When can you handle this?
Iām a little confused on what you mean by this. What I was talking about above was adding to the short description for the website. Are you talking about something different here?
proof of stake
proof of stake peercoin
proof of stake coin
proof of stake ppcoin
proof of stake vs proof of work
energy efficient cryptocurrency
peerassets
Searching for proof of stake or related terms peercoin comes very low in search results
Basically we have to wait for Fuzzy for this before you can move forward. Am I understanding this correctly?
Yes, that is correct.
I think planting keywords for search engines is ineffective. Maybe not the approach you meant, but Google ignores <meta name="keywords">
.
@Fuzzybear: You need to set the DNS āA recordsā of www.peercointalk.org
and peercointalk.org
to 51.15.51.207
(which is talk.peercoin.net
).
An alternative that should be superior is setting a CNAME record for www.peercointalk.org
to talk.peercoin.net.
(with trailing dot). Youāll never have to update that if IP of the Discourse server changes, but doesnāt (usually) work with zone apex (ānaked domainā, i.e. www.peercointalk.org
). Iām not certain thereās no caveat doing so.
A quick way to get a certificate is (as root):
EMAIL="admin@peercoin.net"
curl -O https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
/var/discourse/launcher stop app
certbot-auto certonly --standalone --agree-tos --renew-by-default --rsa-key-size 4096 --email $EMAIL -d talk.peercoin.net -d www.peercointalk.org -d peercointalk.org
mkdir discourse-certificate-backup
cp /var/discourse/shared/standalone/ssl/ssl.{crt,key} discourse-certificate-backup
cp /etc/letsencrypt/live/talk.peercoin.net/fullchain.pem /var/discourse/shared/standalone/ssl/ssl.crt
cp /etc/letsencrypt/live/talk.peercoin.net/privkey.pem /var/discourse/shared/standalone/ssl/ssl.key
/var/discourse/launcher start app
@jooize So I have a CNAME record for www.peercointalk.org that is pointing at talk.peercoin.net
I have an A record for peercointalk.org that I have to point to my server so build.peercointalk.org, services.peercointalk.org all still work and the SSL cert is valid for them all. I can not add in another A record for the domain or a CNAME record for just peercointalk.org to point to the new domain / server.
I can only see that I am going to have to move my sites off the peercointalk.org domain under the current setup unless you know of another way? I am not going to be able to look into this until the weekend.
Fuzzybear
Excellent! That should be sufficient, I think. No more hurry on your part.
http://peercointalk.org redirects (with 301) to http://www.peercointalk.org including URL path (/index.php?board=3.0
).
http://www.peercointalk.org points to talk.peercoin.net with CNAME record where Discourse handles legacy URLs.
https://peercointalk.org redirects properly with Discourse permalinks without certificate warning.
https://www.peercointalk.org, the most important one that people have saved needs Discourse to serve a valid certificate for the domain.
@peerchemist: Certificate request should work now.
Try only www.peercointalk.org
and exclude peercointalk.org
.
SSL issues seems to be resolved. Nginx config is still not polished so please test and report.
Onion access is disabled for a moment, I will handle that soon.
On my phone, when I click on all the links above that Jooize posted, they open me in a new tab, but for some reason I am logged out because I see the sign in button. I am not actually logged out though, because if I go back to the original tab where I clicked the links I am still logged in. For all of those links, the URL also appears as https://www.peercointalk.org and does not convert to https://talk.peercoin.net. When I start clicking on threads, the URL also does not change and stays the same.
For example: https://www.peercointalk.org/t/introduce-yourself-peercoin-intro-important-links/2889
Yes, I see.
Iāve must have broken the redirect while doing this. I will investigate.
Meanwhile, if someone has some ideasā¦
nginx config:
upstream backend {
server 127.0.0.1:25654;
}
server {
listen 80; listen [::]:80;
server_name talk.peercoin.net;
return 301 https://talk.peercoin.net$request_uri;
}
server {
listen 443 ssl spdy;
server_name talk.peercoin.net;
error_log /var/log/nginx/discourse.access.log;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;
location / {
proxy_pass http://talk.peercoin.net:25654/;
proxy_read_timeout 90;
proxy_redirect http://talk.peercoin.net:25654/ https://talk.peercoin.net/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
add_header Front-End-Https on;
}
}
```
Why not simply replace Discourseās certificate and private key?
Because then I lose control again.
Over what?
Everything. Discourse setup is presuming that only discourse will run on the server and it can control the port 80 alone. Beside, is setting a reverse proxy in front of that docker container not more elegant solution than manually entering container to overwrite the certs and re-doing it on each update?