This post is for putting down some random sites notes as I struggle through the process of setting up a forum hosted with MyBB.
Here is a very nice tutorial for running through the initial installation and setup,
In this tutorial, the necessary modules were installed and configured during the setup. We don’t have to follow this practice. A better way may be to configure all the necessary preparations beforehand, according to the MyBB doc.
-
nginx
configurationFor the
nginx
configuration, the this gist is a minimal working example on my host to host the reverse proxy for both the MyBB and JupyterHub service.-
SSL setup
We need to generate a key file and use that for generating an SSL certificate file. For most SSL certificate, we need to pay. In my case, I was using ORNL service located at here (which can only be accessed from within ORNL firewall).
-
-
LDAP authentication setup
To set up the LDAP authentication, we can use the
MyBB LDAP Authentication
plugin [1]. The setup within MyBB admin control panel can be found here. It should be pointed out that,-
This is for configuring against the ORNL LDAP server. For other servers, the configuration should be as simple as replacing those inputs with information relevant to a other specific servers.
-
The protocol version does matter – typically, if we set it to
2
, it won’t work, at least in my case for the configuration against the ORNL LDAP server (for which we have to set it to3
). -
However, the
LDAP Protocol Version
setting in the admin control panel above does not seem to be working properly. As a temporary solution, I just hard coded the setting in the{MyBB_Main_Directory}/inc/plugins/
file, which is attached here (refer to line 728-734). -
Also, it seems that the
Connection Confidentiality
setting in the admin control panel is not working properly either. Again, temporarily, the setting was hard coded into the attached file above. -
The attached file here is a minimal working example of using LDAP in PHP.
-
The LDAP configuration file can be found at
/etc/ldap/ldap.conf
,BASE dc=xcams,dc=ornl,dc=gov URI ldaps://ldapx.ornl.gov TLS_CACERT /etc/ssl/certs/ldapserver.pem SSL start_tls SSL on TLS_REQCERT allow
-
In the MyBB LDAP configuration page (see the link above for a screenshot of the page), if we choose the SSL connection, we should notice the notes above the selection drop-down menu which states that if we do want to use the SSL connection, we need to save the LDAP server’s certificate to the trusted store properly. To do this, we need to,
-
First, obtain the certificate from the LDAP server
To do this, we can use the following command,
openssl s_client -showcerts -connect ldapx.ornl.gov:636 </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ldapserver.crt
where
ldapx.ornl.gov
is the ORNL LDAP server in my case. This will save the LDAP server’s certificate to the local file named withldapserver.crt
. In practice, we could have multiple certificates in the same certificate file which gives the so-called PEM (i.e., Privacy Enhanced Mail) format. -
Add the obtained certificate to the trusted store on the client side
To add the certificate to the trusted store on the client side, we can do the following steps,
-
sudo cp /path/to/certificate.crt /usr/local/share/ca-certificates/certificate.crt
-
sudo update-ca-certificates
Attention that we should replace
/path/to/certificate.crt
to whatever specific to our case. -
-
-
-
Announcement Templates
There is a plugin for posting announcements on MyBB forum, at the top of the index landing page, and the official web site is Ref. [2]. With the plugin successfully installed, one can follow the route down below to edit the announcements for different groups of users.
AdminCP
->Templates & Style
->Templates
->Default Templates
->DNT Announcements Templates
-
Sometimes when installing some plugins, the installation may fail due to some internal errors. To make the error message printout more useful, we can change the level of error logging following the route below,
Configurations
->Settings
->Server and Optimization Options
->Error Logging Medium
->Log errors
References
[1] https://community.mybb.com/mods.php?action=view&pid=1043