chore: update app.yml and traefik.yml configuration

app.yml

@@ -0,0 +1,127 @@
+## this is the all-in-one, standalone Discourse Docker container template
+##
+## After making changes to this file, you MUST rebuild
+## /var/discourse/launcher rebuild app
+##
+## BE *VERY* CAREFUL WHEN EDITING!
+## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
+## visit http://www.yamllint.com/ to validate this file as needed
+
+templates:
+  - "templates/postgres.template.yml"
+  - "templates/redis.template.yml"
+  - "templates/web.template.yml"
+  - "templates/web.ratelimited.template.yml"
+  ## Uncomment these two lines if you wish to add Lets Encrypt (https)
+  # - "templates/web.ssl.template.yml"
+  # - "templates/web.letsencrypt.ssl.template.yml"
+
+## which TCP/IP ports should this container expose?
+## If you want Discourse to share a port with another webserver like Apache or nginx,
+## see https://meta.discourse.org/t/17247 for details
+expose:
+  - "8080:80"   # http
+  # - "443:443" # https
+
+docker_args:
+  - "--network=traefik"
+  - "--label=traefik.enable=true"
+  - "--label=traefik.http.routers.discourse.rule=Host(`forum.mtd.runfoo.run`)"
+  - "--label=traefik.http.routers.discourse.entrypoints=websecure"
+  - "--label=traefik.http.routers.discourse.tls.certresolver=letsencrypt"
+  - "--label=traefik.http.services.discourse.loadbalancer.server.port=80"
+
+params:
+  db_default_text_search_config: "pg_catalog.english"
+
+  ## Set db_shared_buffers to a max of 25% of the total memory.
+  ## will be set automatically by bootstrap based on detected RAM, or you can override
+  db_shared_buffers: "3072MB"
+
+  ## can improve sorting performance, but adds memory usage per-connection
+  #db_work_mem: "40MB"
+
+  ## Which Git revision should this container use? (default: latest)
+  #version: latest
+
+env:
+  LC_ALL: en_US.UTF-8
+  LANG: en_US.UTF-8
+  LANGUAGE: en_US.UTF-8
+  # DISCOURSE_DEFAULT_LOCALE: en
+
+  ## How many concurrent web requests are supported? Depends on memory and CPU cores.
+  ## will be set automatically by bootstrap based on detected CPUs, or you can override
+  UNICORN_WORKERS: 6
+
+  ## TODO: The domain name this Discourse instance will respond to
+  ## Required. Discourse will not work with a bare IP number.
+  DISCOURSE_HOSTNAME: forum.mtd.runfoo.run
+
+  ## Uncomment if you want the container to be started with the same
+  ## hostname (-h option) as specified above (default "$hostname-$config")
+  #DOCKER_USE_HOSTNAME: true
+
+  ## TODO: List of comma delimited emails that will be made admin and developer
+  ## on initial signup example 'user1@example.com,user2@example.com'
+  DISCOURSE_DEVELOPER_EMAILS: 'tenwest@pm.me'
+
+  ## TODO: Configure the mail server
+  ##       (used for validation of new accounts, notifications, digests, etc.)
+  ## required: hostname of the SMTP mail server used to send mail
+  DISCOURSE_SMTP_ADDRESS: 216.158.230.94
+  ## uncomment to set the port to something other than the default (25)
+  DISCOURSE_SMTP_PORT: 25
+  ## USER_NAME / PASSWORD required if the SMTP provider needs authentication
+  ## WARNING: a '#' in the SMTP password can be misinterpreted; ensure it's inside string quotes, e.g.:
+  ##   DISCOURSE_SMTP_PASSWORD: "#pass#ord"
+# DISCOURSE_SMTP_USER_NAME: user@example.com
+# DISCOURSE_SMTP_PASSWORD: ""
+  ## uncomment to enable implicit TLS at connection time, probably needed for using port 465
+  #DISCOURSE_SMTP_FORCE_TLS: true
+  ## uncomment to set the HELO/EHLO domain, only set if required by provider
+  DISCOURSE_SMTP_DOMAIN: mtd.runfoo.run
+  ## the address from which notifications are sent
+  DISCOURSE_NOTIFICATION_EMAIL: noreply@mtd.runfoo.run
+  ## uncomment to change server certificate verification
+  DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none # peer|none
+  ## uncomment to override the authentication method
+  #DISCOURSE_SMTP_AUTHENTICATION: plain # plain|login|cram_md5
+
+  ## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
+  LETSENCRYPT_ACCOUNT_EMAIL: me@example.com
+
+  ## The http or https CDN address for this Discourse instance (configured to pull)
+  ## see https://meta.discourse.org/t/14857 for details
+  #DISCOURSE_CDN_URL: https://discourse-cdn.example.com
+
+  ## The maxmind geolocation IP account ID and license key for IP address lookups
+  ## see https://meta.discourse.org/t/-/173941 for details
+  #DISCOURSE_MAXMIND_ACCOUNT_ID: 123456
+  #DISCOURSE_MAXMIND_LICENSE_KEY: 1234567890123456
+
+## The Docker container is stateless; all data is stored in /shared
+volumes:
+  - volume:
+      host: /var/discourse/shared/standalone
+      guest: /shared
+  - volume:
+      host: /var/discourse/shared/standalone/log/var-log
+      guest: /var/log
+
+## Plugins go here
+## see https://meta.discourse.org/t/19157 for details
+hooks:
+  after_code:
+    - exec:
+        cd: $home/plugins
+        cmd:
+          - git clone https://github.com/discourse/docker_manager.git
+
+## Any custom commands to run after building
+run:
+  - exec: echo "Beginning of custom commands"
+  ## If you want to set the 'From' email address for your first registration, uncomment and change:
+  ## After getting the first signup email, re-comment the line. It only needs to run once.
+  #- exec: rails r "SiteSetting.notification_email='info@unconfigured.discourse.org'"
+  - exec: echo "End of custom commands"

app.yml.fixed

@@ -0,0 +1,127 @@
+## this is the all-in-one, standalone Discourse Docker container template
+##
+## After making changes to this file, you MUST rebuild
+## /var/discourse/launcher rebuild app
+##
+## BE *VERY* CAREFUL WHEN EDITING!
+## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
+## visit http://www.yamllint.com/ to validate this file as needed
+
+templates:
+  - "templates/postgres.template.yml"
+  - "templates/redis.template.yml"
+  - "templates/web.template.yml"
+  - "templates/web.ratelimited.template.yml"
+  ## Uncomment these two lines if you wish to add Lets Encrypt (https)
+  # - "templates/web.ssl.template.yml"
+  # - "templates/web.letsencrypt.ssl.template.yml"
+
+## which TCP/IP ports should this container expose?
+## If you want Discourse to share a port with another webserver like Apache or nginx,
+## see https://meta.discourse.org/t/17247 for details
+expose:
+  - "8080:80"   # http
+  # - "443:443" # https
+
+docker_args:
+  - "--network=traefik"
+  - "--label=traefik.enable=true"
+  - "--label=traefik.http.routers.discourse.rule=Host(`forum.mtd.runfoo.run`)"
+  - "--label=traefik.http.routers.discourse.entrypoints=websecure"
+  - "--label=traefik.http.routers.discourse.tls.certresolver=letsencrypt"
+  - "--label=traefik.http.services.discourse.loadbalancer.server.port=80"
+
+params:
+  db_default_text_search_config: "pg_catalog.english"
+
+  ## Set db_shared_buffers to a max of 25% of the total memory.
+  ## will be set automatically by bootstrap based on detected RAM, or you can override
+  db_shared_buffers: "3072MB"
+
+  ## can improve sorting performance, but adds memory usage per-connection
+  #db_work_mem: "40MB"
+
+  ## Which Git revision should this container use? (default: latest)
+  #version: latest
+
+env:
+  LC_ALL: en_US.UTF-8
+  LANG: en_US.UTF-8
+  LANGUAGE: en_US.UTF-8
+  # DISCOURSE_DEFAULT_LOCALE: en
+
+  ## How many concurrent web requests are supported? Depends on memory and CPU cores.
+  ## will be set automatically by bootstrap based on detected CPUs, or you can override
+  UNICORN_WORKERS: 6
+
+  ## TODO: The domain name this Discourse instance will respond to
+  ## Required. Discourse will not work with a bare IP number.
+  DISCOURSE_HOSTNAME: forum.mtd.runfoo.run
+
+  ## Uncomment if you want the container to be started with the same
+  ## hostname (-h option) as specified above (default "$hostname-$config")
+  #DOCKER_USE_HOSTNAME: true
+
+  ## TODO: List of comma delimited emails that will be made admin and developer
+  ## on initial signup example 'user1@example.com,user2@example.com'
+  DISCOURSE_DEVELOPER_EMAILS: 'tenwest@pm.me'
+
+  ## TODO: Configure the mail server
+  ##       (used for validation of new accounts, notifications, digests, etc.)
+  ## required: hostname of the SMTP mail server used to send mail
+  DISCOURSE_SMTP_ADDRESS: 216.158.230.94
+  ## uncomment to set the port to something other than the default (25)
+  DISCOURSE_SMTP_PORT: 25
+  ## USER_NAME / PASSWORD required if the SMTP provider needs authentication
+  ## WARNING: a '#' in the SMTP password can be misinterpreted; ensure it's inside string quotes, e.g.:
+  ##   DISCOURSE_SMTP_PASSWORD: "#pass#ord"
+# DISCOURSE_SMTP_USER_NAME: user@example.com
+# DISCOURSE_SMTP_PASSWORD: ""
+  ## uncomment to enable implicit TLS at connection time, probably needed for using port 465
+  #DISCOURSE_SMTP_FORCE_TLS: true
+  ## uncomment to set the HELO/EHLO domain, only set if required by provider
+  DISCOURSE_SMTP_DOMAIN: mtd.runfoo.run
+  ## the address from which notifications are sent
+  DISCOURSE_NOTIFICATION_EMAIL: noreply@mtd.runfoo.run
+  ## uncomment to change server certificate verification
+  DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none # peer|none
+  ## uncomment to override the authentication method
+  #DISCOURSE_SMTP_AUTHENTICATION: plain # plain|login|cram_md5
+
+  ## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
+  LETSENCRYPT_ACCOUNT_EMAIL: me@example.com
+
+  ## The http or https CDN address for this Discourse instance (configured to pull)
+  ## see https://meta.discourse.org/t/14857 for details
+  #DISCOURSE_CDN_URL: https://discourse-cdn.example.com
+
+  ## The maxmind geolocation IP account ID and license key for IP address lookups
+  ## see https://meta.discourse.org/t/-/173941 for details
+  #DISCOURSE_MAXMIND_ACCOUNT_ID: 123456
+  #DISCOURSE_MAXMIND_LICENSE_KEY: 1234567890123456
+
+## The Docker container is stateless; all data is stored in /shared
+volumes:
+  - volume:
+      host: /var/discourse/shared/standalone
+      guest: /shared
+  - volume:
+      host: /var/discourse/shared/standalone/log/var-log
+      guest: /var/log
+
+## Plugins go here
+## see https://meta.discourse.org/t/19157 for details
+hooks:
+  after_code:
+    - exec:
+        cd: $home/plugins
+        cmd:
+          - git clone https://github.com/discourse/docker_manager.git
+
+## Any custom commands to run after building
+run:
+  - exec: echo "Beginning of custom commands"
+  ## If you want to set the 'From' email address for your first registration, uncomment and change:
+  ## After getting the first signup email, re-comment the line. It only needs to run once.
+  #- exec: rails r "SiteSetting.notification_email='info@unconfigured.discourse.org'"
+  - exec: echo "End of custom commands"

traefik.yml

@@ -0,0 +1,43 @@
+api:
+  dashboard: true
+  insecure: false
+
+entryPoints:
+  web:
+    address: ":80"
+  websecure:
+    address: ":443"
+
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+    network: traefik
+
+certificatesResolvers:
+  letsencrypt:
+    acme:
+      httpChallenge:
+        entryPoint: web
+      email: tenwest@proton.me
+      storage: /data/acme.json
+      caServer: https://acme-v02.api.letsencrypt.org/directory
+
+accessLog: {}
+
+http:
+  middlewares:
+    redirect-to-https:
+      redirectScheme:
+        scheme: https
+        permanent: true
+  
+  routers:
+    web-redirect:
+      rule: "HostRegexp(`{host:.+}`)"
+      entryPoints:
+        - web
+      middlewares:
+        - redirect-to-https
+      service: "noop@internal"
+      priority: 1

traefik.yml.new

@@ -0,0 +1,43 @@
+api:
+  dashboard: true
+  insecure: false
+
+entryPoints:
+  web:
+    address: ":80"
+  websecure:
+    address: ":443"
+
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+    network: traefik
+
+certificatesResolvers:
+  letsencrypt:
+    acme:
+      httpChallenge:
+        entryPoint: web
+      email: tenwest@proton.me
+      storage: /data/acme.json
+      caServer: https://acme-v02.api.letsencrypt.org/directory
+
+accessLog: {}
+
+http:
+  middlewares:
+    redirect-to-https:
+      redirectScheme:
+        scheme: https
+        permanent: true
+  
+  routers:
+    web-redirect:
+      rule: "HostRegexp(`{host:.+}`)"
+      entryPoints:
+        - web
+      middlewares:
+        - redirect-to-https
+      service: "noop@internal"
+      priority: 1