From: Guo Xiang Tan <tgx_world@hotmail.com>
Date: Tue, 2 Apr 2019 07:57:30 +0000 (+0800)
Subject: Set `force_https` to true when Let's Encrypt cert checks out OK.
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=40fd876d1edb1a376a4eb592c9de4a178352a760;p=discourse_docker.git

Set `force_https` to true when Let's Encrypt cert checks out OK.
---

diff --git a/templates/web.letsencrypt.ssl.template.yml b/templates/web.letsencrypt.ssl.template.yml
index 3a43d4e..463f04e 100644
--- a/templates/web.letsencrypt.ssl.template.yml
+++ b/templates/web.letsencrypt.ssl.template.yml
@@ -61,6 +61,8 @@ hooks:
           if [ ! "$(cd $$ENV_LETSENCRYPT_DIR/$$ENV_DISCOURSE_HOSTNAME && openssl verify -CAfile ca.cer fullchain.cer | grep "OK")" ]; then
             # Try to issue the cert again if something goes wrong
             LE_WORKING_DIR="${LETSENCRYPT_DIR}" $$ENV_LETSENCRYPT_DIR/acme.sh --issue -d $$ENV_DISCOURSE_HOSTNAME -k 4096 --force -w /var/www/discourse/public
+          else
+            echo "force_https = 'true'" >> "/var/www/discourse/config/discourse.conf"
           fi
 
           LE_WORKING_DIR="${LETSENCRYPT_DIR}" $$ENV_LETSENCRYPT_DIR/acme.sh --installcert -d $$ENV_DISCOURSE_HOSTNAME --fullchainpath /shared/ssl/$$ENV_DISCOURSE_HOSTNAME.cer --keypath /shared/ssl/$$ENV_DISCOURSE_HOSTNAME.key --reloadcmd "sv reload nginx"