Release as plugin

[pontusr]

Watching this space and your progress! Very interested in the of using OIDC as a SSO provider in Discourse. Is it your intention to eventually release this bridge as a plugin to ease deployment or even to merge the functionality as an improvement to the official plugin?

[consideRatio]

@pontusr oh how nice to get some feedback to discuss this :heart:! I got this standalone deployment way working some hours ago. I have developed this being mindful on how to make it integrate better in the future. It may be too hard to make it as a plugin as this is Python based and it is my understanding that Discourse is based on Ruby.

But, perhaps it could be made reasonable to utilize from a docker based deployment? That is what I originally planned. See the discussion in: https://meta.discourse.org/t/how-to-deploy-a-sso-bridge-alongside-a-discourse-docker-deployment/110003/2?u=consideratio

Now that this is functional and I have an actual tested docker image, perhaps such solution could be developed? I'm looking to investigate if it is possible to create a .yml file alongside those in the /templates folder of discourse_docker.

I plan on making the Helm chart public in this repo soon. It is how I deploy this on a Kubernetes cluster and it may be relevant for those that already have such cluster available.

[pontusr]

We're evaluating to replace our current forum and SSO with OIDC is the major obstacle we have to overcome if we're to proceed with Discourse. Since our requirements for resiliency does not fit the bill for most hosting providers we've spent quite a bit of time trying to set up Discourse per the "unofficial best practices" for a load balanced and autoscaling environment. Most of of that is behind us now and we have a working internal beta.

As we're not using Kubernetes it wouldn't be perfect for us and we would much prefer a Discourse specific plugin. Given the way SSO is implemented in Discourse (the way I understand it) and the existing eco-system of plugins I think it would be easier to gather traction and support for your work if it was possible to implement as either a new plugin or enhancement to the existing OIDC plugin.

Unfortunately, I'm not fluent enough in either Ruby or Python to be of much help starting out although I'm happy to test and assist in other capacities.

[consideRatio]

Ah, yes a plugin would be the best solution for sure, ill ask Sam on discourse for further guidance soon on what could be technically viable.

@pontser are you utilizing "discourse_docker"?

[pontusr]

Yes, we run a pretty standard installation across multiple web instances with the docker image. Redis and PostgreSQL is operated separetely from those though. For us - all plugins so far has been installed by adding a one-liner into app.yml.

[consideRatio]

I googled and tried to learn more about the options. I'm starting to write things down here now.

I think a Plugin requires to be Ruby based, so this probably requires all of this code to be ported to Ruby as well, and the libraries it depend on such as flask-pyoidc.

• https://meta.discourse.org/t/beginners-guide-to-creating-discourse-plugins-part-1/30515

So, what about discourse_docker? Is it possible to run the docker image from this repo within the VM setup with the INSTALL-cloud.md instructions without too much trouble? What about these .yml files within /templates ?

Well it is my understand now that whats going on in this deployment, is that the files in the /templates directory are like building blocks of a single discourse docker image rather than how to startup another one alongside.

I will at least not attempt to port this to Ruby now (I don't know Ruby btw). But, I'll go ahead and ask sam on discourse for guidance if this could integrate with a discourse docker setup somehow without porting it all to Ruby. See: https://meta.discourse.org/t/how-to-deploy-a-sso-bridge-alongside-a-discourse-docker-deployment/110003/5?u=consideratio