From e613767afab9965ce776d77112274d40d502e78b Mon Sep 17 00:00:00 2001
From: Athanasius <github@miggy.org>
Date: Sat, 12 Mar 2022 15:25:55 +0000
Subject: [PATCH] Update docs and apache contrib file for 'no more TLS'

---
 contrib/apache-eddn.conf      | 11 +++++------
 docs/Running-this-software.md | 18 +++++-------------
 2 files changed, 10 insertions(+), 19 deletions(-)

diff --git a/contrib/apache-eddn.conf b/contrib/apache-eddn.conf
index 23842e5..62ac7a1 100644
--- a/contrib/apache-eddn.conf
+++ b/contrib/apache-eddn.conf
@@ -151,15 +151,14 @@
 		</LimitExcept>
 	</LocationMatch>
 	<IfModule mod_proxy.c>
-		SSLProxyEngine On
-		SSLProxyVerify none
 		ProxyPreserveHost On
 		ProxyRequests Off
 
-		# Must be https, not http, as the Gateway process is
-		# expecting only https requests.
-		ProxyPass "/" "https://127.0.0.1:8081/"
-		ProxyPassReverse "/" "https://127.0.0.1:8081/"
+        <Location "/">
+                # Yes, plain HTTP, as the Gateway process knows nothing of
+                # TLS.
+                ProxyPass "http://127.0.0.1:8081/"
+        </Location>
 	</IfModule>
 </VirtualHost>
 </IfModule>
diff --git a/docs/Running-this-software.md b/docs/Running-this-software.md
index ba7bd81..c1a8195 100644
--- a/docs/Running-this-software.md
+++ b/docs/Running-this-software.md
@@ -316,12 +316,6 @@ Default application configuration is in the file `src/eddn/conf/Settings.py`.
 Do **not** change anything in this file, see below about overriding using
 another file.
 
-1. You will need to obtain a TLS certificate from, e.g. LetsEncrypt.  The
-   application will need access to this and its private key file.
-
-       CERT_FILE = '/etc/letsencrypt/live/YOUROWN.eddn.edcd.io/fullchain.pem'
-       KEY_FILE  = '/etc/letsencrypt/live/YOUROWN.eddn.edcd.io/privkey.pem'
-
 1. Network configuration
     1. `RELAY_HTTP_BIND_ADDRESS` and `RELAY_HTTP_PORT` define the IP and port
        on which the Relay listens for, e.g. `/stats/` requests.
@@ -384,7 +378,6 @@ There is an **example** of this in
 [eddn-settings-overrides-EXAMPLE.json](./eddn-settings-overrides-EXAMPLE.json).
 It sets:
 
-  1. The TLS CERT and KEY files.
   1. The gateway to listen on `0.0.0.0` rather than localhost (necessary
     when testing in a VM).
   1. Configures the database connection and credentials.
@@ -533,14 +526,13 @@ proxying:
 If using Apache on a Debian server then you need some ProxyPass directives:
 
         <IfModule mod_proxy.c>
-                SSLProxyEngine On
-                SSLProxyVerify none
                 ProxyPreserveHost On
+                ProxyRequests Off
 
-                # Pass through 'gateway' upload URL to Debian VM
-                ProxyPass "/eddn/upload/" "https://VM_HOST:8081/upload/"
-                # Pass through 'monitor' URLs to Debian VM
-                ProxyPass "/eddn/" "https://VM_HOST/"
+                # Pass through anything with path prefix /eddn
+                <Location "/eddn/">
+                        ProxPass "http://127.0.0.1:8081/"
+                </Location>
         </IfModule>
 
 This assumes you don't have a dedicated virtual host in this case, hence the