Hi.
I know it is recommended to run discourse on it’s own server but I am running this project out of my own pocket, and it is basically a hobby with little prospects or intention of monetization in the short term at least.
So I was thinking instead of buying another VPS to to just request a second IP and run wordpress on a IP-based Apache virtual server, which would help keep costs low.
Is this doable or is it discouraged?
If you are familiar with reverse proxy configuration, you don’t need the second IP.
You can run both Discourse and Wordpress listening on unix sockets (or higher ports) and run a reverse proxy software in front (I recommend Caddy) to serve on the same IP your blog.example.com and forum.example.com.
That said, if you aren’t familiar with this type of setup, running each in it’s own VPS is much easier as you can just follow the vast documentation for each.
Can that setup you recommend work without issues?
I did something with haproxy when I was initially trying discourse. I was somewhat of a noob and still am in matters of servers and stuff but did anyway, and learned a bit about haproxy in the process. If I recall correctly there were issues with SSL, and the behavior of discourse whas somewhat inestable but guess I did I do something wrong.
So my question is it possible to do the configuration you recommend without instability and “funny” issues, without extreme amounts of fine tuning?
Yes, if you properly configure you reverse proxy it is possible. That is how this site right here is run.
What we can’t do is offer support to every reverse proxy configuration here.
Awesome!
Last petition: can you link me to some help documentation to do this configuration?
Nginx Running other websites on the same machine as Discourse
Caddy Running Discourse with Caddy Server
Apache How to set up Discourse on a server with existing Apache sites
Lovely.
I remember when I did my trials I followed the apache guide. What is nor clear from the article is whether SSL should be disabled upon rebuilding discourse (and whether disabling it is accomplished by just not entering an email address for let’s encrypt), and what ports should be “exposed” on discourse/app.yml (the guide only shows who the line …
“8888:80” # fwd host port 8888 to container port 80 (http)
… is supposed to look, but nothing about the immediately following line in the app.yml file (the one than by default looks…
… should look like.
PS. While looking at the app.yml file to write that post I realized the following lines are present there:
##Uncomment these two lines if you wish to add Lets Encrypt (https)
… however, as of right now, my discourse app is running with SSL enabled but with these likes uncommented. How crucial commenting these lines is for my current setup (without a proxy) or for my desired setup (with a proxy and apache-wordpress)?
If you are not familiar with reverse proxies, and you can get a second IP easily, then that’s not a bad solution. Just do something like this:
expose:
- "192.168.1.1:80:80" # http
- "192.168.1.1:443:443" # https
This did it.
Love.
.
You can do the same trick with Straightforward direct-delivery incoming mail.
Thank you this didi it for me. My VPS provider offers inexpensive “floating IPs” in addition to the main IP configured on the VPS. This solution is very neat for me. It should be better documented as it is so simple.
expose:
- "my_floating_ip:80:80"
- "my_floating_ip:443:443"That worked? I didn’t think that the droplet could know about the floating IP.
Well it works fine:
First buy a floating IP and tie it to my VPS.
Then configure the server to use it:
vim /etc/network/interfaces.d/60-my-floating-ip.cfg
auto eth0:1
iface eth0:1 inet static
address your.Float.ing.IP
netmask 32
and save. Restart the network:
sudo service networking restart
Now I have 2 IPs: I use the main IP to configure several nginx sites, please note the /etc/nginx/sites-enabled configuration lines:
listen my_main_IP:80 myserver.name;
listen my_main_IP:443 ssl http2 myserver.name;
And the floating IP in /var/discourse/containers/app.yml as follows:
expose:
- "my_floating_ip:80:80"
- "my_floating_ip:443:443"
Check that everything is in order (original IPs edited as floating_ip and main_ip):
# netstat -taunp | grep -i listen
tcp 0 0 floating_ip:80 0.0.0.0:* LISTEN 19775/docker-proxy
tcp 0 0 main_ip:80 0.0.0.0:* LISTEN 13151/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 725/sshd
tcp 0 0 floating_ip:443 0.0.0.0:* LISTEN 19763/docker-proxy
tcp 0 0 main_ip:443 0.0.0.0:* LISTEN 13151/nginx: master
tcp6 0 0 :::22 :::* LISTEN 725/sshd
I don’t know if it’s ok to name names, but the server is on Hetzner Cloud and the floating IP feature is very convenient and aptly priced.
Aha! I didn’t know you could do that!
One can also use this trick to run multiple incoming mail servers for multiple domains
Nice work!
Aha! And that’s why I didn’t know how it worked.
I know this is an older topic but wanted to thank you guys, this just might save days of work on a similar problem I have been dealing with. Thanks for your sharing this invaluable info to all!!