Discourse Docker and HTTPS

(Roxy Hana) #1

Hello, I’ve been fighting with this issue for a few days already and I don’t know what else to do.
Here’s what I have build in the server:

  • A server with apache where I store a wordpress page. This page is asignes to this URL https://openzmeter.com/ via certbot, so HTTS works here.
  • I also have installed a Docker with Discourse and via reversed proxy, assigned to this url http://forum.openzmeter.com/

So both pages are working but I can’t configure the HTTPS for Discourse.

I tried this tutorial uncommenting the lines and rebuilding. It just gives me and error for an invalid certificate saying this subdomains isn’t included in the certificate, only the openzmeter domain, which I configured via certbot sucessfully.

meta.discourse -> t/setting-up-lets-encrypt/40709

Thank you for any help you can offer! I’m quite new at HTTPS configuration so I’m sure I’m missing something.

(Jay Pfaffman) #2

Since you’ve got another web server that’s answering the door, you need to configure it to be the https host. You should be able to configure it via certbot the same way that you did the apache site, through (presumably) the same Apache server.

(Roxy Hana) #3

Yes I tried that, but when I select the url forum to configure it as I did with the original, it asks me for it’s webroot, which is the route to the web’s files and I can’t access from the host to the docker. Or can I? I can’t get pass the webroot option.

(Boubacar Sidy Diallo) #4

let’s assume that your discourse container is running on the http port 8080.

First forget about your discourse container and try to set a https website like the one with wordpress or a simple html page accessible with http://forum.openzmeter.com/. Now set everything for this website to be in https. Keep the normal webroot and everything. Once you have that, go back to the apache config file of this https website.
The file in /etc/apache2/sites-availables.
and add the proxy line to your http not https discourse.

<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot /var/www/
ServerName forum.openzmeter.com

ProxyPass / http://:forum.openzmeter.com:8080/
ProxyPassReverse / http://forum.openzmeter.com:8080/
ProxyRequests Off

SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off

<Directory "/var/www/html">
    Options Indexes FollowSymLinks MultiViews
    AllowOverride all
        Order allow,deny
    Allow from all

That’s all. Your recieve a https request and you proxypass to a http internal container. The web browser won’t complain.