On 28/04/2018 13:31, Jason S. Evans wrote:
Hi all,
The way that I see it, there are two different ways to think about running applications like a CMS in an onion site.
- If you are a non-profit or some other org/person who doesn't care if
visitors know who they are, but they want their visitors privacy to be protected.
- You both want your privacy and your visitors privacy to be
protected.
I'm looking for suggestions for both of these two categories. The easiest, I think would be to just host flat html files on a hardened web server, but that is both tedious and ugly (unless you are really good at html). I's prefer something a but more automated.
GlobaLeaks embedd a webserver based on Twisted framework, integrate txtorcon for automatic generation of onion address and also LetsEncrypt to have HTTPS (on the internet-side, if required), everything apparmored, debian packaged, etc
In upcoming weeks we are going to deploy a project that require hosting of a self-contained html-only files for a foundation that provide psychological support to child pornographer on .onion.
As we already have all of those facilities in-place, with GlobaLeaks already serving static files from /public/ directory, include URL redirection and multi-sites with multi-hostname configuration, admin UI interface to make upload/download of static files in the public directory, we are considering the options to make some improvements to facilitate it's uses for that small CMS for .onion.
Do you think it would be useful to get a 1-cmdline install self-contained software like GlobaLeaks, disabling the "whistleblowing" functionalities, leaving all of the rest in-place as a static, hardened webserver for .onion, with mutiple-site and a web-admin interface?
Fabio