Installed Discource on Digital Ocean, but now cannot install nginx?

Let’s start with I have no idea what I’m doing but I make it work most the time.

I got discource completely configured and working on a subdomain. I was going to install nginx and slug my way through setting up my main domain but am getting an error about “Address already in use.” I would assume this is talking about the port but I have no idea. Command line is new to me and I am lost. Would anyone be able to point me in the right direction?

Alternatively, is there any good free alternatives to something like serverpilot that will let me actually see what folders and things I have available and whatnot? To make it less command line.

In this case I recommend putting your site for the main domain in another server. It makes stuff way easier.

2 Likes

Thanks for your response, appreciate it. I guess I can do that. I was hoping to not have to pay another $5 a month for another droplet but that’s fine. Also, with it already installed, is it easy to switch subdomains and (what I really want) move it to say example.com/forum instead of forum.example?

You can have multiple sites in a single droplet, but we only recommend this for advanced users who are familiar and comfortable with the command line.

Subfolder complicates the setup while giving no benefits. So it’s possible and supported, but not recommended for admin who aren’t comfortable with the server setup.

3 Likes

Are there tutorials for this? I literally just want a static website with 3 links, one for the wiki, forum, and support. Nothing too complex. I’m assuming I just need to change the port that discource is listening too and then I can get nginx running fine. But alas I have no idea how to do that.

After a search I saw how complicated it was and am content keeping it to a subdomain :stuck_out_tongue:

It will be simpler for you to use two droplets instead of one, but what you’re trying to do - run a Discourse forum and another app on the same droplet on different subdomains - is very common and should be straightforward to set up. Having more familiarity with the command line would help. That might be something you should focus on going forward.

Would you mind posting your nginx config?

Discourse can serve all three purposes of you haven’t already established the other applications.

2 Likes

This is how we’ve done it.

  1. Discourse is running on port 8080 without letsencrypt.

  2. letsencrypt scripts have been installed
    2.1 letsencrypt updating is handled by a cron job
    2.2 We use AWS for DNS. In our setup letsencrypt requires access to AWS to create certificates - currently, we use wildcards.

  3. Nginx handles port 80 and swaps it to port 443
    3.1 Nginx sends request upstream to discouse.
    3.2 Here is an example nginx config

     upstream discourse {
     server 127.0.0.1:8080;
     	keepalive 32;
    

    }

    proxy_cache_path /var/cache/nginx-discourse levels=1:2 keys_zone=discourse_cache:10m max_size=3g inactive=120m use_temp_path=off;

    server {
    listen 80;
    server_name discourse.your-domain-name.tld ;

     add_header Strict-Transport-Security max-age=2592000;
     rewrite ^/.*$ https://$host$request_uri? permanent;
    

    }

    server {
    listen 443 ;
    server_name discourse.your-domain-name.tld;

     access_log  /home/your-domain-name/discourse-access.log;
     error_log   /home/your-domain-name/discourse-error.log;
    
     ssl on;
     ssl_certificate "/etc/letsencrypt/live/your-domain-name/fullchain.pem" ;
     ssl_certificate_key "/etc/letsencrypt/live/your-domain-name/privkey.pem" ;
     keepalive_timeout   60;
    
     ssl_ciphers             HIGH:!ADH:!MD5;
     ssl_protocols           SSLv3 TLSv1;
     ssl_prefer_server_ciphers on;
    
     proxy_buffers 16 64k;
     proxy_buffer_size 128k;
    
     location ~ /api/v[0-9]+/(users/)?websocket$ {
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
         client_max_body_size 50M;
         proxy_set_header Host $http_host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
         proxy_set_header X-Frame-Options SAMEORIGIN;
         proxy_buffers 256 16k;
         proxy_buffer_size 16k;
         client_body_timeout 60;
         send_timeout 300;
         lingering_timeout 5;
         proxy_connect_timeout 90;
         proxy_send_timeout 300;
         proxy_read_timeout 90s;
         proxy_pass http://discourse;
     }
    
     location / {
         client_max_body_size 50M;
         proxy_set_header Connection "";
         proxy_set_header Host $http_host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
         proxy_set_header X-Frame-Options SAMEORIGIN;
         proxy_buffers 256 16k;
         proxy_buffer_size 16k;
         proxy_read_timeout 600s;
         proxy_cache discourse_cache;
         proxy_cache_revalidate on;
         proxy_cache_min_uses 2;
         proxy_cache_use_stale timeout;
         proxy_cache_lock on;
         proxy_http_version 1.1;
         proxy_pass http://discourse;
     }
    }
    
3 Likes

Well, I actually got it working for example.com, but going to www.example.com just redirects to my forum and not the homepage. I am assuming this has to do with my root@forum:~# nano /etc/nginx/sites-enabled/example.com? I can post my nginx config instead if that helps. At this point, you’re right. I should focus on learning command line better.

server {
    listen 80;
    listen [::]:80;

    root /var/www/EXAMPLE.com/html;
    index index.html index.htm index.nginx-debian.html;

    server_name EXAMPLE.com www.EXAMPLE.com;

    location / {
            try_files $uri $uri/ =404;
    }
}

But looking at the server_name portion confuses me because it looks like it should indeed work. This is getting out of the realm of discourse installation so no hard feelings if you don’t want to help.

So that NGINX config portion looks like it would match both the apex domain and the www domain, and you’re instruction it to handle all paths and send it to your home page, which I assume is in /var/www/EXAMPLE.com/html.

You have to keep in mind that NGINX config is loaded at run time by concatenating all the config files it finds, including the ones in sites-enabled. So you might have a conflict somewhere that causes the www to redirect to your forum. For example, you may have another portion of NGINX config that comes first at run time which catches www.EXAMPLE.com and redirects it to a URL that matches a server block that proxies to the Discourse server. In fact, that’s the scenario I think is happening. Posting your complete NGINX config will help determine whether this is happening. On the running server, you can use the nginx -T command to dump the complete NGINX config currently loaded to stdout.

1 Like

Yep, that is my homepage. Below is, I believe, my entire log. The last sample (# Virtual Host configuration for example.com) is their example. The others are me redacting my domain name (although I guess I don’t really need to). Thanks so much for the help! Feels good to at least get it partially working, going to start reading more so I can start to fully understand everything. :slightly_smiling_face:

nginx -T
root@forum:~# nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POOD                                                                                                                                                             LE
        ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json application/javascript                                                                                                                                                              text/xml application/xml application/xml+rss text/javascript;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}


#mail {
#       # See sample authentication script at:
#       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
#       # auth_http localhost/auth.php;
#       # pop3_capabilities "TOP" "USER";
#       # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
#       server {
#               listen     localhost:110;
#               protocol   pop3;
#               proxy      on;
#       }
#
#       server {
#               listen     localhost:143;
#               protocol   imap;
#               proxy      on;
#       }
#}

# configuration file /etc/nginx/modules-enabled/50-mod-http-geoip.conf:
load_module modules/ngx_http_geoip_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-image-filter.conf:
load_module modules/ngx_http_image_filter_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf:
load_module modules/ngx_http_xslt_filter_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-mail.conf:
load_module modules/ngx_mail_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-stream.conf:
load_module modules/ngx_stream_module.so;

# configuration file /etc/nginx/mime.types:

types {
    text/html                             html htm shtml;
    text/css                              css;
    text/xml                              xml;
    image/gif                             gif;
    image/jpeg                            jpeg jpg;
    application/javascript                js;
    application/atom+xml                  atom;
    application/rss+xml                   rss;

    text/mathml                           mml;
    text/plain                            txt;
    text/vnd.sun.j2me.app-descriptor      jad;
    text/vnd.wap.wml                      wml;
    text/x-component                      htc;

    image/png                             png;
    image/tiff                            tif tiff;
    image/vnd.wap.wbmp                    wbmp;
    image/x-icon                          ico;
    image/x-jng                           jng;
    image/x-ms-bmp                        bmp;
    image/svg+xml                         svg svgz;
    image/webp                            webp;

    application/font-woff                 woff;
    application/java-archive              jar war ear;
    application/json                      json;
    application/mac-binhex40              hqx;
    application/msword                    doc;
    application/pdf                       pdf;
    application/postscript                ps eps ai;
    application/rtf                       rtf;
    application/vnd.apple.mpegurl         m3u8;
    application/vnd.ms-excel              xls;
    application/vnd.ms-fontobject         eot;
    application/vnd.ms-powerpoint         ppt;
    application/vnd.wap.wmlc              wmlc;
    application/vnd.google-earth.kml+xml  kml;
    application/vnd.google-earth.kmz      kmz;
    application/x-7z-compressed           7z;
    application/x-cocoa                   cco;
    application/x-java-archive-diff       jardiff;
    application/x-java-jnlp-file          jnlp;
    application/x-makeself                run;
    application/x-perl                    pl pm;
    application/x-pilot                   prc pdb;
    application/x-rar-compressed          rar;
    application/x-redhat-package-manager  rpm;
    application/x-sea                     sea;
    application/x-shockwave-flash         swf;
    application/x-stuffit                 sit;
    application/x-tcl                     tcl tk;
    application/x-x509-ca-cert            der pem crt;
    application/x-xpinstall               xpi;
    application/xhtml+xml                 xhtml;
    application/xspf+xml                  xspf;
    application/zip                       zip;

    application/octet-stream              bin exe dll;
    application/octet-stream              deb;
    application/octet-stream              dmg;
    application/octet-stream              iso img;
    application/octet-stream              msi msp msm;

    application/vnd.openxmlformats-officedocument.wordprocessingml.document    d                                                                                                                                                             ocx;
    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          x                                                                                                                                                             lsx;
    application/vnd.openxmlformats-officedocument.presentationml.presentation  p                                                                                                                                                             ptx;

    audio/midi                            mid midi kar;
    audio/mpeg                            mp3;
    audio/ogg                             ogg;
    audio/x-m4a                           m4a;
    audio/x-realaudio                     ra;

    video/3gpp                            3gpp 3gp;
    video/mp2t                            ts;
    video/mp4                             mp4;
    video/mpeg                            mpeg mpg;
    video/quicktime                       mov;
    video/webm                            webm;
    video/x-flv                           flv;
    video/x-m4v                           m4v;
    video/x-mng                           mng;
    video/x-ms-asf                        asx asf;
    video/x-ms-wmv                        wmv;
    video/x-msvideo                       avi;
}

# configuration file /etc/nginx/sites-enabled/EXAMPLE.com:
server {
        listen 80;
        listen [::]:80;

        root /var/www/EXAMPLE.com/html;
        index index.html index.htm index.nginx-debian.html;

        server_name EXAMPLE.com www.EXAMPLE.com;

        location / {
                try_files $uri $uri/ =404;
        }
}

# configuration file /etc/nginx/sites-enabled/default:
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
        listen 80 default_server;
        listen [::]:80 default_server;

        # SSL configuration
        #
        # listen 443 ssl default_server;
        # listen [::]:443 ssl default_server;
        #
        # Note: You should disable gzip for SSL traffic.
        # See: https://bugs.debian.org/773332
        #
        # Read up on ssl_ciphers to ensure a secure configuration.
        # See: https://bugs.debian.org/765782
        #
        # Self signed certs generated by the ssl-cert package
        # Don't use them in a production server!
        #
        # include snippets/snakeoil.conf;

        root /var/www/EXAMPLE.com;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }

        # pass PHP scripts to FastCGI server
        #
        #location ~ \.php$ {
        #       include snippets/fastcgi-php.conf;
        #
        #       # With php-fpm (or other unix sockets):
        #       fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        #       # With php-cgi (or other tcp sockets):
        #       fastcgi_pass 127.0.0.1:9000;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#       listen 80;
#       listen [::]:80;
#
#       server_name example.com;
#
#       root /var/www/example.com;
#       index index.html;
#
#       location / {
#               try_files $uri $uri/ =404;
#       }
#}

So one thing I see right away is that you have no proxy_pass directives in your complete config. Normally, you’d use that directive in the http blocks to say “Okay, request, I’m going to handle you because you’re port 80 and server_name forums.example.com and I’m going to proxy you to my Discourse app which is running on port 81 on my server”. The Discourse app must not be port 80 because the NGINX process on the DigitalOcean droplet is already bound to port 80. But NGINX is capable of proxying that request on port 80 through a new request to localhost:81. It can do that to get to your Discourse app.

So if you’re running all of this as processes on the droplet with nothing else like Docker containers involved, you should have a line somewhere in your config that looks like proxy_pass http://localhost:81; (or whichever port you’re using for Discourse). For your other “app” which is really just a set of files you want NGINX to statically serve, you can use that try_files directive I already see in your configuration.

I’d suggest reading through a few examples that involve proxying to see what you can do. You may have a setup that is in a weird state that isn’t clear to any of us, since apparently without any proxying in your NGINX config, which would be necessary for www.EXAMPLE.com to show your Discourse app in a web browser, it’s still reachable by a web browser anyways.

1 Like

Thanks for trying to help, at this point I’m lost. I created an entirely separate droplet and it is still redirecting www.example.com to the forum.example.com, while just example.com is fine. Driving me mad. I guess I just need to continue to read tutorials and learn a bit. Could it be something in my app.yml or another file? Doesn’t nginx get run in the docker environment or something for discourse? Or maybe it has something to do with the https cert that gets installed when you first install discourse? Not sure how to check that. At any rate, I will start reading through examples.

Edit: Could it be because I am using a droplet that is 18.10 Ubuntu? I destroyed both droplets and will start all over.

It could very well be DNS for one of the above mentioned records, but as you’re redacting the domain we can’t really assist further.

1 Like

I don’t mind private messaging you it, if it’d help. I literally deleted everything and the www. is still redirecting to forum.example.com lol. Definitely something messed up.

DNS was my other theory as to what could be wrong. Can you double check your settings? If you’re using DigitalOcean nameservers, check in your DigitalOcean dashboard and see which droplets they’re routing to, or if there are any CNAME records or anything like that. You don’t need any CNAME records for this. You should just have A records pointing the subdomains to the droplet you want them to go to.

If you’re not using DigitalOcean nameservers, and you’re using your DNS provider’s nameservers instead, go to your admin page on their site and see what records are set up and which IPs they point to. Again, no CNAME records are needed. Just A records pointing to the IPs of your DigitalOcean droplets.

I did in fact have a CNAME record to redirect the www. to just example.com. Do I not need that when using nginx? So just A records?

Before I deleted them, I had them routed to the correct droplet. I emptied my cache and hard reloaded on chrome and all is good. I deleted the DNS records, www now works, and without it took a few minutes but is now working. I’m still confused why it was redirecting www to the forum subdomain though.

The only ways one FQDN will bring you to another are DNS and something happening server side.

Out of the box a Discourse instance will catch all queries on :80 and direct it to the default site.

Without visibility of your DNS records before they were changed I can’t comment about what was up in this specific case, the additional nginx complicates matters too.

1 Like