So, my website is behind Cloudflare. I am trying to make it https.
I tried using Cloudflare SSL (Full (strict)) but no, it did not work. I tried using Let’s Encrypt’s SSL which would not work because it is behind such proxy stuff as stated in official tutorial. What I encounter is Error 521.
What I am trying to achieve is:
Public > Cloudflare SSL > Origin > Let’s Encrypt SSL > Host
Or just Let’s Encrypt or Cloudflare in the middle. It does not matter, actually.
app.yml
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
- "templates/web.ratelimited.template.yml"
- "templates/web.ssl.template.yml"
- "templates/web.letsencrypt.ssl.template.yml"
expose:
- "80:80" # http
- "443:443" # https
params:
db_default_text_search_config: "pg_catalog.english"
db_shared_buffers: "128MB"
env:
LANG: en_US.UTF-8
UNICORN_WORKERS: 2
DISCOURSE_HOSTNAME: censored.com
DISCOURSE_DEVELOPER_EMAILS: 'censored@gmail.com'
DISCOURSE_SMTP_ADDRESS: smtp.sendgrid.net
DISCOURSE_SMTP_PORT: 465
DISCOURSE_SMTP_USER_NAME: apikey
DISCOURSE_SMTP_PASSWORD: "censored"
DISCOURSE_SMTP_ENABLE_START_TLS: true
LETSENCRYPT_ACCOUNT_EMAIL: censored@gmail.com
volumes:
- volume:
host: /var/discourse/shared/standalone
guest: /shared
- volume:
host: /var/discourse/shared/standalone/log/var-log
guest: /var/log
hooks:
after_code:
- exec:
cd: $home/plugins
cmd:
- git clone https://github.com/discourse/docker_manager.git
after_web_config:
- replace:
filename: /etc/nginx/nginx.conf
from: /sendfile.+on;/
to: |
server_names_hash_bucket_size 64;
sendfile on;
- file:
path: /etc/nginx/conf.d/discourse_redirect_1.conf
contents: |
server {
listen 80 default_server;
server_name _;
return 301 $scheme://censored.com$request_uri;
}
- file:
path: /etc/nginx/conf.d/discourse_redirect_2.conf
contents: |
server {
listen 443 ssl default_server;
server_name _;
return 301 $scheme://censored.com$request_uri;
}
run:
- exec: echo "Beginning of custom commands"
- exec: echo "End of custom commands"