After my son asked me if we could run a content management system for him I was playing around with wordpress, joomla and drupal. For me it’s like a massive overkill and much too complicated. So I decided to give my own blog another try after two years doing nothing with hugo stuff. Then I got the idea that the ability to leave comments would be a really nice feature. After digging into this a little bit I stumbled across isso - a simple python based solution able to be self hosted as a disqus alternative with privacy in mind. Usually one runs it as a docker image - but I’m on OpenBSD so I checked out how to get it running there.

1. create a user under which isso should run. User names for daemons under OpenBSD usually start with an underscore. To check which uid/gid numbers are not yet assigned for ports check out ports/infrastructure/db/user.list in ports tree. I decided to use the range 950-999 for a not yet assigned uid number:

useradd -k "" -r 950..999 -c "isso user" -s /sbin/nologin -m -d /var/isso _isso

2. Next install some python packages for building/running isso:

pkg_add \
    py3-bleach \
    py3-cffi \
    py3-gevent \
    py3-html5lib \
    py3-itsdangerous \
    py3-pip \
    py3-setuptools \
    py3-werkzeug

3. Next install isso with pypi:

doas -u _isso pip3 install --user isso

4. Create the server config “/var/isso/isso.cfg”:

[general]
dbpath = /var/isso/comments.db
host =
    https://blog.your.domain/
    http://blog.your.domain/
notify = smtp

[server]
listen = http://my.isso.ip.addr:8080
public-endpoint = https://comments.your.domain
trusted-proxies =
    ip of the reverse proxy
    127.0.0.1

[moderation]
enabled = true

[smtp]
host = localhost
port = 25
to = comments@your.domain
from = isso@your.domain
timeout = 10
security = none

[guard]
enabled = true
ratelimit = 10
direct-reply = 5
reply-to-self = false
require-author = false
require-email = false

[admin]
enabled = true
password = some super secret password

5. Then create a start script for isso in /etc/rc.d/isso:

#!/bin/ksh

daemon="/var/isso/.local/bin/isso"

suffix=".$(date +%Y-%m-%d-%H:%M:%S)"
logfile="/var/isso/isso.log"
config="/var/isso/isso.cfg"

daemon_user="_isso"
daemon_flags="-c ${config} run 1>>${logfile} 2>>${logfile}"

. /etc/rc.d/rc.subr

rc_bg=YES
rc_reload=NO

pexp="/usr/local/bin/python3.10 ${daemon}.*"

rc_pre() {
  /usr/bin/install -b -B ${suffix} -m 640 -o ${daemon_user} /dev/null ${logfile}

}

rc_stop() {
        ${daemon} -s stop || pkill -f "^${pexp}"

}

rc_cmd $1

… and make it executable. Enable and start the service:

chmod 755 /etc/rc.d/isso
rcctl enable isso
rcctl start isso

Might be to create a port for isso could be fun - when I have time. In one of my next posts I’ll probaly show how I integrated isso into my blog.