Install on machine with existing Nginx and SSL


(Helmi) #1

Hey there,

I have an existing machine with nginx and SSL running (also for the domain that is supposed to use discourse later).

I found quite some hints about how to proxy to discourse through nginx but none of the approaches this from a fresh installation. As ./discourse-setup basically doesn’t even start when port 80 is in use already I’m a bit lost when it comes to changing the app.yml that isn’t yet created.

I’m sure I can create it from the bottom up but I don’t know how.

Any guide to follow along for this case?

Thanks


(Rafael dos Santos Silva) #2

Do you really need a nginx proxy with Discourse? That’s an advanced setup. We really recomend sticking to the quick guide and running everything inside the container and using a DNS subdomain for the forums.

Because SSL can be get for free with basic Discourse. And your certificate is probably for https://example.com while forum will be https://something.example.com


(Helmi) #3

oh, maybe I wasn’t clear.

the machine where discourse will be running is already running Nginx on port 80 for different projects and it has to go there. Therefore proxying to nging will most probably the way to go.

I’m not afraid of doing advanced setups, I have just not written the configuration file manually yet and it doesn’t seem to work any other way here.

The cert also already is existing and is perfectly well for the domain/subdomain I’m planning to use.


(Rafael dos Santos Silva) #4

Ok, now it’s clear.

Try to edit app.yml and change the expose port from 80 to something like 6789. Then rebuild.

Then nginx upstream must proxy to that port.


(Helmi) #5

The reason for my initial post was that I don’t have an app.yml :slight_smile:
Whatever I now have one, edited it and got discourse installed.

It also works on my special port without ssl but i didn’t yet figure to get it working through the proxy.

Basically it seems to call the backend but can’t load all the assets.

Do I have to have the SSL cert also connected to the backend? I thought terminating SSL at nginx should be enough?