@Gargron Requires ssl so it's like normal but you need to have a self signed cert
@Sir_Boops Imagine you're explaining it to someone who never used Tor (because you are)
> Setup mastodon following the usual steps except generate a self-signed cert ( Because you /can't/ get certs for .onion addresses )
> Install tor and add append these three lines to the end of the torrc file
HiddenServiceDir /var/lib/tor/<some name>/
HiddenServicePort 80 127.0.0.1:80
HiddenServicePort 443 127.0.0.1:443
And that's it it's now on tor
Now it won't fed because other instances won't take the broken ssl but that's a masto issue ;p
@Sir_Boops How install tor? apt install tor?
It is also recommended to use the new version of Onion Services by adding HiddenServiceVersion 3 right after what Sir_Boops said, as explained here: https://www.torproject.org/docs/tor-onion-service.html.en#four
@Sir_Boops @Gargron @mrtino the difference is that onion routing confirms the identity by making it really hard to claim a specific identity (you'd need to generate a key with the same hash) whereas HTTPS confirms the identity of something human-readable (a domain name) and therefore requires at least some level of trust in the certificate before you can send any data
Other instances won't be able to federate with you unless they route the requests through tor.
One way of doing this is by using a proxy on the local machine(such as squid) that routes .onion domains to a local tor client.
Another way is to use a tor2web server. The advantages being not having to setup tor locally(what is very easy) and slightly faster connections since you would cut the length of the complete circuit in half. Configuring url redirects on a local proxy would still be necessary.
To make things even easier for people trying to federate with hidden services(not from behind them) the mastodon software could automatically route .onion domains to a tor2web server.
Invite-only Mastodon server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!