First working implementation

README.md

 
 
 https://github.com/discourse/discourse/blob/master/docs/INSTALL-cloud.md
+https://meta.discourse.org/t/running-other-websites-on-the-same-machine-as-discourse/17247
 
 Log: /var/discourse/shared/standalone/log/rails/production.log
 
+```
 Usage: launcher COMMAND CONFIG [--skip-prereqs] [--docker-args STRING]
 Commands:
     start:      Start/initialize a container
@@ -19,8 +21,7 @@ Commands:
 Options:
     --skip-prereqs             Don't check launcher prerequisites
     --docker-args              Extra arguments to pass when running docker
-
-
+```
 
 Manually create admin:
 

defaults/main.yml

 discourse_git_repo: 'https://github.com/discourse/discourse_docker.git'
+discourse_domain: ''

meta/main.yml

@@ -2,3 +2,4 @@
 
 dependencies:
   - { role: docker }
+  - { role: apache }

tasks/apache.yml

+---
+# file: roles/discourse/tasks/apache.yml
+
+- name: "Apache Configuration File"
+  template:
+    src: 'vhost.conf'
+    dest: '/etc/apache2/sites-available/discourse{{ apache_conf_ext }}'
+    owner: 'root'
+    group: 'root'
+    mode: '664'
+  notify:
+    - "Apache | Restart Apache"
+
+- name: "Apache enable our new site(s)"
+  command: a2ensite discourse creates=/etc/apache2/sites-enabled/discourse{{ apache_conf_ext }}
+  notify:
+    - "Apache | Restart Apache"

tasks/install.yml

 ---
 # file: roles/discourse/tasks/install.yml
 
+- name: "Configure Apache"
+  include_tasks: apache.yml
+
 - name: "Clone Repository"
   git:
     accept_hostkey: yes
@@ -11,10 +14,14 @@
 - block:
 
   - name: "Configure"
-    # /var/discourse/containers/app.yml
+    template:
+      src: 'app.yml'
+      dest: '/var/discourse/containers/app.yml'
+      owner: 'root'
+      group: 'root'
+      mode: '664'
 
-  - name: "Install"
-    # /var/discourse/discourse-setup
-    # /var/discourse/launcher rebuild app
+  - name: "Install and Build"
+    shell: '/var/discourse/launcher rebuild app'
 
   when: discourse_repository.changed

tasks/main.yml

@@ -6,7 +6,19 @@
   tags: always
 
 - block:
+  - name: "Install Certs"
+    include: '../../letsencrypt/tasks/cert.yml'
+    with_items:
+      - domain: '{{ discourse_domain }}'
+    loop_control:
+      loop_var: domain
+    when: discourse_protocol|default("https") == "https" and discourse_letsencrypt|default(true)
 
-  - include_tasks: 'install.yml'
+  when: '"letsencrypt" not in excluded_roles and groups.proxyserver is not defined'
+
+- block:
+
+  - name: "Install Discourse"
+    include: install.yml
 
   when: '"discourse" not in excluded_roles'

templates/app.yml

+## this is the all-in-one, standalone Discourse Docker container template
+##
+## After making changes to this file, you MUST rebuild
+## /var/discourse/launcher rebuild app
+##
+## BE *VERY* CAREFUL WHEN EDITING!
+## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
+## visit http://www.yamllint.com/ to validate this file as needed
+
+templates:
+  - "templates/postgres.template.yml"
+  - "templates/redis.template.yml"
+  - "templates/web.template.yml"
+  - "templates/web.ratelimited.template.yml"
+#  - "templates/web.socketed.template.yml"
+## Uncomment these two lines if you wish to add Lets Encrypt (https)
+  #- "templates/web.ssl.template.yml"
+  #- "templates/web.letsencrypt.ssl.template.yml"
+
+## which TCP/IP ports should this container expose?
+## If you want Discourse to share a port with another webserver like Apache or nginx,
+## see https://meta.discourse.org/t/17247 for details
+expose:
+  - "8181:80"
+#  - "80:80" # https
+#  - "443:443" # https
+
+params:
+  db_default_text_search_config: "pg_catalog.english"
+
+  ## Set db_shared_buffers to a max of 25% of the total memory.
+  ## will be set automatically by bootstrap based on detected RAM, or you can override
+  #db_shared_buffers: "256MB"
+
+  ## can improve sorting performance, but adds memory usage per-connection
+  #db_work_mem: "40MB"
+
+  ## Which Git revision should this container use? (default: tests-passed)
+  #version: tests-passed
+
+env:
+  LANG: en_US.UTF-8
+  # DISCOURSE_DEFAULT_LOCALE: en
+
+  ## How many concurrent web requests are supported? Depends on memory and CPU cores.
+  ## will be set automatically by bootstrap based on detected CPUs, or you can override
+  #UNICORN_WORKERS: 3
+
+  ## TODO: The domain name this Discourse instance will respond to
+  DISCOURSE_HOSTNAME: {{ discourse_domain }}
+
+  ## Uncomment if you want the container to be started with the same
+  ## hostname (-h option) as specified above (default "$hostname-$config")
+  #DOCKER_USE_HOSTNAME: true
+
+  ## TODO: List of comma delimited emails that will be made admin and developer
+  ## on initial signup example 'user1@example.com,user2@example.com'
+  DISCOURSE_DEVELOPER_EMAILS: '{{ apache_server_admin }}'
+
+  ## TODO: The SMTP mail server used to validate new accounts and send notifications
+  DISCOURSE_SMTP_ADDRESS: {{ discourse_smtp.host }}
+  DISCOURSE_SMTP_PORT: {{ discourse_smtp.port }}
+  DISCOURSE_SMTP_USER_NAME: {{ discourse_smtp.user }}
+  DISCOURSE_SMTP_PASSWORD: "{{ discourse_smtp.pass }}"
+  #DISCOURSE_SMTP_ENABLE_START_TLS: true           # (optional, default true)
+
+  ## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
+  #LETSENCRYPT_ACCOUNT_EMAIL: me@example.com
+
+  ## The CDN address for this Discourse instance (configured to pull)
+  ## see https://meta.discourse.org/t/14857 for details
+  #DISCOURSE_CDN_URL: //discourse-cdn.example.com
+
+## The Docker container is stateless; all data is stored in /shared
+volumes:
+  - volume:
+      host: /var/discourse/shared/standalone
+      guest: /shared
+  - volume:
+      host: /var/discourse/shared/standalone/log/var-log
+      guest: /var/log
+
+## Plugins go here
+## see https://meta.discourse.org/t/19157 for details
+hooks:
+  after_code:
+    - exec:
+        cd: $home/plugins
+        cmd:
+          - git clone https://github.com/discourse/docker_manager.git
+
+## Any custom commands to run after building
+run:
+  - exec: echo "Beginning of custom commands"
+  ## If you want to set the 'From' email address for your first registration, uncomment and change:
+  ## After getting the first signup email, re-comment the line. It only needs to run once.
+  #- exec: rails r "SiteSetting.notification_email='info@unconfigured.discourse.org'"
+  - exec: echo "End of custom commands"

templates/vhost.conf

+<Proxy balancer://unicorns>
+  BalancerMember http://127.0.0.1:4000
+</Proxy>
+
+<VirtualHost *:80>
+  Include /etc/apache2/{{ apache_conf_dir }}/global-redirect.conf
+
+{% if discourse_protocol|default("https") == "https" and groups.proxyserver is not defined %}
+  ServerAdmin {{ apache_server_admin }}
+  ServerName  {{ discourse_domain }}
+
+  RewriteEngine on
+  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
+
+  SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
+  LogLevel warn
+{% if apache_version|default('2.4') == '2.4' %}
+  ErrorLogFormat "[%{u}t] [%l] [pid %P] [client\ %{X-Forwarded-For}i] %M% ,\ referer:\ %{Referer}i"
+{% endif %}
+  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+  ErrorLog ${APACHE_LOG_DIR}/{{ discourse_domain }}-error.log
+  CustomLog ${APACHE_LOG_DIR}/{{ discourse_domain }}-access.log combined env=!forwarded
+  CustomLog ${APACHE_LOG_DIR}/{{ discourse_domain }}-access.log proxy env=forwarded
+</VirtualHost>
+
+<VirtualHost *:443>
+  Include /etc/apache2/{{ apache_conf_dir }}/global-redirect.conf
+
+{% endif %}
+  ServerAdmin {{ apache_server_admin }}
+  ServerName  {{ discourse_domain }}
+
+  Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
+  ServerSignature Off
+
+  ProxyPreserveHost On
+
+  # Ensure that encoded slashes are not decoded but left in their encoded state.
+  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
+  AllowEncodedSlashes NoDecode
+
+  <Location />
+      Require all granted
+      ProxyPassReverse http://127.0.0.1:8181
+      ProxyPassReverse http://{{ discourse_domain }}/
+  </Location>
+
+  RewriteEngine on
+
+  #Don't escape encoded characters in api requests
+  RewriteCond %{REQUEST_URI} ^/api/v3/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
+
+  #Forward all requests to gitlab-workhorse except existing files like error documents
+  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
+  RewriteCond %{REQUEST_URI} ^/uploads/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
+  RequestHeader set X_FORWARDED_PROTO 'https'
+  RequestHeader set X-Forwarded-Ssl on
+
+  DocumentRoot /var/www/html
+
+  <Directory "/var/www/html">
+    AllowOverride All
+    Options -MultiViews
+    Require all granted
+  </Directory>
+
+  SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
+  LogLevel warn
+{% if apache_version|default('2.4') == '2.4' %}
+  ErrorLogFormat "[%{u}t] [%l] [pid %P] [client\ %{X-Forwarded-For}i] %M% ,\ referer:\ %{Referer}i"
+{% endif %}
+  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+  ErrorLog ${APACHE_LOG_DIR}/{{ discourse_domain }}-error.log
+  CustomLog ${APACHE_LOG_DIR}/{{ discourse_domain }}-access.log combined env=!forwarded
+  CustomLog ${APACHE_LOG_DIR}/{{ discourse_domain }}-access.log proxy env=forwarded
+
+  SetEnvIf X-Forwarded-Proto https HTTPS=on
+
+  BrowserMatch "MSIE [2-6]" \
+    nokeepalive ssl-unclean-shutdown \
+    downgrade-1.0 force-response-1.0
+  # MSIE 7 and newer should be able to use keepalive
+  BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+
+{% if discourse_protocol|default("https") == "https" and groups.proxyserver is not defined %}
+  Include /etc/apache2/{{ apache_conf_dir }}/options-ssl-apache.conf
+{% if discourse_letsencrypt|default(true) %}
+  SSLCertificateFile /etc/letsencrypt/live/{{ discourse_domain }}/cert.pem
+  SSLCertificateKeyFile /etc/letsencrypt/live/{{ discourse_domain }}/privkey.pem
+  SSLCertificateChainFile /etc/letsencrypt/live/{{ discourse_domain }}/chain.pem
+{% else %}
+{% for cert in discourse_certs|default([]) %}
+  {{ cert.type }} /etc/ssl/private/{{ cert.file }}
+{% endfor %}
+{% endif %}
+{% endif %}
+</VirtualHost>

templates/vhost.conf.jinja2

-# See also https://meta.discourse.org/t/running-other-websites-on-the-same-machine-as-discourse/17247
-
-<Proxy balancer://unicorns>
-BalancerMember http://127.0.0.1:4000
-</Proxy>
-
-<VirtualHost *:80>
-  ServerName my.example.com
-  CustomLog logs/sites/my.example.com/access_log combined
-  ErrorLog logs/sites/my.example.com/error_log
-  ServerAdmin me@example.com
-
-  DocumentRoot /var/www/my.example.com/htdocs
-  UserDir disabled
-  DirectoryIndex disabled
-
-  <Directory "/var/www/my.example.com/htdocs">
-  AllowOverride All
-  Options -MultiViews
-  Require all granted
-  </Directory>
-
-  RewriteEngine on
-  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
-  RewriteRule ^/(.*)$ balancer://unicorns%{REQUEST_URI} [P,QSA,L]
-</VirtualHost>