so https works
and I think I understood how that all works . I will try to write it down the comings days
my config
discourse app.yml extract
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
- "templates/web.ratelimited.template.yml"
## Uncomment these two lines if you wish to add Lets Encrypt (https)
#- "templates/web.ssl.template.yml"
#- "templates/web.letsencrypt.ssl.template.yml"
## which TCP/IP ports should this container expose?
## If you want Discourse to share a port with another webserver like Apache or nginx,
## see https://meta.discourse.org/t/17247 for details
expose:
#- "80:80" # http
#- "443:443" # https
#- "80" # http
#- "443" # https
#- "40080:80"
#- "40443:443"
labels:
app_name: discourse
#----Traefik lables------------------------
traefik.enable: true
traefik.docker.network: bridge_proxy_traefikv2
#---HTTP ROUTER SECTION-------------------
traefik.http.routers.discourse.rule: Host(`forum.fairbnb.community`)
#--HTTP SECTION--------------------------
traefik.http.routers.discourse.entrypoints: web
traefik.http.routers.discourse.middlewares: discourse_redirect2https
#traefik.http.services.discourse.loadbalancer.server.port: 80
#---HTTPS ROUTER SECTION
traefik.http.routers.discourse_secure.rule: Host(`forum.fairbnb.community`)
#--HTTPS SECTION
traefik.http.routers.discourse_secure.entrypoints: websecure
traefik.http.services.discourse_secure.loadbalancer.server.port: 80
#--TLS SECTION
traefik.http.routers.discourse_secure.tls.certresolver: tlsChallenge_letsencrypt
#---MIDDLEWARE SECTION redirect http to https
traefik.http.middlewares.discourse_redirect2https.redirectscheme.scheme: https
docker_args:
- "--network=bridge_proxy_traefikv2"
params:
Treafik Static Config
global:
checkNewVersion: true
entryPoints:
web:
address: :80
websecure:
address: :443
api:
debug: true
providers:
docker:
exposedByDefault: false
network: bridge_proxy_traefikv2
log:
level: DEBUG
filePath: /var/log/traefik-log.log
accessLog:
filePath: /var/log/traefik-access.log
certificatesResolvers:
tlsChallenge_letsencrypt:
acme:
email: my.secret@gmail.com
storage: /etc/ssl/certs/letsencrypt/acme.json
tlsChallenge: {}