So I used the standard install doc and everything seemed to go fine. I then edited the app.yml to change ports used, commented out LetsEncrypt and rebuilt. Looks like it all went fine.
But when I try to connect via the most direct method:
Okay, so I entered the app and installed lynx inside the discord docker, and I can get the welcome page there! So the install is working, the network mapping from in the docker out to the server is the issue.
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c6d0209e4e72 local_discourse/app "/sbin/boot" 51 minutes ago Up 51 minutes 127.0.0.1:8880->80/tcp, 127.0.0.1:4443->443/tcp app
…and here is the app.yml info:
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
- "templates/web.ratelimited.template.yml"
expose:
- "127.0.0.1:8880:80" # http
- "127.0.0.1:4443:443" # https
params:
db_default_text_search_config: "pg_catalog.english"
db_shared_buffers: "2048MB"
env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
UNICORN_WORKERS: 8
DISCOURSE_HOSTNAME: [redacted]
DISCOURSE_SMTP_ADDRESS: [redacted]
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: [redacted]
DISCOURSE_SMTP_PASSWORD: "[redacted]"
#DISCOURSE_SMTP_ENABLE_START_TLS: true # (optional, default true)
DISCOURSE_SMTP_DOMAIN: [redacted]
DISCOURSE_NOTIFICATION_EMAIL: [redacted]
## The Docker container is stateless; all data is stored in /shared
volumes:
- volume:
host: /var/discourse/shared/standalone
guest: /shared
- volume:
host: /var/discourse/shared/standalone/log/var-log
guest: /var/log
## Plugins go here
## see https://meta.discourse.org/t/19157 for details
hooks:
after_code:
- exec:
cd: $home/plugins
cmd:
- git clone https://github.com/discourse/docker_manager.git
## Any custom commands to run after building
run:
- exec: echo "Beginning of custom commands"
- exec: echo "End of custom commands"
Ah, I see what I did. The 8880:80 works fine, I was only testing the 4443:443 side. It did not work as there is a certificate error. I am intending to install and manage the certificate at the webserver level in the virtual host. I will post a final solution for those interested once I get it all working.
Install environment
Hestia Control Panel (For Server Management)
Apache2 (Webserver)
Discourse in Docker reverse proxied to Apache2
Let’sEncrypt not reverse proxied, but managed by Hestia in the www_root
Setup unix sockets in app.yml (and rebuild):
- "templates/web.socketed.template.yml"
Remove port mapping and Let’sEncrypt from app.yml (and rebuild)
Create Alternative apache2.conf templates for HestiaCP as follows (for those of you not using hestiacp, just realize that the %{replace tags}% are pretty standard and obvious if you look at any other apache2.conf file. The most important parts do not use many %{replace tags}%. Also note that the text standalone could be socket-only depending on your setup. Look to see what is in the /var/discourse/shared/ dir if you don’t remember.
{Custom Template}.stpl
<VirtualHost %ip%:%web_ssl_port%>
ServerName %domain_idn%
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / unix:/var/discourse/shared/standalone/nginx.http.sock|http://localhost/
ProxyPassReverse / unix:/var/discourse/shared/standalone/nginx.http.sock|http://localhost/
ServerAdmin %email%
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
<Directory %sdocroot%>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI
</Directory>
SSLEngine on
SSLVerifyClient none
SSLCertificateFile %ssl_crt%
SSLCertificateKeyFile %ssl_key%
%ssl_ca_str%SSLCertificateChainFile %ssl_ca%
IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.ssl.conf_*
</VirtualHost>
{Custom Template}.tpl
<VirtualHost %ip%:%web_port%>
ServerName %domain_idn%
%alias_string%
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / unix:/var/discourse/shared/standalone/nginx.http.sock|http://localhost/
ProxyPassReverse / unix:/var/discourse/shared/standalone/nginx.http.sock|http://localhost/
RewriteEngine On
RewriteCond %{REQUEST_URI} !^.well-known/acme-challenge
RewriteRule ^(.*) https://%domain_idn%/$1 [R=301,L]
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
<Directory %sdocroot%>
AllowOverride All
Options +Includes -Indexes +ExecCGI
</Directory>
IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.conf_*
</VirtualHost>