Running other websites on the same machine as Discourse


(Régis Hanol) #43

Will soon be fixed once meta is fully migrated to S3 :wink:


(Jay Wu) #44

when will the https .conf file be available for viewing again? Need it badly… :scream: Just moved the main site with discourse to https, main site is working fine but discourse is totally broken… :sob: @zogstrip


(Kane York) #45

Here, I’ll paste it here:


server {
	listen 80;
	# change this
	server_name forum.riking.org;

	return 301 https://$host$request_uri;
}
server {
	listen 443 ssl spdy;
	# change this
	server_name forum.riking.org;

	ssl on;
	ssl_certificate      /var/docker/shared/standalone/ssl/ssl.crt;
	ssl_certificate_key  /var/docker/shared/standalone/ssl/ssl.key;
        ssl_dhparams /var/www/keys/dhparams.pem;
	ssl_session_tickets off;
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK;

	# enable SPDY header compression
	spdy_headers_comp 6;
	spdy_keepalive_timeout 300; # up from 180 secs default

	location / {
        proxy_pass https://unix:/var/discourse/shared/standalone/nginx.https.sock:;
		proxy_set_header Host $http_host;
		proxy_http_version 1.1;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
} 

Russian strings for the flagging dialog here on meta
(Jay Wu) #46

So i’d need to have this .conf for Nginx “site” just like it was with http, while also adding “templates/web.ssl.template.yml” to the app.yml? Cuz they looked a bit redundant to me. Do i also need to change anything in the web.ssl.template.yml to make it match (.crt .key file names etc)?

:flushed:Right now my discourse is having 502 bad gateway.


(Kane York) #47

The config I posted reaches into the Discourse files to pull out the SSL certificates.

Basically you need to make sure to do this:


(Techabyte) #48

This is exactly what I needed. I was looking for a way to have discourse in a subdomain and have like a static page on the root. Thank you so much!!!


(Bernhard Fürst) #59

FYI: A mostly automated approach is to use the Nginx Proxy container by jwilder: https://hub.docker.com/r/jwilder/nginx-proxy/.

At the Discourse site all you have to do is to add a VIRTUAL_HOST environment variable to /var/discourse/containers/app.yml. For details see

https://meta.discourse.org/t/multiple-standalone-setup/30142/2?source_topic_id=17247

Front page of discourse missing content
(Wint) #60

Are these instructions still up to date? My default app.yml doesn’t match this, and after trying to follow the instructions (some parts are unclear) when I try to ./launcher start app it’s telling me something is already listening on port 80 (nginx obviously).

Here is the start of my app.yml:

    templates:
   - "templates/postgres.template.yml"
   - "templates/redis.template.yml"
   - "templates/web.template.yml"
   - "templates/sshd.template.yml"
   - "templates/web.ratelimited.template.yml"
   - "templates/web.socketed.template.yml"

 ## which TCP/IP ports should this container expose?
 expose:
   #- "80:80"   # fwd host port 80   to container port 80 (http)
    "2222:22" # fwd host port 2222 to container port 22 (ssh)

(Bernhard Fürst) #61

Got the same error and solved it by exposing Port 80 to something arbitrary like 52352:

expose:
  - "52352:80"   # fwd host port 80   to container port 80 (http)

(Wint) #62

Tried that:

Error response from daemon: Cannot start container app: Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use
Error: failed to start containers: [app]

If I stop nginx outside of the container it starts up fine.

I’ve also tried it both with the discourse configuration file above in /etc/nginx/conf.d as well as /etc/nginx/sites-available with the appropriate symbolic link in /etc/nginx/sites-enabled.


(Wint) #63

Ah got it. I needed to run ./launcher destroy app before bootstrapping again. All sorted.


(Dan Dascalescu) #64

@riking: in the current state, the instructions no longer work. I get the nginx welcome page and my forum was bricked :-1:

  1. The conf.d change from posts #52 - #58: The default /etc/nginx/nginx.conf has include /etc/nginx/conf.d/*.conf, but in the OP, the config file doesn’t have the .conf extension. Also, setting up the sites-enabled symlink is no longer necessary (and the discourse conf file is no longer there).
  2. I’ve fixed the above on my server, but still got the nginx default welcome. Turns out the /etc/nginx/sites-enabled/default file has to be removed.
  3. There should be a final step to restart the app. Not sure if ./launcher start app is enough, or if rebuild or destroy are necessary, so I’ll let you update the OP.
  4. After rebuilding and restarting the app, I get All outgoing email has been globally disabled by an administrator. No email notifications of any kind will be sent.. What causes that?

(Kane York) #65

Changed those first 3 in the guide.

#4 is caused by the “disable emails” site setting being set.


(Dan Dascalescu) #67

@riking: I’m trying to get SSL to work. I have the cert files and used your nginx.conf from post #43 (which is slightly different from the .txt attached to the OP; I’ve merged the .conf in the OP (so it’s wiki-editable) and fixed ssl_dhparams into ssl_dhparam while at it) but ran into several issues:

  1. The ssl_session_tickets off; directive caused an error with the nginx that comes from the Ubuntu repositories by default.

    nginx: [emerg] unknown directive “ssl_session_tickets” in /etc/nginx/conf.d/discourse.conf:22

    Turns out ssl_session_tickets was introduced in 1.5.9, and the nginx installed by sudo apt-get install nginx is 1.4.0.

    To fix that, I installed nginx from its own Ubuntu PPA:

    sudo add-apt-repository ppa:nginx/stable -y
    sudo apt-get update && sudo apt-get install nginx
    
  2. The path /var/docker/shared/standalone/ssl/ doesn’t exist. Did you mean /var/discourse/shared/standalone/ssl? [UPDATE: I’ve changed to this and the setup worked] BTW, must the cert files be placed there, or can they be placed elsewhere?

  3. Same for /var/www/keys. I do see a /var/discourse/shared/standalone/ssl/dhparams.pem file.

  4. I got a Bad Gateway error, with this in /var/log/nginx/error.log:

    *633 connect() to unix:/var/discourse/shared/standalone/nginx.https.sock failed (2: No such file or directory) while connecting to upstream

    That was fixed by uncommenting the # - "templates/web.ssl.template.yml" # if HTTPS line in app.yml. Initially it seemed like it would make the nginx in the container do SSL (hence the https.sock) - is that necessary if the connection is fully within localhost? Anyway, uncommenting it made the SSL setup work.

I’ve edited the OP and maybe the base templates used... line can be clarified a bit. How can the list be cut down? How are these templates used?


(Kane York) #68

No, I suppose not.

I’ll respond / fix the rest later, have stuff to do right now.


(probus) #69

Is anyone running Dokku along Discourse on the same server?


#70

Help, I’m a linux newbie and I’ve done a mess :sob:
I’ve followed the instructions, but I got stucked with the default “welcome message” of nginx in my homepage, so my discourse was out.

At this point I did a very severe mistake: I tried to remove nginx. Now instead of the default message I get “Server not found” :scream:

If I do
sudo service nginx reload
I get
reload: Unknown instance:

Obviously I tried to repeat everything this guide said. Nothing, the message remains always Unknown instance…

Apart from saying that I’m an idiot… any help…? :fearful:


(Steven Greco) #71

Have you reinstalled NGINX and made sure the service is running?


#72

I’ve just repeated step by step the whole guide in the first post.
When at the end I type
sudo nginx -t
I get
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

So it seems to be fine, but if I type
sudo service nginx reload
I get
`reload: Unknown instance:

Doesn’t a command exist to delete completely nginx and restart the procedure from the beginning? It looks like I’ve messed something trying to cancel nginx before!

P.S.: Ah, my /var/discourse/containers/app.yml looks like this

       templates:
      - "templates/postgres.template.yml"
      - "templates/redis.template.yml"
      - "templates/web.template.yml"
      - "templates/sshd.template.yml"
      - "templates/web.ratelimited.template.yml"
      - "templates/web.socketed.template.yml" #<-I've only added this string

    ## which TCP/IP ports should this container expose?
    expose:
      - "8080:80"   # fwd host port 80   to container port 80 (http)
      - "2222:22" # fwd host port 2222 to container port 22 (ssh)

#73

Thank you Grex315 for helping :slightly_smiling:
I removed my posts because I managed to fix everything :blush:
I had to reinitialize my server deleting everything, reinstalling discourse (I had saved the backup file before) and then followed again these instructions at the top of this page. Now Discourse works again, and nginx is installed.

So I did some newbie stupid mistake somewhere, but this instructions works perfectly even with non expert users, thank you very much!

Now I have only to install wordpress, I hope everything will go well…