Twitter Login Redirect Is Incorrect And Uses Port


(charles) #1

I followed the steps here to use Twitter login but when test user try Twitter it shows error with URL pointing to https://www.example.com:26789

edit:
Discourse is working fine. It’s viewable and functioning at https://www.example.com

Twitter can authenticate

Connection failed only during the last step when redirecting back and the window shows https://www.example.com:26789/auth/twitter/callback?oauth_token=(removed long string)

How can I remove the port 26789 from the Twitter redirect?


(Jay Pfaffman) #2

Are you using a standard install, or do you have something more fancy, perhaps running two sites on your server?


(charles) #3

The server is only running Discourse and nginx. The only place I see the port is in app.yml but from what I followed that is the correct way, no?


(Jay Pfaffman) #4

Are you saying that port 26789 is mentioned in your app.yml? Does your expose section look something like this?

## which TCP/IP ports should this container expose?
expose:
  - "80:80"   # fwd host port 80   to container port 80 (http)
  - "443:443" # ssl, baby

(Rafael dos Santos Silva) #5

The nginx you say is the one inside docker?


(charles) #6

@pfaffman the expose is “26789:80”

@Falco i’m not sure if it’s inside docker. i installed nginx using sudo apt-get install nginx

note: Twitter can authenticate but connection failed only during the last step when redirecting back and the window shows https://www.example.com:26789/auth/twitter/callback?oauth_token=(removed long string) so guessing somehow during the Discourse setup the port didn’t change?


(Jay Pfaffman) #7

So you did not do this: discourse/INSTALL-cloud.md at master · discourse/discourse · GitHub


(Anthony) #8

Follow this guide for nginx discourse instead of the one you followed: Running other websites on the same machine as Discourse

Just when you’re doing the proxy pass for the https config, use

proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock:;

Instead of the one listed.


(charles) #9

@pfaffman I followed the instructions from Digital Ocean since it also includes nginx and will be the service I will end up using

@techno everything is running fine except signup using Twitter

edit: adding more details to first post to make it clearer


(Anthony) #10

I had the exact same issue using steam, you see how you’re doing 26789 :80, the method I linked, uses the discourse functionality and uses sockets. It removes the :26789 from the end of the URL and it work’s fine again :smiley:

My app.yml:

Example YML

Very basic nginx config “/etc/nginx/conf.d/discourse.conf”:

server {
  listen 443 ssl; listen [::]:443 ssl;

  server_name discourse.example.com;

  ssl on;
  ssl_certificate /etc/letsencrypt/live/discourse.example.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/discourse.example.com/privkey.pem;
  ssl_dhparam /var/discourse/shared/standalone/ssl/dhparams.pem;
  ssl_session_tickets off;
  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;

  location / {
    proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock:;
    proxy_set_header Host $http_host;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

server {
  listen 80; listen [::]:80;
  server_name discourse.example.com;
  return 301 https://discourse.example.com$request_uri;
}

(Rafael dos Santos Silva) #11

Yeah, without using the guide a lot of small things will be broken.


(charles) #12

@Techno @Falco I originally was following that link but at the bottom of the post it says this so I didn’t proceed and used the Digital Ocean tutorial instead


(Anthony) #13

I used that originally, the guide is so outdated and misses so many steps. It’s an alternative method, but it’s done poorly for what you’re trying to achieve.

I’d recommend that the current guide for nginx-discourse be updated with all of the reported changes taken into account :smiley:


(charles) #14

If that is the case, I sure hope @riking will remove that link until a better one can be referenced.


(Rafael dos Santos Silva) #15

Do you have any reason to run nginx? You miss some things, like easy SSL / http2, etc…

This is an option for people who are cool using an advanced setup.


(Anthony) #16

What I stuck in there was an extremely basic config, if you know what you’re doing make it fancy :smiley:

NginxMasterRace


(Kane York) #17

The post is a community wiki, I didn’t add that link :slight_smile:

Click the top-right edit pencil to see the revision history.


(Anthony) #18

@riking Fancy updating the https nginx config displayed on the page to use

proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock:;

instead of the current? The above seems to be the only way to actually get it to work ;D


(Kane York) #19

You’re able to edit the post, too :slight_smile:


(Anthony) #20

Dank