Make sure to:
- Comment out all ssl templates in the
templates
(inapp.yml
) . If you are using letsencrypt you will have two:
# - "templates/web.ssl.template.yml"
# - "templates/web.letsencrypt.ssl.template.yml"
- Add a socket template:
- "templates/web.socketed.template.yml"
- Comment out all exposed ports:
# - "80:80" # http
# - "443:443" # https
(or you may expose other ports like 8080:80
and 8443:443
and instead of using a socket in the next step you can redirect to an upstream that points to localhost:80
and/or localhost:443
)
- You have:
proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock;
I think you need to add : at the end of the socket:
proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock:;
- You need to have the ssl certificate files at
/var/discourse/shared/standalone/ssl/
. Do you have them? I’m assuming you already own the domaina1rp.xyz
and read about how to generate ssl certificates in the letsencrypt site. Also keep in mind that discourse handles the renewal of certificates for you in the default install, but in you case you would have to handle it (with a cronjob, for example), otherwise your certificates will expire after 3 months.
See: