Discourse is a discussion forum that runs in a docker container. It's default installation uses a setup script which takes care of all the important settings such as capturing SMTP configuration, used to reach out to your users using transactional e-mails and even generates a certificate for you using Let's Encrypt. The values entered during the setup are saved in containers/app.yml.

To install discourse on your existing Apache server that's already serving a few sites, we'll need to apply changes to the default settings in app.yml

Clone the Discourse repository

git clone https://github.com/discourse/discourse_docker.git /var/discourse
cd /var/discourse

Copy a sample template, fill in the SMTP settings and comment out some of the templates

cp samples/standalone.yml containers/app.yml

 

Edit the templates section, adding "templates/web.socketed.template.yml" and commenting "templates/web.ssl.template.yml" and "templates/web.letsencrypt.ssl.template.yml"
The SSL template is no longer needed since we'll be using a socket instead. Same for letsencrypt because we'll be managing certificate generation outside Discourse
 

templates:
  - "templates/postgres.template.yml"
  - "templates/redis.template.yml"
  - "templates/web.template.yml"
  - "templates/web.ratelimited.template.yml"
  - "templates/web.socketed.template.yml"                #add
#  - "templates/web.ssl.template.yml"                    #comment
#  - "templates/web.letsencrypt.ssl.template.yml"        #comment

Comment out the exposed ports section. We no longer need to expose ports since we'll be using socket connections.

## which TCP/IP ports should this container expose?
#expose:
#  - "80:80"   # http
#  - "443:443" # https

 

Fill in the DISCOURSE_HOSTNAME and DISCOURSE_DEVELOPER_EMAILS parameters. You will need a dedicated domain or subdomain to run Discourse

  ## TODO: The domain name this Discourse instance will respond to
  ## Required. Discourse will not work with a bare IP number.
  DISCOURSE_HOSTNAME: forum.example.com

  ## TODO: List of comma delimited emails that will be made admin and developer
  ## on initial signup example 'user1@example.com,user2@example.com'
  DISCOURSE_DEVELOPER_EMAILS: 'contact@example.com'

 

Fill in the SMTP settings. You can sign up for a free transactional e-mail account at https://postmarkapp.com/ app or https://www.mailgun.com/

  DISCOURSE_SMTP_ADDRESS: #
  DISCOURSE_SMTP_PORT: # 
  DISCOURSE_SMTP_USER_NAME: # 
  DISCOURSE_SMTP_PASSWORD: #
  DISCOURSE_SMTP_ENABLE_START_TLS:#

Enable the proxy module for Apache  which implements implement a proxy for Apache HTTP Server

sudo a2enmod proxy
sudo a2enmod proxy_balancer
sudo a2enmod proxy_http

 

Create the VirtualHost configuration for port 80 which will redirect to port 443. Port 443 will be serving Discourse through the websocket

Create a site configuration for port 80. In this case it will redirect everything  to port 443.

vi /etc/apache2/sites-available/005-forum.example.com.conf

 

Paste the VirtualHost configuration for port 80

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName  forum.example.com


    RewriteEngine On
    ProxyPreserveHost On
    ProxyRequests Off
    ErrorLog /var/log/apache2/forum.example.com.error.log
    LogLevel warn
    CustomLog /var/log/apache2/forum.example.com.access.log combined

    RewriteCond %{SERVER_NAME} =forum.example.com
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

 

Create a site configuration for port 443

vi /etc/apache2/sites-available/005-forum.example.com-ssl.conf

 

Paste the VirtualHost configuration for port 443

<VirtualHost *:443>
  ServerAdmin webmaster@localhost
  ServerName  forum.example.com
  
  SSLProxyEngine on
  RewriteEngine On
  ProxyPreserveHost On
  ProxyRequests Off
  RequestHeader set X-Forwarded-Proto expr=%{REQUEST_SCHEME}
  RequestHeader set X-Real-IP expr=%{REMOTE_ADDR}
  
  ProxyPass / unix:/var/discourse/shared/standalone/nginx.http.sock|http://forum.example.com/
  ProxyPassReverse  / unix:/var/discourse/shared/standalone/nginx.http.sock|http://forum.example.com/
  ErrorLog /var/log/apache2/forum.example.com-ssl.error.log
  LogLevel warn
  CustomLog /var/log/apache2/forum.example.com.access.log combined
</VirtualHost>

 

Enable the non-ssl website

a2ensite 005-forum.example.com
service apache2 reload

 

Run certbot and create certificates for your SSL website. Certbot will append settings for SSLCertificateFile and SSLCertificateKeyFile to /etc/apache2/sites-available/005-forum.example.com-ssl.conf

# certbot      

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: forum.example.com

 

Enable the SSL website

a2ensite 005-forum.example-ssl.com
service apache2 reload

 

Run the installer

/var/discourse/launcher rebuild app

 

Submitted by Mitch on