Content Security Policy: The settings of the page have blocked the loading of a resource ("script-src")

Well, I use the standard installation, which forces port 80 and 443.

So you didn’t use docker-compose?

Yes, the standard install requires ports 80 and 443 and turns on https and force_https. You shouldn’t have the problem that you describe if you did a standard install.

You ran discourse-setup to install?

The thing is, I want to run discourse on other ports and include it in my Apache2 via reverse proy…

Perhaps if you will say how you installed, someone else can help you. Maybe you want Set up Discourse on a server with existing Apache sites.

I have already said! About the standard installation!!!

Of course you can. You should expose for example - "83:80" on app.yml, or what ever port your reverse proxy uses to send traffic to backend. Or you can use websocket.

You want to use a reverse proxy that is not a standard install.

I have, but the site is not accessible

Then your settings are wrong. What is an issue is close to impossible guess. Don’t use CSP, that would be the first move. But are both, Apache2 and Discourse, on same server? Is your conf of Apache2 right? Etc, etc.

Again as said — you don’t use standard install.

I cannot use the standard install! Sorry, but what’s so hard to understand about that? I already have Apache2 running, and I don’t see the point of shutting it down just because Discourse doesn’t think it’s flexible enough to use other ports

That is the problem with the whole thing

My Apache2 Conf:

<VirtualHost *:80>
    ServerName <domain>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

<VirtualHost *:443>
    ServerName <domain>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine On
    SSLCertificateFile    /etc/letsencrypt/live/<domain>/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/<domain>/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/<domain>/fullchain.pem

    ProxyPass /
    ProxyPassReverse /


  - "90:80"   # http
  - "100:443" # https

Perhaps not that hard than understand you get support from the team only for standard installs. That’s why you have to hope someone from us, ordinary members, can help you.

And because you don’t tell anything it is a bit bard task. We can’t guess is your conf right or if you have directed to right port at app.yml. We don’t know absolut anything of your setup.

Of course it is. Using reverse proxy front of Discourse is quite trivial — outside docker anyway. You just have to expose right ports or use websocket, if those two are on same server.

Have you done it? I don’t know and my cards didn’t tell :wink:

And again — if CSP is an issue don’t use it until you figure out what’s fighting back.

1 Like

CSP? Well, I have already passed my Apache2 Conf… As well as the expose part of the app.yml

Why are you exposing this? Your localhost uses port 90.

Because i have to choose a different port for https than for http?

You don’t use SSL between reverse proxy and backend. Reverse proxy has terminated SSL because it is the wall between outside world and backend.

Works! But now I have this error:

Job exception: SSL_connect returned=1 errno=0 peeraddr=<my_ip>:587 state=error: certificate verify failed (unable to get local issuer certificate)

Are you trying to get or handle certificate on Discourse side? That sounds like error from Ruby. If so, then don’t.

You have to comment out these if already aren’t:

# - "templates/web.ssl.template.yml"
# - "templates/web.letsencrypt.ssl.template.yml"

This is in my postfix

Then you are on wrong forum. But you should check your cinfiguration of postfix, firewall etc.