El error real parece ser No se puede verificar la autenticidad del token CSRF. La respuesta estaba en este hilo: Can't Login to Discourse - CSRF Token Authenticity
Agregué lo siguiente a mi archivo apache2.conf:
RequestHeader set X-Forwarded-Proto https
Del registro de errores:
Started POST "/session" for {my.ip} at 2021-08-07 11:45:54 +0000
Processing by SessionController#create as */*
Parameters: {"login"=>"{me}", "password"=>"[FILTERED]", "second_factor_method"=>"1", "timezone"=>"America/Denver"}
Can't verify CSRF token authenticity.
Rendered text template (Duration: 0.0ms | Allocations: 1)
Filter chain halted as :verify_authenticity_token rendered or redirected
Completed 403 Forbidden in 13ms (Views: 1.5ms | ActiveRecord: 0.0ms | Allocations: 898)