Installation / Networking (port configs)

I think I’m through the worst of it…

As you can see from the screenshot, I’ve managed to get Discourse “installed”. But I can’t seem to get a valid SSL cert assigned.

For the record I’m routing this through my Synology NAS with a reverse proxy elevating port 89 to 443 with websocket and port 89 and 449 (mapped to 80 and 443 respectively in the app.yml)

As far as I can tell, I’ve done everything I was meant to, in order to get it all set up.
I have a certificate pointed to but it still resolves to,

Your help is greatly appreciated :slight_smile:

This port issue is essentially all that is keeping me from having a functional Discourse install. Any ideas?

I don’t fullly understand your current situaution, are you running discourse behind proxy? if yes then probably you just need to expose port 80 and let your proxy server handle https/ssl.

Does that mean you deploying discourse on private cloud/on premise? If the answer is yes, then one common issue, is trying to access the site on LAN vs WAN, if this your cause and accesing the site from other network seems fine i.e. just try to access the site your mobile network then check this ref .

How is it set up, by discourse? If not by discourse then probably you only need to expose port 80.

I apologize for lacking the clarification needed.

I’m using a reverse proxy to route the IP address 192.168.1.XXX to a subdomain i.e., so in-short yes, it’s on-prem.

It’s currently inaccessible via LAN or WAN (mobile)

after running sudo netstat -tlnp | grep LISTEN I see the ports 89 and 449 listed, but traveling to the local ip e.g. 192.168.1.XXX:449 (or 89) doesn’t work.

And of course the reverse proxy (from the Synology NAS) doesn’t help, so the subdomain I’ve configured is a dead end.

For total clarification, the machine I’m attempting to host Discourse on is a VM hosted on a machine with XCPNG. The VM OS is the latest Ubuntu Server (CLIN)

Hummm, If I understand correctly, the 192.168.1.XXX is your private IP address in LAN, and you probably have a public IP address, which your ISP gives you. So just to be clear in your DNS record you should have your public IP address set to point to your subdomain, not your private ip address (in LAN), and secondaly your router might need to be configured to allow incoming traffic route it, to your private IP 192.168.1.XXX. And your ISP should allow incoming traffic

Alternative you can just tunnel your local traffic to a remote server so that you don’t need to mess with your router setting or think if your ISP allows incoming traffic.

So what is your case, tunnel traffic, or allowing incoming traffic via NAT or DMZ?

Would it be more helpful to see screenshots of the various configuration points?

Did you set the force_https site setting?

I didn’t make it that far. I ran into a slew of other errors that prevented me from getting a good install, so I wasn’t able to activate “force_https”.

I’ll have to go another route. Sorry to bother.