Peercointalk domain redirect


#21

When can you handle this?


#22

I’m a little confused on what you mean by this. What I was talking about above was adding to the short description for the website. Are you talking about something different here?


#23

proof of stake
proof of stake peercoin
proof of stake coin
proof of stake ppcoin
proof of stake vs proof of work
energy efficient cryptocurrency
peerassets

Searching for proof of stake or related terms peercoin comes very low in search results


#24

Basically we have to wait for Fuzzy for this before you can move forward. Am I understanding this correctly?


#25

Yes, that is correct.


#26

I think planting keywords for search engines is ineffective. Maybe not the approach you meant, but Google ignores <meta name="keywords">.

@Fuzzybear: You need to set the DNS ‘A records’ of www.peercointalk.org and peercointalk.org to 51.15.51.207 (which is talk.peercoin.net).

An alternative that should be superior is setting a CNAME record for www.peercointalk.org to talk.peercoin.net. (with trailing dot). You’ll never have to update that if IP of the Discourse server changes, but doesn’t (usually) work with zone apex (“naked domain”, i.e. www.peercointalk.org). I’m not certain there’s no caveat doing so.


#27

A quick way to get a certificate is (as root):

EMAIL="admin@peercoin.net"
curl -O https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
/var/discourse/launcher stop app
certbot-auto certonly --standalone --agree-tos --renew-by-default --rsa-key-size 4096 --email $EMAIL -d talk.peercoin.net -d www.peercointalk.org -d peercointalk.org
mkdir discourse-certificate-backup
cp /var/discourse/shared/standalone/ssl/ssl.{crt,key} discourse-certificate-backup
cp /etc/letsencrypt/live/talk.peercoin.net/fullchain.pem /var/discourse/shared/standalone/ssl/ssl.crt
cp /etc/letsencrypt/live/talk.peercoin.net/privkey.pem /var/discourse/shared/standalone/ssl/ssl.key
/var/discourse/launcher start app

#28

@jooize So I have a CNAME record for www.peercointalk.org that is pointing at talk.peercoin.net

I have an A record for peercointalk.org that I have to point to my server so build.peercointalk.org, services.peercointalk.org all still work and the SSL cert is valid for them all. I can not add in another A record for the domain or a CNAME record for just peercointalk.org to point to the new domain / server.

I can only see that I am going to have to move my sites off the peercointalk.org domain under the current setup unless you know of another way? I am not going to be able to look into this until the weekend.

Fuzzybear


#29

Excellent! That should be sufficient, I think. No more hurry on your part. :slight_smile:

http://peercointalk.org redirects (with 301) to http://www.peercointalk.org including URL path (/index.php?board=3.0).
http://www.peercointalk.org points to talk.peercoin.net with CNAME record where Discourse handles legacy URLs.
https://peercointalk.org redirects properly with Discourse permalinks without certificate warning.
https://www.peercointalk.org, the most important one that people have saved needs Discourse to serve a valid certificate for the domain.

@peerchemist: Certificate request should work now. :thumbsup:


#30

I still cant get cert for [www.]peercointalk.org


#31

Try only www.peercointalk.org and exclude peercointalk.org.


#32

SSL issues seems to be resolved. Nginx config is still not polished so please test and report.
Onion access is disabled for a moment, I will handle that soon.


#33

On my phone, when I click on all the links above that Jooize posted, they open me in a new tab, but for some reason I am logged out because I see the sign in button. I am not actually logged out though, because if I go back to the original tab where I clicked the links I am still logged in. For all of those links, the URL also appears as https://www.peercointalk.org and does not convert to https://talk.peercoin.net. When I start clicking on threads, the URL also does not change and stays the same.

For example: https://www.peercointalk.org/t/introduce-yourself-peercoin-intro-important-links/2889


#34

Yes, I see.

I’ve must have broken the redirect while doing this. I will investigate.


#35

Meanwhile, if someone has some ideas…

nginx config:

upstream backend {
    server 127.0.0.1:25654;
}

server {
        listen 80; listen [::]:80;
        server_name talk.peercoin.net;
        return 301 https://talk.peercoin.net$request_uri;
}

server {
        listen 443 ssl spdy;
        server_name talk.peercoin.net;

        error_log /var/log/nginx/discourse.access.log;

        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:50m;
        ssl_stapling on;
        ssl_stapling_verify on;
        add_header Strict-Transport-Security max-age=15768000;

        location / {
                proxy_pass      http://talk.peercoin.net:25654/;
                proxy_read_timeout      90;
                proxy_redirect  http://talk.peercoin.net:25654/ https://talk.peercoin.net/;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto https;
                proxy_redirect off;
                add_header Front-End-Https on;
        }
}

```

#36

@jooize

Do you have some ideas?


#37

Why not simply replace Discourse’s certificate and private key?


#38

Because then I lose control again.


#39

Over what?


#40

Everything. Discourse setup is presuming that only discourse will run on the server and it can control the port 80 alone. Beside, is setting a reverse proxy in front of that docker container not more elegant solution than manually entering container to overwrite the certs and re-doing it on each update?