Discourse installed in UNRAID Ubuntu Server VM behind NPM reverse proxy not resolving hostname

Hey everyone! I have read various posts on here to no avail so I figured I would explain my current setup in detail in hopes that someone may have some feedback for me to resolve the Issue.

I’m currently running an Unraid server. Unraid hosts docker containers as well as VMs. I have a Nginix Reverse Proxy Manager (NPM) running in a docker container that handles reverse proxies for all my other docker containers I run. My firewall is set to send all WAN traffic on ports 80/443 to NPM and I redirect traffic within NPM to my containers.

I followed the following guide: discourse/docs/INSTALL-cloud.md at main · discourse/discourse · GitHub

It does indicate its for installation on a cloud server, though mine is a bare metal machine here self hosted.

System information as of Sun Jan 28 07:35:54 AM UTC 2024

  System load:              0.5126953125
  Usage of /:               45.9% of 13.16GB
  Memory usage:             6%
  Swap usage:               0%
  Processes:                125
  Users logged in:          0
  IPv4 address for docker0: 172.17.0.1
  IPv4 address for enp1s0:  10.30.20.150

I booted up a VM in unraid, installed ubuntu server, set a static IP address, installed docker, and downloaded discourse. Upon running the setup I get the following error.

Hostname for your Discourse? [discourse.example.com]: forum.mydomain.net

Checking your domain name . . .
WARNING: Port 443 of computer does not appear to be accessible using hostname:
WARNING: Connection to  (port 80) also fails.

This suggests that forum.mydomain.net resolves to some IP address that does not reach this
machine where you are installing discourse.

The first thing to do is confirm that forum.mydomain.net resolves to the IP address of this server.
You usually do this at the same place you purchased the domain.

If you are sure that the IP address resolves correctly, it could be a firewall issue.
A web search for "open ports YOUR CLOUD SERVICE" might help.

This tool is designed only for the most standard installations. If you cannot resolve
the issue above, you will need to edit containers/app.yml yourself and then type

./launcher rebuild app

I am able to ping my Ubuntu VM at the static IP assigned it at 10.30.20.150 from my NPM container. I have setup my NPM config to target https 10.30.20.150 port 443 as well as http port 80 to no avail. When the setup fails, it seems to close the discourse container within the VM?

Is there any work around for this?
Possibly, edit my firewall ports to bypass the reverse proxy and target the VM directly so that it can get a certificate and run the container, and then once running be able to manually edit the config.yml to use my reverse proxy?
Could I edit the install somehow to not ask for an SSL cert, and run on port 80, then handle getting an SSL cert though NPM?

Lastly I did see in a few posts that there is a ‘production’ and ‘development’ version of discourse… it seems that the dev version can be ran html on a local port? If this is true, i imagine i could easily put everything behind my reverse proxy easier…? From what i had read the production package is easier to keep updated and may have performance improvements.

Id greatly appreciate some help, feedback, or suggestions on the matter

This is the only supported production install here.

But I’m not convinced it’s right for your circumstance as you already have a reverse-proxy.

You might investigate using the Discourse base image and reverse engineer your own bespoke composition:

https://hub.docker.com/r/discourse/base/

1 Like

Can you remove in the app.yml remove reference to port 80 and 443 with a #?

is that file located in /var/discourse/containers ? I cannot cd to that directory, it says ‘permission denied’

so would the base concept of this be to edit the discourse base dockerfile and remove the lines that install/config the reverse proxy that comes with the package?

No, I would look at creating a completely bespoke docker compose (or whatever you are using for orchestration) and use a custom dockerfile for discourse.

i have never done this before and sounds a little intimidating. i have no idea where i would start. i wonder if anyone has been down the path im going down before and already done and published a fix.

I wonder if doing similar to what this guy here did could isolate the containers built in reverse proxy so that i could complete an install, or resolve properly to my external reverse proxy running in its own docker container?

2 Likes

It’s on the advanced end of sys admin work, but Docker Compose is basically like playing with very cool lego - its not as hard as it looks and there’s a lot of help on the web.

It would be a great learning experience developing a very transferable skill, go for it!

Your link also looks like another good place to have a go.

2 Likes

Yes, thats the one.

It’s not that easy, though. When I’ve done this, I’ve still used launcher to build an image, push it to a repo, and then launch it. Then you also need to have means to precompile assets, migrate the database and maybe some other stuff.

Following the “run other websites” method is probably the thing to do.

3 Likes

Yeah, it’s not trivial, but I’ve worked with quite a good Docker Compose solution at a client - no launcher in sight!

I also have a private cloud dev install using DC …

2 Likes