I’ve followed the instructions at https://github.com/discourse/discourse/blob/master/docs/INSTALL-cloud.md to the letter, have everything set up on Digital Ocean, everything seems to be running fine, however actually accessing my installation doesn’t seem to work, my browser is indicating the connection was refused.
When I stop the application and run e.g. python3 -m http.server 80
, I can access the service just fine, so I don’t think it’s a firewall issue. I also changed app.yml
to expose to port 8080, and I got an nginx ‘welcome’ page. Changing app.yml
back and doing a rebuild (which takes forever) brings back the “This site can’t be reached” error.
I’m not sure what’s going on. Could anyone help me? Here’s the output of some commands / stuff I’ve looked into:
root@discourse:/var/discourse# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
84cdf139a051 local_discourse/app "/sbin/boot" 4 minutes ago Up 4 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp app
root@discourse:/var/discourse# lsof -i
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1482 root 3u IPv4 15819 0t0 TCP *:ssh (LISTEN)
sshd 1482 root 4u IPv6 15821 0t0 TCP *:ssh (LISTEN)
sshd 1661 root 3u IPv4 16921 0t0 TCP discourse.[MY DOMAIN HERE]:ssh->[MY LOCAL COMPUTER] (ESTABLISHED)
docker-pr 26327 root 4u IPv6 126119 0t0 TCP *:https (LISTEN)
docker-pr 26351 root 4u IPv6 126154 0t0 TCP *:http (LISTEN)
root@discourse:/var/discourse# netstat -ntlp | grep LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1482/sshd
tcp6 0 0 :::443 :::* LISTEN 26327/docker-proxy
tcp6 0 0 :::80 :::* LISTEN 26351/docker-proxy
tcp6 0 0 :::22 :::* LISTEN 1482/sshd
root@discourse:/var/discourse# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N DOCKER
-N DOCKER-ISOLATION
-A FORWARD -j DOCKER-ISOLATION
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 443 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A DOCKER-ISOLATION -j RETURN