From 26d90cd030a4fb802b68e2bb1f117f9b925c0f6d Mon Sep 17 00:00:00 2001 From: Johann150 Date: Tue, 8 Mar 2022 15:23:18 +0100 Subject: [PATCH] remove HTTPS handling (#8380) --- .config/example.yml | 33 ++++--------------- CHANGELOG.md | 4 +++ packages/backend/src/config/types.ts | 1 - .../backend/src/server/api/endpoints/meta.ts | 8 ----- packages/backend/src/server/index.ts | 13 +------- 5 files changed, 11 insertions(+), 48 deletions(-) diff --git a/.config/example.yml b/.config/example.yml index 4da739935..ef91c86f5 100644 --- a/.config/example.yml +++ b/.config/example.yml @@ -15,10 +15,7 @@ url: https://example.tld/ #───┘ Port and TLS settings └─────────────────────────────────── # -# Misskey supports two deployment options for public. -# - -# Option 1: With Reverse Proxy +# Misskey requires a reverse proxy to support HTTPS connections. # # +----- https://example.tld/ ------------+ # +------+ |+-------------+ +----------------+| @@ -26,30 +23,12 @@ url: https://example.tld/ # +------+ |+-------------+ +----------------+| # +---------------------------------------+ # -# You need to setup reverse proxy. (eg. nginx) -# You do not define 'https' section. +# You need to set up a reverse proxy. (e.g. nginx) +# An encrypted connection with HTTPS is highly recommended +# because tokens may be transferred in GET requests. -# Option 2: Standalone -# -# +- https://example.tld/ -+ -# +------+ | +---------------+ | -# | User | ---> | | Misskey (443) | | -# +------+ | +---------------+ | -# +------------------------+ -# -# You need to run Misskey as root. -# You need to set Certificate in 'https' section. - -# To use option 1, uncomment below line. -#port: 3000 # A port that your Misskey server should listen. - -# To use option 2, uncomment below lines. -#port: 443 - -#https: -# # path for certification -# key: /etc/letsencrypt/live/example.tld/privkey.pem -# cert: /etc/letsencrypt/live/example.tld/fullchain.pem +# The port that your Misskey server should listen on. +port: 3000 # ┌──────────────────────────┐ #───┘ PostgreSQL configuration └──────────────────────────────── diff --git a/CHANGELOG.md b/CHANGELOG.md index fb3314834..fe78ddeeb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,10 @@ You should also include the user name that made the change. ### Changes - ノートの最大文字数を設定できる機能が廃止され、デフォルトで一律3000文字になりました @syuilo +- Misskey can no longer terminate HTTPS connections. @Johann150 + If you did not use a reverse proxy (e.g. nginx) before, you will probably need to adjust + your configuration file and set up a reverse proxy. The `https` configuration key is no + longer recognized! ### Improvements - インスタンスデフォルトテーマを設定できるように @syuilo diff --git a/packages/backend/src/config/types.ts b/packages/backend/src/config/types.ts index 7a1b83c99..58a27803c 100644 --- a/packages/backend/src/config/types.ts +++ b/packages/backend/src/config/types.ts @@ -6,7 +6,6 @@ export type Source = { feedback_url?: string; url: string; port: number; - https?: { [x: string]: string }; disableHsts?: boolean; db: { host: string; diff --git a/packages/backend/src/server/api/endpoints/meta.ts b/packages/backend/src/server/api/endpoints/meta.ts index 6231c35ab..1aff1f63f 100644 --- a/packages/backend/src/server/api/endpoints/meta.ts +++ b/packages/backend/src/server/api/endpoints/meta.ts @@ -64,11 +64,6 @@ export const meta = { optional: false, nullable: false, default: 'https://github.com/misskey-dev/misskey/issues/new', }, - secure: { - type: 'boolean', - optional: false, nullable: false, - default: false, - }, defaultDarkTheme: { type: 'string', optional: false, nullable: true, @@ -489,9 +484,6 @@ export default define(meta, paramDef, async (ps, me) => { tosUrl: instance.ToSUrl, repositoryUrl: instance.repositoryUrl, feedbackUrl: instance.feedbackUrl, - - secure: config.https != null, - disableRegistration: instance.disableRegistration, disableLocalTimeline: instance.disableLocalTimeline, disableGlobalTimeline: instance.disableGlobalTimeline, diff --git a/packages/backend/src/server/index.ts b/packages/backend/src/server/index.ts index 80130e884..95a9ec6a0 100644 --- a/packages/backend/src/server/index.ts +++ b/packages/backend/src/server/index.ts @@ -4,8 +4,6 @@ import * as fs from 'node:fs'; import * as http from 'http'; -import * as http2 from 'http2'; -import * as https from 'https'; import Koa from 'koa'; import Router from '@koa/router'; import mount from 'koa-mount'; @@ -123,16 +121,7 @@ app.use(router.routes()); app.use(mount(webServer)); function createServer() { - if (config.https) { - const certs: any = {}; - for (const k of Object.keys(config.https)) { - certs[k] = fs.readFileSync(config.https[k]); - } - certs['allowHTTP1'] = true; - return http2.createSecureServer(certs, app.callback()) as https.Server; - } else { - return http.createServer(app.callback()); - } + return http.createServer(app.callback()); } // For testing