• Fresh Ubuntu Server installation
• Root or sudo access
• Existing Discourse backup file (.tar.gz)
• Domain name pointed to server IP

sudo -s
apt-get install git

git clone https://github.com/discourse/discourse_docker.git /var/discourse
cd /var/discourse
chmod 700 containers

Before running discourse-setup, edit ~/var/discourse/containers/app.yml:

templates:
  - "templates/postgres.template.yml"
  - "templates/redis.template.yml"
  - "templates/web.template.yml"
  - "templates/web.ratelimited.template.yml"
  ## SSL templates - COMMENTED OUT for reverse proxy setup
  # - "templates/web.ssl.template.yml"
  # - "templates/web.letsencrypt.ssl.template.yml"

expose:
  - "8080:80"   # expose container port 80 on host port 8080
  # - "443:443" # https - commented out

Rationale: Reverse proxy (nginx) will handle TLS termination and forward HTTP traffic to port 8080. Configuring this before setup avoids needing to rebuild the container later.

./discourse-setup --skip-connection-test

Note: This process takes time. Good opportunity for a coffee break.

Configuration Parameters:

Provide these values during setup:

• Hostname: example.com
• Developer Email: admin@example.com
• SMTP Server: Your SMTP server address
• SMTP Port: Typically 587 for TLS
• SMTP Username: Your SMTP username
• SMTP Password: Your SMTP password
• Notification Email: Email address for outgoing notifications
• Let's Encrypt Email: OFF (critical - disables Let's Encrypt since TLS will be handled by reverse proxy)

From your local machine (or source location), copy the backup file:

scp -P <ssh-port> backup-file.tar.gz user@example.com:/var/discourse/shared/standalone/backups/default/

Notes:

• Replace <ssh-port> with your SSH port (default is 22, use -P 22 or omit if default)
• Replace backup-file.tar.gz with your actual backup filename
• Adjust username and hostname as needed for your setup

1. Access Discourse at http://example.com (or server IP if DNS not yet configured)
2. Navigate to Admin → Backups
3. Locate the uploaded backup file in the list
4. Click Restore on the backup file
5. Confirm the restoration

Note: The restoration process will restart Discourse and may take several minutes depending on backup size.

#This nginx setup in this guide is but one valid configuration.

apt-get install nginx

Note: This configuration represents one working approach for proxying Discourse through nginx. Alternative configurations may work equally well depending on your specific requirements, existing infrastructure, or preferred nginx patterns.

Create /etc/nginx/sites-available/example.com:

server {
    listen 80;
    server_name example.com;
 
    location / {
        proxy_pass http://localhost:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host $host;
 
        # Required for Discourse
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
 
        # Timeouts
        proxy_connect_timeout 60s;
        proxy_send_timeout 60s;
        proxy_read_timeout 60s;
 
        # Buffer settings
        proxy_buffering off;
        proxy_redirect off;
    }
 
    client_max_body_size 10m;
}

Key Discourse Requirements:

• X-Forwarded-For and X-Forwarded-Host headers
• WebSocket support (proxy_http_version 1.1, Upgrade, Connection headers)
• Buffering disabled (proxy_buffering off)
• File upload size limit (client_max_body_size 10m)

# Remove default site (prevents conflicts)
rm /etc/nginx/sites-enabled/default
 
# Create symlink to enable site
ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
 
# Test configuration
nginx -t
 
# Reload nginx
systemctl reload nginx

snap install --classic certbot

certbot

Certbot will run interactively and:

• Detect the nginx configuration for your domain
• Prompt for domain selection
• Automatically generate Let's Encrypt certificates
• Modify nginx configuration to enable HTTPS
• Configure automatic certificate renewal

systemctl reload nginx

Your Discourse instance should now be accessible at https://example.com

• Be extremely careful with whitespace and alignment when editing app.yml
• Validate syntax at http://www.yamllint.com/ if needed

• The 8080:80 port mapping for reverse proxy setups is not well-documented in official Discourse guides
• Entering OFF for Let's Encrypt email is not clearly documented
• Commenting out SSL templates is required but not obvious for reverse proxy scenarios
• Discourse's Docker setup is optimized for their standard configuration, making reverse proxy setups unnecessarily opaque

• Use strong, unique passwords for SMTP and admin accounts
• Secure transfer of backup files containing sensitive data
• Review and update SMTP credentials appropriately for your environment
• Consider firewall rules to restrict access to port 8080

• Verify default site removed: ls /etc/nginx/sites-enabled/
• Confirm symlink exists: ls -la /etc/nginx/sites-enabled/example.com
• Test config: nginx -t
• Reload: systemctl reload nginx

• Run nginx test with sudo: sudo nginx -t
• Check for other configs referencing non-existent certificates
• Ensure only HTTP (port 80) configuration exists before running certbot

• Verify file copied to correct path: /var/discourse/shared/standalone/backups/default/
• Check file permissions: ls -la /var/discourse/shared/standalone/backups/default/
• Ensure filename ends in .tar.gz

==== SCP Syntax Issues ====https://wiki.scorpi.us/doku.php?id=discourse&do=

• Port flag is capital -P not lowercase -p
• Syntax: scp -P <port> <source> <user>@<host>:<destination>
• Example: scp -P 22 backup.tar.gz user@host:/path/