Hosting: Digitalocean.
Followed; all guides here also on digitalocean, for installating and configiring the NGINX with Letencrypt together.
Successfully running HTTPS - https://hkh.pm/
ENDED up with 502 Bad Gateway
discourse config in /etc/nginx/sites-enabled/
server {
listen 80;
server_name www.hkh.pm;
return 301 https://hkh.pm$request_uri;
}
server {
listen 443 ssl http2;
server_name hkh.pm;
ssl_certificate /etc/letsencrypt/live/hkh.pm/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/hkh.pm/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://hkh.pm:25654/;
proxy_read_timeout 90;
proxy_redirect http://hkh.pm:25654/ https://hkh.pm;
}
}
App.yml config
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
- #"templates/web.ratelimited.template.yml"
## Uncomment these two lines if you wish to add Lets Encrypt (https)
- #"templates/web.ssl.template.yml"
- #"templates/web.letsencrypt.ssl.template.yml"
## which TCP/IP ports should this container expose?
## If you want Discourse to share a port with another webserver like Apache or nginx,
## see https://meta.discourse.org/t/17247 for details
expose:
- "25654:80" # http
- "443:443" # https
NGINX Status :
dbm@hkh:~$ systemctl status nginx.service
â—Ź nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2018-01-13 09:48:08 UTC; 16min ago
Process: 1459 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status
Process: 1389 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exite
Main PID: 1484 (nginx)
Tasks: 3
Memory: 10.4M
CPU: 229ms
CGroup: /system.slice/nginx.service
├─1484 nginx: master process /usr/sbin/nginx -g daemon on; master_process on
├─1485 nginx: worker process
└─1486 nginx: worker process
Docker ps -a
dbm@hkh:~$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b91fdb1b28df local_discourse/app "/sbin/boot" About an hour ago Exited (5) 17 minutes ago
So my conclusion that there is some kind of problem with ports that indicates that forwarding is not configured properly and im out of ideas. (tried almost everything that i could find on google and discourse community). Here we can see that problem;
dbm@hkh:~$ sudo netstat -plntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1484/nginx -g daemo
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1484/nginx -g daemo
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1417/sshd
tcp6 0 0 :::22 :::* LISTEN 1417/sshd
seems like docker-proxy is not being loaded and not forwarding to port 25654 - Also i had a problem that was saying that port 80 was being used. And after that i’ve rebooted, and ngnix didnt say that we have some errors.
dbm@hkh:~$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Any advices or tips what could i do to sort this out! Thanks in advance