Running a discourse server on the really cheap

Blog
1

I want to have a discourse forum.
Why? Because I find discourse quite interesting and I like learning new things. And discourse is a new cool thing, afterall.

Anyhow, this is not a post about why I like discourse. This is a technical post about how to host discourse on your own VPS as cheap as possible, how to setup a (imho) decent nginx server in front of discourse, and how to make use of some of nginx’s features.

This post shows the steps that I took. If you think anything was forgotten or found some flaws in my configs please do comment here, or send me an email about it!

If you know how to these things cheaper that my current costs please do comment here, or send me an email about it!

Hopefully the final note :roll_eyes: you have been warned from the beginning that this is not a simple task. (though if you really are reading my blog you most likely are no computer illiterate, so you may as well continue).

TL/DR: The price

Right now it costs me 2.37 euro per month (VAT included) to host this website.

All the money is spent for hosting: a Scaleway Start1-XS VPS.
The emailing is handled using Elastic Email’s basic plan which is free and gives me 5000 emails per day.
DNS is handled by Cloudflare.
SSL (because it’s 2018 and i’ll call you ugly and stupid otherwise) certificates are free from LetsEncrypt.

This price does not include the costs of owning my domain, nor the work that I put into maintaining the server and the discourse instance (which is less than 8 hours per month) – everything IS and should be automated.

And if you think that’s costly then I have to mention that you can use the VPS also as a VPN since you have unlimited bandwidth, and you can also test about anything you can think of since you have an always-on always-waiting machine!

Domain

To host any website (forum or otherwise) you need a domain. Mine’s tbp.land and has multiple subdomains. It’s your job to find a domain that you like. In all my examples i will use my domain, and you should change that to your own.

VPS access

I am using the latest Ubuntu LTS version, so the explanations here are given for this OS. Do note that discourse advices that you should use ubuntu and not centOS/arch/etc.

I am using only SSH auth using public/private keys, and no username/pass authentication. Scaleway let’s you add the public keys created using putty on windows. This is their guide, and i don’t believe i can do a better job of explaining the process.

Afterwards, you can login by using the public IP address of your sever, username root and the private ssh key you created using putty.

Installing discourse standalone

Before making everything awesome (and using the server for hosting more than discourse) i think following the basic standalone 30 minutes installation guide provided by discourse is the best.

I chose this variant as you have to make sure that discourse actually works on your server, and that you have https working properly for a few days. (if you think https is useless then i’ll remind you that you’re ugly and stupid)

Required software

There is some software which is needed for any discourse installation

  • make sure your system is up to date: sudo apt update && sudo apt dist-upgrade and chose y
  • docker: wget -qO- https://get.docker.com/ | sh
  • turn on automatic security updates: dpkg-reconfigure -plow unattended-upgrades (you do want everything automated)

Optional software that I find useful

  • glances (a system monitor): curl -L https://bit.ly/glances | /bin/bash

Is your discourse instance working properly in standalone?

  • No :frowning_face:

Then i think you should make it work first. There is no point in continuing the advanced part of even the basics are failing.
There are a lot of answers and discussions on the official discourse forum, and everybody there is nice.

  • :partying_face: Yep, my forum is up and running and i added some plugins as well!
    • Perfect! :confetti_ball: Then we can finally put on the big boy pants and start installing nginx.

???. DNS: Cloudflare

This one should come later in the explanation.

Why did i chose cloudflare?
Because i never used it before and i wanted to know what it is. I won’t try to argue that i know much more about DNS than before, but something’s more than nothing, right?

I find cloudflare interesting. And free. Did i mention I run this server reaaaaly cheap?
Well Cloudflare offers both DNS and CDN (though in my and other’s experiences, you shouldn’t enable CDN for discourse or you will get into caching troubles!).

My usage for cloudflare is rather minima: i just use it to handle the DNS part of my server. (You may call my usage a “redirect machine”)

2 
apt update 
apt dist-upgrade -y 
apt autoremove -y

apt install ncdu glances git curl -y

ssh:

cd ~/.ssh
cat id_rsa.pub >> authorized_keys
service ssh restart

apt install fail2ban -y
systemctl status fail2ban -y

Discourage swap usage as much as possible

sysctl -w vm.swappiness=10
echo vm.swappiness = 10 | tee -a /etc/sysctl.conf

apt install unattended-upgrades -y
dpkg-reconfigure -plow unattended-upgrades

apt install ufw -y
ufw allow http
ufw allow https
ufw allow ssh
ufw enable
ufw status verbose

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
rm get-docker.sh
docker run hello-world

curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

sudo chmod +x /usr/local/bin/docker-compose

Performance testing:

apt install sysbench ioping -y
    

sysbench --test=cpu --cpu-max-prime=20000 run
sysbench --test=cpu --cpu-max-prime=40000 --num-threads=8 run


ioping -RD -w 10 .

Install linuxserver-swag for nginx + certbot.

Create a common docker network for all the containers that need to be managed by nginx:

docker network create nginx-common

All the containers which need to be accessed from the internet have to be connected to this network:

3

One more guide: Initial VPS Security Setup

And this nice one: An Introduction to Securing your Linux VPS | DigitalOcean

4

Related: Setting up ubuntu server

5

sudo apt update && sudo apt dist-upgrade -y

apt install glances ncdu git

install docker

sudo apt-get remove docker docker-engine docker.io containerd runc

sudo apt-get update
sudo apt-get install ca-certificates curl gnupg

sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

echo \
  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt-get update


sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin


sudo docker run hello-world

install powershell

# Update the list of packages
sudo apt-get update
# Install pre-requisite packages.
sudo apt-get install -y wget apt-transport-https software-properties-common
# Download the Microsoft repository GPG keys
wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb"
# Register the Microsoft repository GPG keys
sudo dpkg -i packages-microsoft-prod.deb
# Delete the the Microsoft repository GPG keys file
rm packages-microsoft-prod.deb
# Update the list of packages after we added packages.microsoft.com
sudo apt-get update
# Install PowerShell
sudo apt-get install -y powershell
# Start PowerShell
pwsh