Discourse
-
Do you intend on packaging it with LDAP support included, eventually maybe?
I just came here to ask the exact same question! (assuming, as I am, that this would mean Single Sign On would work? I think SSO is one of the killer features of Cloudron and I'd love it if it were available for even more apps!).
Is there are possibility of this happening @girish @nebulon or is there some technical reason why in practice it's not really possible and hence why it wasn't done in the first place?
-
Oh, and the other thing
I came here to ask was whether or not it's possible to install Discourse plugins on Cloudron hosted Discourse?Becauseone (well, two) of the things I really like about Discourse are the Discourse Events and Discourse Locations plugins (you can see them both in action at e.g. https://community.coops.tech and https://bettermedia.uk )So it's great to know that it is possible to install plugins on Cloudron hosted Discourse!
-
@jdaviescoates said in Discourse:
Do you intend on packaging it with LDAP support included, eventually maybe?
I just came here to ask the exact same question! (assuming, as I am, that this would mean Single Sign On would work? I think SSO is one of the killer features of Cloudron and I'd love it if it were available for even more apps!).
Is there are possibility of this happening @girish @nebulon or is there some technical reason why in practice it's not really possible and hence why it wasn't done in the first place?
Since I think the LDAP plugin for discourse is readily available it looks like, there is no real technical reason, but mostly we haven't really seen the use-case for a forum type app to have SSO to the Cloudron users (take this forum here as an example, it runs on a Cloudron but only few people have users on that Cloudron). So I guess if the private forum use-case is considered to be useful and valid, then I guess we can add that.
-
we haven't really seen the use-case for a forum type app to have SSO to the Cloudron users
So I guess if the private forum use-case is considered to be useful and valid, then I guess we can add that.
Does that mean that if Cloudron SSO was enabled then people wouldn't also be able to register?
Or could we have it how Rocket.Chat seems to function atm, i.e. Cloudron users can login with their Cloudron credentials, but other people can register too? That is what I want
Thanks!
-
@jdaviescoates Discourse can have multiple authentication modes active simultaneously, yes.
-
Just to say, again, I really want LDAP support in Discourse! (and every app)
The use case is that I want to sell managed Cloudron servers and one of the key selling points is Cloudron's awesome LDAP integration.
Sure, we want people to be able to register on public forums too, but all existing uses on the Cloudron should be able to use their existing credentials.
(oh, and I'd still really like to be able to able to filter apps in the app store by which ones have LDAP too)
-
I wholeheartedly agree with @jdaviescoates
-
I'm trying to add LDAP support myself. I've added the ldap addon to the package manifest, built and installed it. I've also installed the discourse-ldap-auth plugin. It sort of works!
Here are the settings I could figure out myself:
Remaining issues:
- For
invite-only
forums that only want LDAP, that setting has to be turned off. Otherwise LDAP users can't authenticate. The feature can still be achieved by- disabling
enable local logins
- disablling
enable local logins via email
- reenable
allow new registrations
(Brings back the Sign up button, but luckily (!?) it leads to LDAP login too.
- disabling
- Accounts aren't automatically created. (Not possible currently)
- I don't know what
en_US.login.ldap.name
is or how to map it/fix it. - I don't know how to map the suggested username to the Cloudron username upon Discourse account creation. I would also want to lock it.
- I don't know any other LDAP settings, I just ripped them from the Wordpress LDAP integration settings
- LDAP sign-in UI looks off-brand and dodgy, possibly signalling phishing attempt for some users.
Any help appreciated!
- For
-
Oh, not being able to create accounts automatically is a bummer. What does it mean then? You can login via LDAP but the account has to be created with some other means? (how?)
-
@girish Yeah, itβs unfortunate. But itβs not confirmed as it was only what the discourse-ldap-auth developer thought, so it should be investigated properly.
The only difference is that you need to click the Create New Account button where your credentials come with pre-filled LDAP data. But any increased complexity in such user flows will always generate more support tickets for admins as another step offers another chance to screw up
-
A general serious bug is that I can't upload Discourse backups for restoring:
There has been an error while uploading 'backup.tar.gz': There is not enough space on disk to upload this backup.
This is even though there's plenty of free space in the Cloudron system itself.
Come to think of it, is it wise to have the Discourse feature of builtin automatic backups enabled by default at all?
-
@yusf I can reproduce the problem, I have opened https://git.cloudron.io/cloudron/discourse-app/issues/2 . AFAICT, there is no way to disable backups in discourse (atleast cannot find it in the UI)
-
Import issue is now fixed in the latest package.
-
@jdaviescoates Well, yes and no. Itβs working, but not as smoothly as Iβd like. I dedicated a new topic to this issue.
-
Discourse is great for forum software.
Flarum is an alternative solution.https://docs.flarum.org/
https://meta.discourse.org/t/which-is-better-discourse-or-flarum/71726/27 -