Well, I use the standard installation, which forces port 80 and 443.
So you didn’t use docker-compose?
Yes, the standard install requires ports 80 and 443 and turns on https and force_https. You shouldn’t have the problem that you describe if you did a standard install.
You ran discourse-setup to install?
The thing is, I want to run discourse on other ports and include it in my Apache2 via reverse proy…
Perhaps if you will say how you installed, someone else can help you. Maybe you want Set up Discourse on a server with existing Apache sites.
I have already said! About the standard installation!!!
Of course you can. You should expose for example - "83:80" on app.yml, or what ever port your reverse proxy uses to send traffic to backend. Or you can use websocket.
You want to use a reverse proxy that is not a standard install.
I have, but the site is not accessible
Then your settings are wrong. What is an issue is close to impossible guess. Don’t use CSP, that would be the first move. But are both, Apache2 and Discourse, on same server? Is your conf of Apache2 right? Etc, etc.
Again as said — you don’t use standard install.
I cannot use the standard install! Sorry, but what’s so hard to understand about that? I already have Apache2 running, and I don’t see the point of shutting it down just because Discourse doesn’t think it’s flexible enough to use other ports
My Apache2 Conf:
<VirtualHost *:80>
ServerName <domain>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>
<VirtualHost *:443>
ServerName <domain>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/<domain>/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/<domain>/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/<domain>/fullchain.pem
ProxyPass / http://127.0.0.1:90/
ProxyPassReverse / http://127.0.0.1:90/
</VirtualHost>
app.yml:
expose:
- "90:80" # http
- "100:443" # https
Perhaps not that hard than understand you get support from the team only for standard installs. That’s why you have to hope someone from us, ordinary members, can help you.
And because you don’t tell anything it is a bit bard task. We can’t guess is your conf right or if you have directed to right port at app.yml. We don’t know absolut anything of your setup.
Of course it is. Using reverse proxy front of Discourse is quite trivial — outside docker anyway. You just have to expose right ports or use websocket, if those two are on same server.
Have you done it? I don’t know and my cards didn’t tell 
And again — if CSP is an issue don’t use it until you figure out what’s fighting back.
1 Like
CSP? Well, I have already passed my Apache2 Conf… As well as the expose part of the app.yml
Why are you exposing this? Your localhost uses port 90.
Because i have to choose a different port for https than for http?
You don’t use SSL between reverse proxy and backend. Reverse proxy has terminated SSL because it is the wall between outside world and backend.
Works! But now I have this error:
Job exception: SSL_connect returned=1 errno=0 peeraddr=<my_ip>:587 state=error: certificate verify failed (unable to get local issuer certificate)
Are you trying to get or handle certificate on Discourse side? That sounds like error from Ruby. If so, then don’t.
You have to comment out these if already aren’t:
# - "templates/web.ssl.template.yml"
# - "templates/web.letsencrypt.ssl.template.yml"
This is in my postfix
Then you are on wrong forum. But you should check your cinfiguration of postfix, firewall etc.