demo.d/tpo.tconf b/demo.d/tpo.tconf index 89e664c..1e5b359 100644 --- a/demo.d/tpo.tconf +++ b/demo.d/tpo.tconf @@ -1,28 +1,27 @@ # -*- conf -*- # sample EOTK configuration for torproject.org -# proof-of-concept: let's make this service read-only for the moment -set suppress_methods_except_get 1 - -# preserve foo@torproject.org email addresses, etc -set preserve_csv tld-tpo,torproject\\.org,i,torproject.org - # where to get DNS from set nginx_resolver 8.8.8.8 8.8.4.4 ipv6=off # uncomment this if you use / have `mkcert` installed and it is in the # standard $PATH; otherwise EOTK will use `openssl` to generate -# self-signed certificates... -# set ssl_mkcert 1 +# self-signed certificates. default=0, but for the purposes of a live +# video demo I am going to switch it on... +set ssl_mkcert 1 # use EOTK internally to uplift port80 to port443 so that cleartext # never crosses the network; this assumes that any http://foo/bar.html -# will have an identical URL on the HTTPS site -set force_https 1 +# will have an identical URL on the HTTPS site. default=1, set to 0 +# if your site is not capable of pure HTTPS +# set force_https 1 # separate logfiles per onion set log_separate 1 +# preserve foo@torproject.org email addresses, etc +set preserve_csv tld-tpo,torproject\\.org,i,torproject.org + set project tpo # a note: torproject.org has this weird thing where "www" is both a # HOSTNAME (e.g. "www.torproject.org") and also a DOMAINNAME or TIER