WP SSO + Discourse Multisite

I have 2 separate instances of discourse, and I wanted to roll them into a single multisite instance.

I followed the multisite guide to set up a new db and the build went fine. The problem is that when I navigate to the domain on instance b, it redirects to instance a (the original one that is tied to WordPress SSO). This means that:

  1. going to https://instanceb.discourse
  2. instead redirectsto https://instancea.discourse
  3. which then redirects to the wordpress login page.

How do I get the new multisite container to show up?

I don’t mind if the second container needs SSO as well - it wasn’t set up before.

Because I can’t get instanceb to load, I can’t configure it or import the config.

I’m using a reverse nginx proxy to access both instances.

Any help appreciated.

Hey Tim,

This one is more of a Discourse multisite question, as your issue seems to be the relationship between your two Discourse multisite instances and potentially the routing you have setup between the two of them. Wordpress SSO is not your issue here, so I’ve re-categorised your topic to support.

I would note the following warning on Discourse’s multisite howto

While multisite is supported in the Discourse application, this is an advanced sysadmin setup. If you don’t know what you’re doing, do not set up multisite . The Discourse team is unable to provide multisite configuration support.

As our focus is more on the Wordpress plugin per se in wordpress, and I’m no discourse multisite expert myself, your best bet might be to see if someone in the community can point you in the right direction, or for you to hire someone to help you out in the marketplace.

2 Likes

That sounds like a multisite issue. Which guide did you follow?

I followed this guide:

My best guess is that you have your reverse proxy misconfigured and it’s redirecting site 2 to site 1 , or perhaps it did once and your browser cached the 301 redirect.

I’m using the standard nginx proxy config. The only change I made is that I added instanceb in the server_name so that traffic would be routed to the container. Is there a different way of doing this with discourse multisite?

server {
    listen 443 ssl http2; listen [::]:443 ssl http2;
    server_name instancea.mydomain.com instanceb.mydomain.com

    ssl on;

        ssl_certificate /var/www/vhosts/mydomain.com.csr;
        ssl_certificate_key /var/www/vhosts/mydomain.com.key;

    ssl_session_tickets off;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;

    http2_idle_timeout 5m; # up from 3m default

    location / {
        proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock;
        proxy_set_header Host $http_host;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;

  proxy_connect_timeout       600;
  proxy_send_timeout          600;
  proxy_read_timeout          600;
  send_timeout                600;
    }
}