Ok, made some more progress. Been following THIS guide mostly, although I’ve followed THIS guide’s advice of not including the ssl_certificate nor the ssl_certificate_key in the Nginx CONF file, as nginx -t was reporting errors.
nginx -t
on the Nginx Server nor Discourse Rebuild are reporting errors right now, however localhost will not bring up the “Congratulations” message, but https://boards.myreserveddns.com:2045/ will bring up a “Secure Connection Failed” in the VM’s local browser (SSL received a record that exceeded the maximum permission length
) and I get a “Connection Timeout” outside of the VM’s local browser.
All I’ve done on my router is Port Forwarded the following:
Port |
IP Address |
Explanation |
80 |
192.168.0.101 |
Nginx VM (HTTP) |
443 |
192.168.0.101 |
Nginx VM (HTTPS) |
2045 |
192.168.0.104 |
Discourse VM (Port exposed in place of 80) |
And I have the following DNS Settings (and let’s say my Local IP is 1.2.3.4
):
Right now I am assuming I should also set the Discourse DNS to 1.2.3.4 … but I don’t want to touch anything on the DNS right now until I receive recommendation based on the rest of my setup below.
Here is the /etc/nginx/sites-available/discourse.conf
file in the Nginx VM:
server {
listen 192.168.0.101:80; listen [::]:80;
server_name boards.myreserveddns.com;
return 301 https://$host$request_uri;
}
server {
# The IP that you forwarded in your router (nginx proxy)
listen 192.168.0.101:443 ssl http2;
# SSL config
# ssl on;
# ssl_certificate /etc/nginx/ssl/0000_csr-certbot.pem;
# ssl_certificate_key /etc/nginx/ssl/0000_key-certbot.pem;
include /etc/nginx/snippets/ssl.conf;
# Make site accessible from http://localhost/
server_name boards.myreserveddns.com;
# The internal IP of the VM that hosts your Apache config
set $upstream 192.168.0.104:2045/;
location / {
proxy_pass http://$upstream;
proxy_set_header Host $host;
proxy_set_header X-Forward-Proto $scheme; #X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_redirect http://$upstream https://boards.myreserveddns.com/;
}
}
And here is the /var/discourse/container/app.yml
file in the Discourse VM:
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
## which TCP/IP ports should this container expose?
## If you want Discourse to share a port with another webserver like Apache/nginx,
## see https://meta.discourse.org/t/17247 for details
expose:
- "2045:80" # http
params:
db_default_text_search_config: "pg_catalog.english"
## Set db_shared_buffers to a max of 25% of the total memory.
## will be set automatically by bootstrap based on detected RAM, or you can override
db_shared_buffers: "768MB"
## can improve sorting performance, but adds memory usage per-connection
#db_work_mem: "40MB"
## Which Git revision should this container use? (default: tests-passed)
#version: tests-passed
env:
LANG: en_US.UTF-8
# DISCOURSE_DEFAULT_LOCALE: en
## How many concurrent web requests are supported? Depends on memory and CPU cores.
## will be set automatically by bootstrap based on detected CPUs, or you can override
UNICORN_WORKERS: 4
## TODO: The domain name this Discourse instance will respond to
## Required. Discourse will not work with a bare IP number.
DISCOURSE_HOSTNAME: board.myreserveddns.com
## Uncomment if you want the container to be started with the same
## hostname (-h option) as specified above (default "$hostname-$config")
#DOCKER_USE_HOSTNAME: true
## TODO: List of comma delimited emails that will be made admin and developer
## on initial signup example 'user1@example.com,user2@example.com'
DISCOURSE_DEVELOPER_EMAILS: 'admin@myreserveddns.com,postmaster@myreserveddns.com'
## TODO: The SMTP mail server used to validate new accounts and send notifications
# SMTP ADDRESS, username, and password are required
# WARNING the char '#' in SMTP password can cause problems!
DISCOURSE_SMTP_ADDRESS: smtp.sparkpostmail.com
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: SMTP_Injection
DISCOURSE_SMTP_PASSWORD: "<SMTP_Password>"
#DISCOURSE_SMTP_ENABLE_START_TLS: true # (optional, default true)
## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
#LETSENCRYPT_ACCOUNT_EMAIL: admin@myreserveddns.com
## The http or https CDN address for this Discourse instance (configured to pull)
## see https://meta.discourse.org/t/14857 for details
#DISCOURSE_CDN_URL: https://discourse-cdn.example.com
## The Docker container is stateless; all data is stored in /shared
volumes:
- volume:
host: /var/discourse/shared/standalone
guest: /shared
- volume:
host: /var/discourse/shared/standalone/log/var-log
guest: /var/log
## Plugins go here
## see https://meta.discourse.org/t/19157 for details
hooks:
after_code:
- exec:
cd: $home/plugins
cmd:
- git clone https://github.com/discourse/docker_manager.git
- git clone https://github.com/discourse/discourse-chat-integration.git
## Any custom commands to run after building
run:
- exec: echo "Beginning of custom commands"
## If you want to set the 'From' email address for your first registration, uncomment and change:
## After getting the first signup email, re-comment the line. It only needs to run once.
# - exec: rails r "SiteSetting.notification_email='info@unconfigured.discourse.org'"
# - exec: rails r "SiteSetting.notification_email='postmaster.myreserveddns.com'"
- exec: echo "End of custom commands"
One thing I did notice was that I have been unable to Bootstrap the app.yml file (./launcher bootstrap app
). What could be the problem here?
FAILED
--------------------
Pups::ExecError: socat /dev/null UNIX-CONNECT:/shared/postgres_run/.s.PGSQL.5432 || exit 0 && echo postgres already running stop container ; exit 1 failed with return #<Process::Status: pid 44 exit 1>
Location of failure: /pups/lib/pups/exec_command.rb:112:in `spawn'
exec failed with the params "socat /dev/null UNIX-CONNECT:/shared/postgres_run/.s.PGSQL.5432 || exit 0 && echo postgres already running stop container ; exit 1"
<SMTP_Password>
** FAILED TO BOOTSTRAP ** please scroll up and look for earlier error messages, there may be more than one
<SMTP_Password>
is not literal, just keeping out of the post.
Keep in mind that ./launcher rebuild app
reports no errors … so I’m stumped with the Bootstrap error.
EDIT: Ah, just read this topic. Looks like there is no need to Bootstrap if I can rebuild the project without errors. I suppose the main issue is related to the “Secure Connection Failed”, which I suspect is an issue with the Key/Cert and/or the Address Reservation settings on my Router.