I can’t really spin up a DO droplet for myself. I mean I could use the one that’s hosting the old watercolorgames community that you set up @pfaffman but I don’t have any sort of ssh access to it. The new server I have is owned by someone else (it is a DO droplet too :D). This person has 4 droplets that they’re paying for but they only use 1, so they decided to give me one of their unused ones when he told me my domain was about to expire. That’s the server I’m putting the new discourse instance on.
Also, some additional things I’ve done:
- Nuke my install of discourse, start fresh. Didn’t work.
- Reconfigure it to listen on a Unix socket instead of a port as per the tutorial on running other websites on the same machine as Discourse.. Didn’t work.
There are no auth-related errors anywhere in rails production.log or /var/log/keycloak, no Apache errors. Disabling CloudFlare does nothing but screw up my SSL because I’m using their universal certificate for my entire domain, which in turn screws up Keycloak for everything.
I’m definitely on the same page with that redirect if you mean the one in the production.log where it’s redirecting to the Discourse instance’s index page. (I made that a link so I can include the ? at the end.)
Maybe @david would have a clue what’s up with that redirect?
Edit: Once we get this figured out I’m definitely gonna post a tutorial on how to set up Keycloak for OpenID-based SSO on Discourse on the same box. Maybe others will find it handy.