(Superseded) Redirect additional domain(s) to your Discourse instance

Update DNS Record

Update the A record for the domain(s) you want to redirect to original domain.

It helped and so am sharing. If somebody trying to change the A Record for the route domain. Don’t use * in the hostname but @ in the hostname of Digitalocean DNS management.

Why are you using digital ocean for DNS? It would be out recommendation to stick with your registrar’s DNS unless you’re looking to use specific features which require moving, such as Cloudflare or Route 53.

Not sure what’s the disadvantage of that. But the reason why i do it is using the registrar only for buying domain and leave that alone. Then manage everything in DO. Also their interface looks easy to manage multiple domains and setup.

Here’s my issue:

If I redirect my naked domain example.com -> www.example.com using the instructions here, I have problems with my ssl certificate not being valid when going to example.com.

If I use NakedSSL to redirect example.com -> www.example.com. My cookies and therefore topics read seems to not display accurately.

What is the solution? I am using a docker install on digital ocean.

@techAPJ @codinghorror

You must redirect to the “correct” form that you have certs for. Content cannot be at multiple domains simultaneously, that is a configuration error, and Google will ding you for duplicate content.

2 Likes

Ok. I did get it working using the instructions as above. As you said my certificate probably hadn’t completely switched from the naked domain to the www domain.

However, I still have issues with discourse not remembering what I have read when I return to the root of the site. If I go straight to the root, all messages are shown as unread until I follow the latest and top links. Any idea what may be causing this behaviour?

Can someone please confirm these settings for me?

    - file:
        path: /etc/nginx/conf.d/www_redirect_1.conf
        contents: |
          server {
            listen 80;
            listen 443 ssl;
            server_name www.reddcointalk.org;
            return 301 https://reddcointalk.org$request_uri;
          }

The goal here is to redirect https://www.reddcointalk.org AND http://www.reddcointalk.org to https://reddcointalk.org. However, https://www.reddcointalk.org provides an SSL error. I’ve tried several different configurations of this but end up in the same place.

1 Like

I suppose it works fine for you now; as the links mentioned are redirecting fine. I suppose you had to specify ssl_certificate and ssl_certificate_key. Can you please share your updated settings?

I wanted the visitors of hotelbobbygg.xyz be forwarded to already working https://a.hotelbobbygg.xyz.

I’ve did exactly as you told. (app.yml shown below) and then rebuilt the image.

But visitors of hotelbobbygg.xyz get the certificate error (and can’t add exception either). I’ve even tried incognito mode.

I was wondering, in the path line (i.e. the line just next to ‘-file’), do I only need to give some name such as ‘some_name.conf’ or do I need to create that same named file ‘some_name.conf’ somewhere, under some /etc/path?

This is a great start. So, the problem I’m running into here is that since the root domains (www and non-www) do not have SSL certs assigned to them by Let’s Encrypt in the docker container build we get an HTTPS error from the browser before the redirect even happens. Right? How do we add SSL to the root domains (www and non-www) so that this redirect will actually work?

Check out Setting up Let’s Encrypt with Multiple Domains. I used this yesterday to have the www.example.com site that I set up properly redirect https://example.com and it worked as expected.

2 Likes

Is this all still valid in 2021? I want to redirect an old url to my new host, but my discourse setup is an https:// site. It looks like the instructions here are for an http:// site (port 80?)
Would someone be so kind as to show the steps necessary to redirect:
https://discourse.oldsite.com to
https://discourse.newsite.com

I’m using DO, I assume I also need to add a CNAME record in my network settings that points the old site to the new one?

Do I need to also do some things with LetsEncrypt?

Thank you for your help!

The linked topic should work. It explains how to add some stuff to the app.yml that will cause let’s encrypt to get a cert for both subdomains.k Yes, you need to use a CNAME or otherwise have both domains resolve to your droplet.

1 Like

Thank you very much for your quick reply.
So, I ONLY need to do the steps detailed in your previous post ( Setting up Let’s Encrypt with Multiple Domains ) , not the OP stuff too? (The OP refers to port 80 only)

Yes. Only the one thing in Setting up Let’s Encrypt with Multiple Domains, I’m reasonably sure.

Get the DNS right to start or you’ll hit rate limits.

3 Likes

I add this block to my app.yml

after_web_config:
  - replace:
      filename: /etc/nginx/nginx.conf
      from: /sendfile.+on;/
      to: |
        server_names_hash_bucket_size 64;
        sendfile on;
  - file:
      path: /etc/nginx/conf.d/discourse_redirect_1.conf
      contents: |
        server {
          listen 80;
          server_name mydomain.tld2;
          return 301 $scheme://mydomain.tld1$request_uri;
        }
after_ssl:
    - replace:
        filename: "/etc/runit/1.d/letsencrypt"
        from: /--keylength/
        to: "-d mydomain.tld2 -d mydomain.tld2 --keylength"

my current domain name is mydomain.tld1, after rebuilding, mydomain.tld1 works fine but when trying to access mydomain.tld2, it says ERR_CERT_COMMON_NAME_INVALID, and vice versa (switch tld1 and tld2 in .yml file)

Am I missing some configs?

1 Like

I think that something changed in the let’s encrypt template and that something else is needed, but I haven’t spent the time to fully debug that yet.

I have a discourse instance setup on forum.mysite.ca through Digital Ocean. I want to direct mysite.ca to forum.mysite.ca and I thought I got it to work, but when i go to mysite.ca this warning message shows up
" Your connection is not private

Attackers might be trying to steal your information from mysite.ca (for example, passwords, messages, or credit cards). Learn more

NET::ERR_CERT_COMMON_NAME_INVALID"
with and “advanced” button that has a link in text that says “Proceed to mysite.ca (unsafe)”
I’ve been looking for the answer for like a week and im having a lot of trouble. any advice or links would help.

Has mysite.ca its own sertificate?

I followed this discourse/docs/INSTALL-cloud.md at main · discourse/discourse (github.com) , I dont think I set up sertificate for my mysite.ca