Question
SSL on Droplet with Wordpress and subdomain with Discourse
I’ve set up the one-click Droplet with Discourse in a subdomain and Wordpress as the default. Attempting to add SSL and I can only get WordPress to run under https. The SSL certificate is a wildcard cert from Namecheap (COMODO).
Before going any further I think I need to get the correct port for SSL on the subdomain.
With the server blocks shown below, https://forum.mydomain.com actually shows https://mydomain.com.
Nginx and Docker/Discourse are new to me, so I could use some help in figuring this out - Thank you!
default:
server {
listen 80 default_server;
#listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name *.mydomain.com;
ssl_certificate /etc/nginx/ssl/*.mydomain.com.chained.crt;
ssl_certificate_key /etc/nginx/ssl/*.mydomain.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
root /var/www/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
forum:
upstream forum {
server 127.0.0.1:8080 fail_timeout=0;
}
server {
listen 80;
server_name forum.mydomain.com;
root /usr/share/nginx/html;
index index.html index.htm;
client_max_body_size 10G;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://forum;
}
}
app.yaml:
...
expose:
- "8080:80" # fwd host port 80 to container port 80 (http)
- "2222:22" # fwd host port 2222 to container port 22 (ssh)
- "443:443" # (ssl)
...
By the way, would using two “Let’s Encrypt” certificates work instead of a wildcard certificate (since Let’s Encrypt doesn’t offer wildcards)?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×