使用 Let's Encrypt 和无反向代理设置多站点配置

pfaffman · 2025 年5 月 8 日 14:37

You likely need to change just the part having to do with the certificates.

Oh. Wait.

It sounds like recent changes to the way that the NGINX configuration is managed that this bit is now in a different file:

   # do not redirect all hosts back to the main domain name
    - replace:
        filename: "/etc/nginx/conf.d/discourse.conf"
        from: /if \(\$http_host[^\}]*\}/m
        to: ""

Yes. Here’s the new place:

github.com/discourse/discourse_docker

templates/web.ssl.template.yml

7b042d615


      
          
                ssl_certificate /shared/ssl/ssl.crt;
                ssl_certificate_key /shared/ssl/ssl.key;
          
                ssl_session_tickets off;
                ssl_session_timeout 1d;
                ssl_session_cache shared:SSL:1m;
          
                add_header Strict-Transport-Security 'max-age=31536000';
          
                if ($http_host != $$ENV_DISCOURSE_HOSTNAME) {
                  rewrite (.*) https://$$ENV_DISCOURSE_HOSTNAME$1 permanent;
                }
          - file:
              path: "/etc/nginx/conf.d/outlets/discourse/20-https.conf"
              contents: |
                add_header Strict-Transport-Security 'max-age=31536000';
          - exec:
              cmd:
                - |-
                  if [ -f "/proc/net/if_inet6" ] ; then

I think that changing that filename to /etc/nginx/conf.d/outlets/server/20-https.conf will solve the redirect problem. You’ll also need to make the changes about how the certificate is requested, though if it’s working, I guess you might not need to change it.

nolo · 2025 年5 月 8 日 17:13

Thanks @pfaffman! Can’t get it working so far. Though I probably just ran into the Certificate limit as well, re-building with changes to the config file…

Gonna study the proxy stuff now

pfaffman · 2025 年5 月 8 日 17:23

If you did, you can just add another subdomain to the list (and the DNS record) and you’ll start a new rate limit.

nolo · 2025 年5 月 8 日 20:26

Maybe I was just duped again by the browser cache In any case, I switched that server to the default multisite setup, with caddy as reverse proxy. In the end it’s also straightforward and one thing I actually like is that the certificates are for each domain then (and not all domains shared on one certificate).

Have another server to update, I’ll try the adjustments another time with that one to see what’s necessary..

Thanks again!

话题		回复	浏览量
Success - New Multisite Install on Dedicated server using ServerPilot, Nginx and Apache Installation	22	9567	2020 年7 月 28 日
Need help with multisite configuration Installation	14	1659	2022 年3 月 23 日
Running 3 container for 3 domain in one installation with SSL Installation	5	827	2019 年12 月 30 日
Need proper documentation for multisite discourse with docker Installation docker	9	2801	2015 年5 月 20 日
Discourse multisite installation help with digitalocean Installation	1	1315	2018 年4 月 19 日

使用 Let's Encrypt 和无反向代理设置多站点配置

相关话题