Discourse is a discussion forum that runs in a docker container. It's default installation uses a setup script which takes care of all the important settings such as capturing SMTP configuration, used to reach out to your users using transactional e-mails and even generates a certificate for you using Let's Encrypt. The values entered during the setup are saved in containers/app.yml.
To install discourse on your existing Apache server that's already serving a few sites, we'll need to apply changes to the default settings in app.yml
Clone the Discourse repository
git clone https://github.com/discourse/discourse_docker.git /var/discourse
cd /var/discourse
Copy a sample template, fill in the SMTP settings and comment out some of the templates
cp samples/standalone.yml containers/app.yml
Edit the templates section, adding "templates/web.socketed.template.yml" and commenting "templates/web.ssl.template.yml" and "templates/web.letsencrypt.ssl.template.yml"
The SSL template is no longer needed since we'll be using a socket instead. Same for letsencrypt because we'll be managing certificate generation outside Discourse
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
- "templates/web.ratelimited.template.yml"
- "templates/web.socketed.template.yml" #add
# - "templates/web.ssl.template.yml" #comment
# - "templates/web.letsencrypt.ssl.template.yml" #comment
Comment out the exposed ports section. We no longer need to expose ports since we'll be using socket connections.
## which TCP/IP ports should this container expose?
#expose:
# - "80:80" # http
# - "443:443" # https
Fill in the DISCOURSE_HOSTNAME and DISCOURSE_DEVELOPER_EMAILS parameters. You will need a dedicated domain or subdomain to run Discourse
## TODO: The domain name this Discourse instance will respond to
## Required. Discourse will not work with a bare IP number.
DISCOURSE_HOSTNAME: forum.example.com
## TODO: List of comma delimited emails that will be made admin and developer
## on initial signup example 'user1@example.com,user2@example.com'
DISCOURSE_DEVELOPER_EMAILS: 'contact@example.com'
Fill in the SMTP settings. You can sign up for a free transactional e-mail account at https://postmarkapp.com/ app or https://www.mailgun.com/
DISCOURSE_SMTP_ADDRESS: #
DISCOURSE_SMTP_PORT: #
DISCOURSE_SMTP_USER_NAME: #
DISCOURSE_SMTP_PASSWORD: #
DISCOURSE_SMTP_ENABLE_START_TLS:#
Enable the proxy module for Apache which implements implement a proxy for Apache HTTP Server
sudo a2enmod proxy
sudo a2enmod proxy_balancer
sudo a2enmod proxy_http
Create the VirtualHost configuration for port 80 which will redirect to port 443. Port 443 will be serving Discourse through the websocket
Create a site configuration for port 80. In this case it will redirect everything to port 443.
vi /etc/apache2/sites-available/005-forum.example.com.conf
Paste the VirtualHost configuration for port 80
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName forum.example.com
RewriteEngine On
ProxyPreserveHost On
ProxyRequests Off
ErrorLog /var/log/apache2/forum.example.com.error.log
LogLevel warn
CustomLog /var/log/apache2/forum.example.com.access.log combined
RewriteCond %{SERVER_NAME} =forum.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Create a site configuration for port 443
vi /etc/apache2/sites-available/005-forum.example.com-ssl.conf
Paste the VirtualHost configuration for port 443
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName forum.example.com
SSLProxyEngine on
RewriteEngine On
ProxyPreserveHost On
ProxyRequests Off
RequestHeader set X-Forwarded-Proto expr=%{REQUEST_SCHEME}
RequestHeader set X-Real-IP expr=%{REMOTE_ADDR}
ProxyPass / unix:/var/discourse/shared/standalone/nginx.http.sock|http://forum.example.com/
ProxyPassReverse / unix:/var/discourse/shared/standalone/nginx.http.sock|http://forum.example.com/
ErrorLog /var/log/apache2/forum.example.com-ssl.error.log
LogLevel warn
CustomLog /var/log/apache2/forum.example.com.access.log combined
</VirtualHost>
Enable the non-ssl website
a2ensite 005-forum.example.com
service apache2 reload
Run certbot and create certificates for your SSL website. Certbot will append settings for SSLCertificateFile and SSLCertificateKeyFile to /etc/apache2/sites-available/005-forum.example.com-ssl.conf
# certbot
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: forum.example.com
Enable the SSL website
a2ensite 005-forum.example-ssl.com
service apache2 reload
Run the installer
/var/discourse/launcher rebuild app