Installation/Camo: Difference between revisions

From diaspora* project wiki
No edit summary
No edit summary
Line 1: Line 1:
{{Serious|Camo integration for diaspora* is not yet merged into the source. This documentation is a work in progress so it's ready when the Camo integration is merged.}}
{{Serious|Camo integration for diaspora* is not yet merged into the core. This documentation is a work in progress so it is ready when the Camo integration is merged.}}


[[File:Markdown_embeds_without_Camo.svg|thumb|right|200px|Request targets, without Camo]]
[[File:Markdown_embeds_without_Camo.svg|thumb|right|200px|Request targets, without Camo]]
Line 8: Line 8:
[https://github.com/atmos/camo Camo] is a small Node.js application to proxy insecure assets. Its main reason is to service HTTP assets over an HTTPS channel to avoid mixed content warnings. Another usage is to reduce the amount of external assets to avoid browser connects to third party hosts. Camo will also add a whitelisting to the images MIME type to add some protection against attacks.
[https://github.com/atmos/camo Camo] is a small Node.js application to proxy insecure assets. Its main reason is to service HTTP assets over an HTTPS channel to avoid mixed content warnings. Another usage is to reduce the amount of external assets to avoid browser connects to third party hosts. Camo will also add a whitelisting to the images MIME type to add some protection against attacks.


diaspora* supports content formatting using [https://diasporafoundation.org/formatting Markdown], which also enables users to embed images from third parties. While this is great for creating larger posts with inline images, it's a huge privacy and security problem since most of the images will get hosted by third parties, forcing the users browser to connect to those servers, thus exposing their identities to others.
diaspora* supports content formatting using [https://diasporafoundation.org/formatting Markdown], which also enables users to embed images from third parties. While this is great for creating larger posts with inline images, it is a huge privacy and security problem since most of the images will get hosted by third parties, forcing the users browser to connect to those servers, thus exposing their identities to others.


Since disabling markdown embeds is not a nice solution, we implemented a special mechanism to rewrite markdown image URLs to get proxied through Camo. In addition, it is also possible to proxy remote profile pictures and remote post photos to create an environment almost entirely without external resources.
Since disabling markdown embeds is not a nice solution, we implemented a special mechanism to rewrite markdown image URLs to get proxied through Camo. In addition, it is also possible to proxy remote profile pictures and remote post photos to create an environment almost entirely without external resources.
Line 22: Line 22:
* You will have to maintain a dedicated node.js application, the Camo application is neither shipped nor started with diaspora*.
* You will have to maintain a dedicated node.js application, the Camo application is neither shipped nor started with diaspora*.
* Bugs may occur and images with wrong/missing MIME types will not get served.
* Bugs may occur and images with wrong/missing MIME types will not get served.
== Adding Camo to your pod ==
=== Setting up Camo ===
First, you have to set up Node.js on your server. Detailed instructions are available on [http://nodejs.org/ the Node.js website]. Then get a copy of camo's source code and install its dependencies
{{#tag:syntaxhighlight|
git clone https://github.com/atmos/camo.git
cd camo
npm install
rake bundle
|lang=bash}}
You are now able to start camo using
{{#tag:syntaxhighlight|
coffee server.coffee
|lang=bash}}
You should add a service file to your system to ensure the service is up all the time.
=== Setting up the reverse proxy ===
A reverse proxy should be used to connect your Camo instance to the world. By using the server running diaspora*, it is possible to run Camo inside a virtual subdirectory so you do not need a dedicated subdomain. That is handy if you do not own a wildcard certificate.
Here is an example config for nginx, but you should be able to create a version for Apache very easily:
{{#tag:syntaxhighlight|
upstream camo {
    server 127.0.0.1:9090;
}
# inside your diaspora* config
location /camo/ {
    proxy_redirect off;
    proxy_pass http://camo/;
    break;
}
|lang=text}}

Revision as of 04:38, 9 November 2014

WarningWarning:Camo integration for diaspora* is not yet merged into the core. This documentation is a work in progress so it is ready when the Camo integration is merged.
Request targets, without Camo
Request targets, with Camo

About Camo and why there is support for it in diaspora*

Camo is a small Node.js application to proxy insecure assets. Its main reason is to service HTTP assets over an HTTPS channel to avoid mixed content warnings. Another usage is to reduce the amount of external assets to avoid browser connects to third party hosts. Camo will also add a whitelisting to the images MIME type to add some protection against attacks.

diaspora* supports content formatting using Markdown, which also enables users to embed images from third parties. While this is great for creating larger posts with inline images, it is a huge privacy and security problem since most of the images will get hosted by third parties, forcing the users browser to connect to those servers, thus exposing their identities to others.

Since disabling markdown embeds is not a nice solution, we implemented a special mechanism to rewrite markdown image URLs to get proxied through Camo. In addition, it is also possible to proxy remote profile pictures and remote post photos to create an environment almost entirely without external resources.

Why your pod should enable Camo

  • Depending on your configuration, embedded images and/or remote pods content will get proxied through your server, so your user's browsers do not need to connect to external servers. This will increase the users privacy.
  • Your pods frontend will get a little bit of extra protection due to the MIME type whitelist.

Why your pod should not enable Camo

  • Camo will create a huge amount of traffic depending on your settings since it will proxy all the remote images.
  • You will have to maintain a dedicated node.js application, the Camo application is neither shipped nor started with diaspora*.
  • Bugs may occur and images with wrong/missing MIME types will not get served.

Adding Camo to your pod

Setting up Camo

First, you have to set up Node.js on your server. Detailed instructions are available on the Node.js website. Then get a copy of camo's source code and install its dependencies

git clone https://github.com/atmos/camo.git
cd camo
npm install
rake bundle

You are now able to start camo using

coffee server.coffee

You should add a service file to your system to ensure the service is up all the time.

Setting up the reverse proxy

A reverse proxy should be used to connect your Camo instance to the world. By using the server running diaspora*, it is possible to run Camo inside a virtual subdirectory so you do not need a dedicated subdomain. That is handy if you do not own a wildcard certificate.

Here is an example config for nginx, but you should be able to create a version for Apache very easily:

upstream camo {
    server 127.0.0.1:9090;
}

# inside your diaspora* config
location /camo/ {
    proxy_redirect off;
    proxy_pass http://camo/;
    break;
}