How would one go about setting up discourse for tor?

Hello,

First of all let me explain what I’d like to do. I want discourse running behind nginx on tor. Discourse will only be accessible through tor.

Setting up nginx with tor is no problem but I’m struggling setting up discourse. I wonder if anyone has yml ready for tor because with the default set-up it doesn’t even accept a tor address because “it doesn’t point to this server”.

How would one go about setting up Discourse behind nginx that’s only accessible through tor?

Oh and, I’m not trying to set up an forum to promote and discuss illegal stuff I just want to have a “hidden” forum. :wink:

Thanks in advance!

2 Likes

Discourse isn’t good for your use case. It is considered leaky, by tor standards.

Edit: listen, that’s not a great explanation, but please go look it up. Ask some tor folks. All the fun things about Discourse will have to be turned off to make sense over tor, IMHO. :slight_smile:

3 Likes

Thank you for your quick reply. (For clarification, I am the same person as @vovo, I can’t seem to be able to login again so I made an new account which I’ll be able to maintain).

I’m not sure to what extend Discourse “leaky” is but I don’t think I’ll have to disable a lot of features. The forum just has to be on tor and tor only. This for a few reasons:

  1. It’ll be harder to find than on the clearnet
  2. The operator is harder to track down, at least if you got nginx configured properly.
  3. I won’t have to go through the trouble of a premium domain which will be linked to myself. (You can buy a VPS in certain instances with bitcoin only, not questions asked)

I’m wondering what the best way is to install Discourse and set it up behind nginx + tor. Since the default setup doesn’t allow for a .onion address (since it doesn’t directly point back to the vps) it won’t accept the domain, that’s probably just one of the first culprits I’m going to have to overcome.

I’m looking for some pointers/advise how I can set-up discourse behind nginx + tor.

Thanks in advance!

Discourse explicitly and intentionally reaches out to arbitrary servers as part of rendering post content.

The only reason to run Discourse over Tor is to hide the identity of the participants from the site operator and/or each other. But you still need to log and and provide an email to post, so you need a custom SSO provider as well. Also remember to disable the geoip database features.

This is extremely easy to overcome, just do the older install method: copy samples/standalone.yml to containers/app.yml and fill out the fields. Check the setup script for help text if you’re ever unsure what a setting means.

5 Likes

Thank you for the reply!

My use case is to hide the identity of the operator, not anonymity for users. (Users would be able to be identified anyways because of the content they would post) I’ll definitely disable certain features to keep tracking users to a minimum.