Openshift Template for Discourse
This template will create the basic structure of an OpenShift service running Discourse. It will allow you to rapidly deploy an instance of the forum just configuring a few things.
The real project comes from https://www.discourse.org/.
How to deploy a new instance
In order to deploy a new instance of discourse, first we need to create the project under Openshift, then we need a database and finally deploy the template.
Create Openshift Project (PaaS Application)
Just going to Web Services > Create New Site.
- Site category: Official or Test, up to you.
- Site name: up to you. Keep in mind that this name will be used as your entrypoint once it is everything working. If I set the name as myproject1, this will be reachable as myproject1.web.cern.ch.
- Description: bla bla
- Site type: Paas Web Application
Configure user and database
I strongly recommend to use the ones DB on Demand Team provides, reachable at https://dbod.web.cern.ch/. In here, you will ask for a postgresql database.
- Create the database.
CREATE DATABASE '<database_name>'; - Create an specific user for managing the database (we don't want to use admin).
CREATE USER '<user_discourse>' WITH PASSWORD '<xxxx>'; - Then, we need to grant permissions to the user.
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO '<user_discourse>';
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO '<user_discourse>';```
All this previous operations can be performed also through and IDE like [pgAdmin](https://www.pgadmin.org/).
Also, we need to add the following **extensions** to the created database. In the case of DB on Demand, you should contact them as this operation can only be performed by super admins (you can contact them through [mattermost](https://mattermost.web.cern.ch/it-dep/channels/dbod) or just opening a ticket).
The extensions, needed to run discourse, are:
- **hstore**
- **pg_trgm**
### Configure pg_hba.conf
We just need to add the following lines to this file:User related -- PLEASE EDIT HERE
host all admin 0.0.0.0/0 md5 host <database_name> <user_discourse> 0.0.0.0/0 md5 host postgres <user_discourse> 0.0.0.0/0 md5
### Deploy the template
Once we have database configured, it's time to deploy the template. To do this, go to https://openshift.cern.ch (official sites) or https://openshift-dev.cern.ch (test sites).
Under our project, click on **Add to Project**. Under Technologies, click on **Uncategorized** and then select **discourse-cern** template.
You will be asked for filling some fields.
Just note that the variable **DISCOURSE_DB_NAME**, **DISCOURSE_DB_USERNAME** and **DISCOURSE_DB_PASSWORD** must match with the values you set at the time of configuring the database.
Finally, create and it's done.
### Misc
If you want to have CERN SSO on your discourse instance, by default an OAuth plugin was added to the discourse image. To configure it, register your application at [Single Sign-On Management](https://sso-management.web.cern.ch/OAuth/RegisterOAuthClient.aspx), setting the following values:
- **client_id**: up to you, can be something like mynewproject_discourse
- **redirect_uri**: https://mynewproject.web.cern.ch/auth/oauth2_basic/callback
- Generate a **secret**
- **Application Homepage**: https://mynewproject.web.cern.ch
- **Application description**: bla bla.
- **Send Registration Request** (you will get a confirmation email).
Once we have this done, go to your new forum, and under Admin > Settings > Login or directly to https://mynewforum.web.cern.ch/admin/site_settings/category/login, set the following:oauth2_enabled -> checked oauth2_client_id = client_id from the previous paragraph. oauth2_client_secret = secret from the previous paragraph. oauth2_authorize_url = https://oauth.web.cern.ch/OAuth/Authorize oauth2_token_url = https://oauth.web.cern.ch/OAuth/Token oauth2_user_json_url = https://oauthresource.web.cern.ch/api/User?oauth_token=:token oauth2_json_user_id_path = personid oauth2_json_username_path = username oauth2_json_name_path = name oauth2_json_email_path = email