How to install Discourse in the AWS EC2 Instances(Ubuntu Server LTS)?

#22
  1. Yes, I checked it.
    EC2 Security Groups
    ap-northeast-2.console.aws.amazon.com_ec2_v2_home_region=ap-northeast-2(Laptop with HiDPI screen) (9).png2880×1800 404 KB
  2. Yes.
  3. Asia Pacific (Seoul).
#23

Next level down the stack that could be stopping it would be a firewall. Does iptables -nvL output anything?

Past that is the discourse container actually running? Does it appear in a docker ps?

2 Likes
#26

I entered the command, here is the output:

Chain INPUT (policy ACCEPT 9 packets, 648 bytes)
 pkts bytes target     prot opt in     out     source               destination 

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
16012  108M DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0 
16012  108M DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 7953  107M ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
   86  4460 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0  
 7973  807K ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0 

Chain OUTPUT (policy ACCEPT 8 packets, 600 bytes)
 pkts bytes target     prot opt in     out     source               destination 

Chain DOCKER (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     tcp  --  !docker0 docker0  0.0.0.0/0            172.17.0.2           tcp dpt:443
   15   780 ACCEPT     tcp  --  !docker0 docker0  0.0.0.0/0            172.17.0.2           tcp dpt:80

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination 
 7973  807K DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
16012  108M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0   

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0  
 7973  807K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0   

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination 
16012  108M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0   

CONTAINER ID        IMAGE                 COMMAND             CREATED             STATUS              PORTS                                      NAMES
1ddff40f95d2        local_discourse/app   "/sbin/boot"        4 minutes ago       Up 4 minutes        0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp   app
#27

I tried to visit Instances’s IPv4 Public IP, and it displayed that:

chrome-error___chromewebdata_(Laptop%20with%20HiDPI%20screen)%20(1)
chrome-error___chromewebdata_(Laptop with HiDPI screen) (1).png2880×1800 311 KB

#28

You need to use the name you’ve configured in DNS to access your instance, not the IP.

Accessing discourse via IP address isn’t supported.

1 Like
#29

@Stephen Umm, I tried to visit the FQDN I input in ./discourse-setup , but:

#30
#31

So you’ve not done anything to tell NameSilo about your EC2 server at Amazon?

The way DNS works is that you tell the DNS server about the resources you’re trying to publish under that domain name. You need to configure an ‘a’ record at NameSilo for your Discourse instance, linked to the IP at Amazon.

Your screenshot shows discourse.example.com - I’m assuming that’s not the domain you’ve trying to work with. It might help if you give us more information about the specific configuration so that we can advise on which records to create.

NameSilo and/or Amazon aren’t psychic, they have no knowledge of one another, it’s up to you to create the necessary DNS entries so that one refers to the other.

Once DNS is correctly configured you will need to wait for the records to propagate, then rebuild your app (./launcher rebuild app) so that Let’s Encrypt can enroll the certificate.

1 Like
#32

You need to go to NameSilo and create an A record that connects your FQDN to your site.

You might also need to make sure that ports 80 and 443 are not blocked.

1 Like
#33

Thanks, I have

so, don’t need to check ports 80 and 443 are not blocked, right?

#34

Thanks, the FQDN is discourse.tircklehub.com. But why I need to rebuild my app again?

Didn't show which user replied
#35

If you’re using Let’s Encrypt then once DNS is configured it needs to generate a certificate, which is done when the container is built.

2 Likes
#37

I’m using Let’s Encrypt. I rebooted Instance and without rebuild app, but the page loaded successfully. Why did it happened?

#38

Isn’t I need to generate a certificate again when I rebooted Instance?

#39

According to my browser, that domain doesn’t resolve.

1 Like
#40

Because I stopped the Instance(AWS only provide 750 hours EC2 Instance free tire.). But when I rebooted Instance and without rebuild app again, the page can load successfully.

#41

Now I start the Instance without ./launcher rebuild app. I can visit is successfully. What about you?

com_(Laptop%20with%20HiDPI%20screen)%20(1)
discourse.tricklehub.com_(Laptop with HiDPI screen) (1).jpg2880×1800 700 KB

So why @Stephen said that?

#42

First question, [at]Stephen told me, I need to:

because of I’m using Let’s Encrypt, and the reason is:

But, I rebooted Instance, configured DNS and without run command ./launcher rebuild app, the welcome page loaded successfully. So the question is how did it happened?

Second questions, how to auto renew Let’s Encrypt certificate?
Should I

like this Topic said(I’ve already using ./discourse-setup to enable Let’s Encrypt)?

#43

It will auto renew. You’re all set.

1 Like
#44

So you mean it will auto renew and generate certificate automatically?

1 Like