Let’s start with I have no idea what I’m doing but I make it work most the time.
I got discource completely configured and working on a subdomain. I was going to install nginx and slug my way through setting up my main domain but am getting an error about “Address already in use.” I would assume this is talking about the port but I have no idea. Command line is new to me and I am lost. Would anyone be able to point me in the right direction?
Alternatively, is there any good free alternatives to something like serverpilot that will let me actually see what folders and things I have available and whatnot? To make it less command line.
Thanks for your response, appreciate it. I guess I can do that. I was hoping to not have to pay another $5 a month for another droplet but that’s fine. Also, with it already installed, is it easy to switch subdomains and (what I really want) move it to say example.com/forum instead of forum.example?
You can have multiple sites in a single droplet, but we only recommend this for advanced users who are familiar and comfortable with the command line.
Subfolder complicates the setup while giving no benefits. So it’s possible and supported, but not recommended for admin who aren’t comfortable with the server setup.
Are there tutorials for this? I literally just want a static website with 3 links, one for the wiki, forum, and support. Nothing too complex. I’m assuming I just need to change the port that discource is listening too and then I can get nginx running fine. But alas I have no idea how to do that.
After a search I saw how complicated it was and am content keeping it to a subdomain
It will be simpler for you to use two droplets instead of one, but what you’re trying to do - run a Discourse forum and another app on the same droplet on different subdomains - is very common and should be straightforward to set up. Having more familiarity with the command line would help. That might be something you should focus on going forward.
Discourse can serve all three purposes of you haven’t already established the other applications.
2 Likes
csmu
(Keith John Hutchison - Ceiteach Seán Mac Úistin)
8
This is how we’ve done it.
Discourse is running on port 8080 without letsencrypt.
letsencrypt scripts have been installed
2.1 letsencrypt updating is handled by a cron job
2.2 We use AWS for DNS. In our setup letsencrypt requires access to AWS to create certificates - currently, we use wildcards.
Nginx handles port 80 and swaps it to port 443
3.1 Nginx sends request upstream to discouse.
3.2 Here is an example nginx config
upstream discourse {
server 127.0.0.1:8080;
keepalive 32;
Well, I actually got it working for example.com, but going to www.example.com just redirects to my forum and not the homepage. I am assuming this has to do with my root@forum:~# nano /etc/nginx/sites-enabled/example.com? I can post my nginx config instead if that helps. At this point, you’re right. I should focus on learning command line better.
But looking at the server_name portion confuses me because it looks like it should indeed work. This is getting out of the realm of discourse installation so no hard feelings if you don’t want to help.
So that NGINX config portion looks like it would match both the apex domain and the www domain, and you’re instruction it to handle all paths and send it to your home page, which I assume is in /var/www/EXAMPLE.com/html.
You have to keep in mind that NGINX config is loaded at run time by concatenating all the config files it finds, including the ones in sites-enabled. So you might have a conflict somewhere that causes the www to redirect to your forum. For example, you may have another portion of NGINX config that comes first at run time which catches www.EXAMPLE.com and redirects it to a URL that matches a server block that proxies to the Discourse server. In fact, that’s the scenario I think is happening. Posting your complete NGINX config will help determine whether this is happening. On the running server, you can use the nginx -T command to dump the complete NGINX config currently loaded to stdout.
Yep, that is my homepage. Below is, I believe, my entire log. The last sample (# Virtual Host configuration for example.com) is their example. The others are me redacting my domain name (although I guess I don’t really need to). Thanks so much for the help! Feels good to at least get it partially working, going to start reading more so I can start to fully understand everything.
nginx -T
root@forum:~# nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POOD LE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
# configuration file /etc/nginx/modules-enabled/50-mod-http-geoip.conf:
load_module modules/ngx_http_geoip_module.so;
# configuration file /etc/nginx/modules-enabled/50-mod-http-image-filter.conf:
load_module modules/ngx_http_image_filter_module.so;
# configuration file /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf:
load_module modules/ngx_http_xslt_filter_module.so;
# configuration file /etc/nginx/modules-enabled/50-mod-mail.conf:
load_module modules/ngx_mail_module.so;
# configuration file /etc/nginx/modules-enabled/50-mod-stream.conf:
load_module modules/ngx_stream_module.so;
# configuration file /etc/nginx/mime.types:
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.wap.wmlc wmlc;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/vnd.openxmlformats-officedocument.wordprocessingml.document d ocx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet x lsx;
application/vnd.openxmlformats-officedocument.presentationml.presentation p ptx;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
# configuration file /etc/nginx/sites-enabled/EXAMPLE.com:
server {
listen 80;
listen [::]:80;
root /var/www/EXAMPLE.com/html;
index index.html index.htm index.nginx-debian.html;
server_name EXAMPLE.com www.EXAMPLE.com;
location / {
try_files $uri $uri/ =404;
}
}
# configuration file /etc/nginx/sites-enabled/default:
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/EXAMPLE.com;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
So one thing I see right away is that you have no proxy_pass directives in your complete config. Normally, you’d use that directive in the http blocks to say “Okay, request, I’m going to handle you because you’re port 80 and server_name forums.example.com and I’m going to proxy you to my Discourse app which is running on port 81 on my server”. The Discourse app must not be port 80 because the NGINX process on the DigitalOcean droplet is already bound to port 80. But NGINX is capable of proxying that request on port 80 through a new request to localhost:81. It can do that to get to your Discourse app.
So if you’re running all of this as processes on the droplet with nothing else like Docker containers involved, you should have a line somewhere in your config that looks like proxy_pass http://localhost:81; (or whichever port you’re using for Discourse). For your other “app” which is really just a set of files you want NGINX to statically serve, you can use that try_files directive I already see in your configuration.
I’d suggest reading through a few examples that involve proxying to see what you can do. You may have a setup that is in a weird state that isn’t clear to any of us, since apparently without any proxying in your NGINX config, which would be necessary for www.EXAMPLE.com to show your Discourse app in a web browser, it’s still reachable by a web browser anyways.
Thanks for trying to help, at this point I’m lost. I created an entirely separate droplet and it is still redirecting www.example.com to the forum.example.com, while just example.com is fine. Driving me mad. I guess I just need to continue to read tutorials and learn a bit. Could it be something in my app.yml or another file? Doesn’t nginx get run in the docker environment or something for discourse? Or maybe it has something to do with the https cert that gets installed when you first install discourse? Not sure how to check that. At any rate, I will start reading through examples.
Edit: Could it be because I am using a droplet that is 18.10 Ubuntu? I destroyed both droplets and will start all over.
I don’t mind private messaging you it, if it’d help. I literally deleted everything and the www. is still redirecting to forum.example.com lol. Definitely something messed up.
DNS was my other theory as to what could be wrong. Can you double check your settings? If you’re using DigitalOcean nameservers, check in your DigitalOcean dashboard and see which droplets they’re routing to, or if there are any CNAME records or anything like that. You don’t need any CNAME records for this. You should just have A records pointing the subdomains to the droplet you want them to go to.
If you’re not using DigitalOcean nameservers, and you’re using your DNS provider’s nameservers instead, go to your admin page on their site and see what records are set up and which IPs they point to. Again, no CNAME records are needed. Just A records pointing to the IPs of your DigitalOcean droplets.
I did in fact have a CNAME record to redirect the www. to just example.com. Do I not need that when using nginx? So just A records?
Before I deleted them, I had them routed to the correct droplet. I emptied my cache and hard reloaded on chrome and all is good. I deleted the DNS records, www now works, and without it took a few minutes but is now working. I’m still confused why it was redirecting www to the forum subdomain though.
The only ways one FQDN will bring you to another are DNS and something happening server side.
Out of the box a Discourse instance will catch all queries on :80 and direct it to the default site.
Without visibility of your DNS records before they were changed I can’t comment about what was up in this specific case, the additional nginx complicates matters too.
