Perfect shouldn’t be the enemy of good.
You could just run an nginx reverse proxy to onion that proxies the forum, kinda like EOTK does, while the forum is still hosted by Discourse. While not a perfect solution, it’s still an improvement in the meantime that the forum is still hosted by Discourse.
It can easily be done. I have made a proof of concept onion address for the forum:
It is an onion service that I run that acts as a clearnet proxy (with HTTPS, of course) to https://forum.qubes-os.org.
However:
https:// to http://, and try again, and it should load.Because I don’t have direct access to the box running this forum, I am forced to decrypt web requests made to my hidden service, encapsulate them into HTTPS requests, and then forward them to the forum as if they were my own.
http://qubesospplmo4oyvn5fo5ykp3ga5dbkxar5c6prj5lvkgcwtg4ufrqid.onion/
I don’t keep logs, but even so, I just don’t want your information…
I would actually prefer whatever box this forum is running on to do all of this itself, but I don’t have access to it.
Happy to go through with the forum admins on how to get it done. It’s literally 30 seconds of work 
I’m failing to understand what advantage this brings over
straightforward https over Tor.
I think what was wanted was full access to the Forum via an onion site.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
Honestly, if you get lucky with your exit node, there isn’t any, really. And the Qubes forum doesn’t exactly need to hide itself like some onion services, either.
The forum admins don’t have access to the box this forum is running on either. In fact, no one at the Qubes OS Project does. It’s hosted by a third-party service provider:
Well that settles it, then. Case closed.
15 posts were split to a new topic: Tor Onion Service Security