Follow the standard Let’s Encrypt instructions for getting auto renewal set up - the point of using these instructions is that it’s not managed by Discourse for you.
I thought as much, thank you.
Can’t enable certbot :
sudo certbot --nginx -d forum.apertureproject.me returns
Saving debug log to /var/log/letsencrypt/letsencrypt.log Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/sites-enabled/discourse.conf:14 nginx: [emerg] open() "/etc/niginx/snippets/ssl-params.conf" failed (2: No such file or directory) in /etc/nginx/sites-enabled/discourse.conf:17 nginx: configuration file /etc/nginx/nginx.conf test failed The nginx plugin is not working; there may be problems with your existing configuration. The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/sites-enabled/discourse.conf:14\nnginx: [emerg] open() "/etc/niginx/snippets/ssl-params.conf" failed (2: No such file or directory) in /etc/nginx/sites-enabled/discourse.conf:17\nnginx: configuration file /etc/nginx/nginx.conf test failed\n',)
I don’t know what to replace the “deprecated” lines with in the discourse.conf file.
Just removed the
ssl on; from the directions, but where the heck is this misspelled
nginx coming from?
Wow you’re right, I have no idea
Not sure if this has been covered as this a particularly large thread:
I was following this installation guide and got up to this stage:
Edit Discourse Configuration
Launch the setup tool at
After running the entry I got the following results:
Docker not installed. Enter to install from https://get.docker.com/ or Ctrl+C to exit
I pressed Enter to install and then got the following:
Port 80 appears to already be in use. This will show you what command is using port 80 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME nginx 3739 root 6u IPv4 28546 0t0 TCP *:http (LISTEN) nginx 3739 root 7u IPv6 28547 0t0 TCP *:http (LISTEN) nginx 7773 www-data 6u IPv4 28546 0t0 TCP *:http (LISTEN) nginx 7773 www-data 7u IPv6 28547 0t0 TCP *:http (LISTEN) If you are trying to run Discourse simultaneously with another web server like Apache or nginx, you will need to bind to a different port See https://meta.discourse.org/t/17247 If you are reconfiguring an already-configured Discourse, use ./launcher stop app
I don’t think I did install Discourse at any stage, in fact, I ran
./launcher stop app and got the following:
docker.io/discourse/base:2.0.20200512-1735 Config file was not found, ensure containers/app.yml exists ls: cannot access '*.yml': No such file or directory Available configs ( )
What’s the next step I should follow? I am running Ghost and GoAccess (for stats) in the same DigitalOcean droplet.
Many thanks in advance!
As a prospective user of Discourse, this situation is a real “DO I REALLY WANT USE THIS?” moment, akin to hijacking.
I have MariaDB not Postgres, Apache not NginX. I’m not very familiar with how Docker containers work, but I suspect the the proxy HTTPD is needed because the docker instance is sandboxed.
Is it possible to setup an Apache virtual host with handlers for Rails? I read that a ‘special file’ is used to communicate with the Discourse engine.
These setups are supported because they’re the easiest setups to support.
You’ll need to either stop nginx for the duration of the initial Discourse install, or use a workaround to achieve the initial install.
I was able to successfully install Discourse and now I’m trying to work out how to use a Apache virtualhost to pass the traffic to the forum. I’ve started a new thread for that:
Solved. See the linked thread.
Thank you Kane, I decided to install Discourse in another droplet and it worked (originally!), now I’m having a little bit of an issue, maybe you or another community member will be able to help!
I’d like to note that the launchpad PPA is maintained by volunteers and is not distributed by nginx.org. I recommend installing nginx as per their installation instructions. the launchpad PPA is not updated as regularly and this may cause issues with newer versions of OS’s such as Ubuntu 20.04 focal since there’s no release file for focal in the launchpad.
Personally, I’m using this PPA for Ubuntu: Ondřej Surý in Launchpad
You can choose the stable or mainline version. It’s usually well supported.
There are also for PHP and Apache2.
That one seems better maintained than the other PPA, it also has Focal support I see.
Thanks for sharing the extra tips to support the first thread. Am having issues with SSL cert and Key names issue. I can see from the below error. That’s the issue (i donno what else could be)
Am not 100% sure what changed need to be done according to this.
As others mentioned, I had to change the ssl cert and key names in the
`When i go to my discourse.conf, this below what i see. (PS: Previously there wasn’t any discourse.conf file in /nginx/sites-enabled/ . So i created it just now)
could you advice ? or others?
UPDATE: Need to mark this as solved as the name should be like this
But havign 502 gateway and figuring out. Thanks @EricGT even though for checking that.
I would check the file types. I suspect that
crt should be
If you don’t have a AAAA record no sense in checking for IPv6 address, e.g.
Check with IPv6 test - web site reachability
Sorry what do you mean by that? This is not a fresh installation and been installed for 2years. so if i missed AAAA, that means i should have missed before. or do you mean I need to do this DNS setup now?
It is more of a friendly suggestion.
The site I am helping to set up, the domain name does not have a AAAA record, e.g. there is no IPv6 address associated with the domain name, so if you use the domain name to get to the site, e.g.
discoure.xyz.org it will not be converted to a IPv6 address but only a IPv4 address.
The site IPv6 test - web site reachability will tell you if have a AAAA record or not. If you don’t then you can just remove
listen [::]:80; from the configuration.
Sometime, many moths to years down the road if someone is changing the domain name or something then they can check into getting a AAAA record.
Personally for our site I am doing just as suggested. There is no AAAA record so I am remvoing
listen [::]:80; and not doing anything more as I don’t have the admin rights for the domain name.
Everything seems to work fine, except for the discobot certificate which gives me an 500 error
Failed to process hijacked response correctly : Failed to open TCP connection to example.com:443 (Connection refused - connect(2) for "example.com" port 443)
Is it possible that a front nginx (setup as in the OP) doesn’t play nice with the hijack module ?