Oh, it does not allow PHP, no. For that we would need a different server. As of now cdn.kde.org is simply that, a content delivery network, no webserver. But i guess Ben can arrange something for this.
A repo is simply a sysadmin request away, though not sure where, these days, as trellis is dead. Ben can help there as well.

It depends a bit on how the new design is layed out.
I guess the old design(s) will stay as long as we haven't ported all systems. So we need to have a top level directory based on a name or whatever. I guess/hope the new design has a working name? In this case it is also unimportant how you structure your content, as long as each design has its own directory, e.g. cdn.kde.org/neverland/css/... You get the idea.

sure, no problem

Count me in

Okidoki, closing then.

Can you give me a link where it fails to work?

This has been implemented now

the google client library is at https://github.com/google/recaptcha

address for the repo is git@git.kde.org:websites/identity-kde-org.git

the latest addition didn't seem to have made it into the diff.
But with that i guess this qualifies as a valid addition to the repo. There is no functional change on capacity anyway, just a new theme, which needs to be switched to in the site's config.

I have added some inline comments. not sure how that works....

Should be fixed by now

Fixed now, OAuth2 authentication is in place.
Chaka!

I would not recommend this, the kde wikis have currently a similar problem. And Ben Cooksley suggested an extension for Oauth2 login via phabricator. KDE's phabricator holds the ldap accounts from identity which only need to activated. And in the long run it is supposed to be the common solution.

identity is a custom yii application. And if i remember correctly, it was planned to move away from it some years back (i was away for a while). Ben might have some input on this.

Started working on a custom phabricator login extension, based on oauth2.
Problem with existing solutions: