See the excellent topic Setting up Let’s Encrypt as your first step!
In addition to that setup, the following is my technique for registering multiple domains (very handy with a multisite setup).
Step 1 - letsencrypt
It’s pretty simple really, add something like the following to your
app.yml hooks section:
after_ssl: - replace: filename: "/etc/runit/1.d/letsencrypt" from: /--keylength/ to: "-d second-domain.com -d www.second-domain.com -d other-domain.com -d www.other-domain.com --keylength"
Step 2 - discourse.conf
In addition to step 1 there is a change needed for nginx to correctly redirect http to https for anything other than
- replace: filename: "/etc/nginx/conf.d/discourse.conf" from: /return 301 https.+/ to: | return 301 https://$host$request_uri;
We also need to remove the additional rewrite that
web.ssl.template.yml adds since it forces only the
DISCOURSE_HOSTNAME and now we have others!
- replace: filename: "/etc/nginx/conf.d/discourse.conf" from: /gzip on;[^\}]+\}/m to: | gzip on; add_header Strict-Transport-Security 'max-age=31536000'; # remember the certificate for a year and automatically connect to HTTPS for this domain
You may want to then add your own redirects.
It is working great for me issuing and updating 12 domains now, hopefully this is helpful to someone else!