Discourse setup on aws ec2 doesn't work with default IPv4 DNS

Hi discourse community,

I am new to discourse and just testing the setup of discourse on an AWS ec2 instance following discourse/INSTALL-cloud.md at master · discourse/discourse · GitHub. However, I wasn’t able to spin it up. Here is problem I am having:

Before purchasing all the resources, I wanted to try out the website without a domain name, so I used Public IPv4 DNS of that instance as the hostname of discourse and to access the site, e.g. https://ec2_ip_address.us-west-1.compute.amazonaws.com/.
I opened up the port 80, 443 on the instance via the security group, and verified these ports are accessible from public network (tested with python simple server).
But I get “This site can’t be reached” in browser after starting the discourse server with ./discourse-setup or ./launcher rebuild app.

I tried the discourse doctor, and it returns

Discourse version at ec2-ip_address.us-west-1.compute.amazonaws.com: NOT FOUND
Discourse version at localhost NOT FOUND

I am not 100% sure if email setup is working, but I assume site accessibility is a separate problem with email.

Can anyone point me what is missing or how can I debug this issue?

thanks a lot!

3 Likes

Welcome to the Meta Discourse Community :slightly_smiling_face:

It may be unrelated, but I’m noticing an inconsistency here:

2 Likes

Hi Jonathan,

Thanks for checking. I omitted the ip address here, the url should be correct.

3 Likes

The Not found status on your hostname is most probably due to the site not being live. You’ll have to share more from your discourse-doctor log.

Does the rebuild/bootstrap complete successfully?

If the EC2 instance is underpowered then there is a chance that discourse would take some time (~3-5 mins in some cases)

What you should be looking at is if your build completes successfully then with docker ps verify that the container is running and listening on 80 & 443. Once that’s verified, the problem is with the AWS security group and not the install itself.

3 Likes

Can you verify that your can access the server via the hostname?

2 Likes

The Not found status on your hostname is most probably due to the site not being live. You’ll have to share more from your discourse-doctor log.

Agreed. I will pay attention to the build log and see if there is something wrong. How can I debug if there is error in the log?

Can you verify that your can access the server via the hostname?

Yes, I verified the hostname and the ports are accessible in browser. both 80 and 443. I created a python http server simply serving some files, and I can see response in the browser

2 Likes

Do you see anything in the logs? Something like

/var/discourse/shared/standalone/logs/var-log/nginx/error.log

There should be an issue with let’s encrypt and aws. Even if it were your own domain, if you rebuilt a bunch of times you could have used to your quota.

2 Likes

Funny you should mention that. :slightly_smiling_face: It’s what initially drew me to this topic. I help a lot of people over at https://community.letsencrypt.org and thought this topic might be in my wheelhouse to assist. To apply any of my tools I would need to know the real domain names.

2 Likes

@ys2843

  • Can U update what happened later , I am stuck with the exact same issue .
1 Like

Are you trying to use an aws domain name? Don’t. Use your own.

Did you look at the logs?

If you did a bunch of rebuilds you’ll also hit let’s encrypt rate limits.

1 Like

@pfaffman

Background : Setting up a minimal discourse forum as a proof of concept on aws, trying to minimize the cost

You can register a domain name for $3 at godaddy. If your time is worth more than $3/hour you should register a domain. And if you don’t have $3 to register a domain, you can’t afford an ec2 either.

2 Likes

@pfaffman

  • Agree with U on the Pricing issue perspective .
  • From a technical perspective is there any work-around ???

Sure! See that one one else who uses an .amazonaws.com domain name uses Let’s Encrypt and then wait a week. If you don’t want to register a domain, that would be the next thing that I’d try.