502 Bad Gateway error on WebDav when syncing or renaming files

nonhocapito · March 1, 2023, 8:12am

This error has been mentioned previously on this forum, but the solutions suggested don’t apply to my case.

I wanted to use WebDav with the Autosync app on Android. The client connected to WebDav correctly, displayed all folder and files, set up sync - then re-uploaded all my files with a temporary extension ~ttxpart~, and could not rename it back to the original, throwing a 502 error.

I tried renaming through the WinSCP WebDav client, and got a 502 Bad Gateway error as well.
Strangely enough, I seem to be able to delete a file, but not rename it, or overwrite it. Something to do with specific Dav commands?

seafdav.conf

[WEBDAV]
enabled = true
port = 8083
share_name = /seafdav

Apache directives

ProxyPass /seafdav http://127.0.0.1:8083/seafdav
ProxyPassReverse /seafdav http://127.0.0.1:8083/seafdav
<Location /seafdav>
    ProxyPass "http://127.0.0.1:8083/seafdav"
</Location>

Seadav.log:

2023-03-01 13:54:27.653 - <140197270312768> wsgidav.dc.seahub_db        INFO    :  Init seahub database...
2023-03-01 13:54:28.012 - <140197270312768> wsgidav.wsgidav_app         INFO    :  WsgiDAV/3.0.4 Python/3.8.10 Linux-5.4.0-139-generic-x86_64-with-glibc2.29
2023-03-01 13:54:28.012 - <140197270312768> wsgidav.wsgidav_app         INFO    :  Lock manager:      LockManager(LockStorageDict)
2023-03-01 13:54:28.012 - <140197270312768> wsgidav.wsgidav_app         INFO    :  Property manager:  None
2023-03-01 13:54:28.012 - <140197270312768> wsgidav.wsgidav_app         INFO    :  Domain controller: SeafileDomainController()
2023-03-01 13:54:28.012 - <140197270312768> wsgidav.wsgidav_app         INFO    :  Registered DAV providers by route:
2023-03-01 13:54:28.012 - <140197270312768> wsgidav.wsgidav_app         INFO    :    - '/:dir_browser': FilesystemProvider for path '/opt/seafile/seafile-pro-server-9.0.14/seahub/thirdpart/wsgidav/dir_browser/htdocs' (Read-Only)
2023-03-01 13:54:28.012 - <140197270312768> wsgidav.wsgidav_app         INFO    :    - '/seafdav': SeafileProvider for Seafile (Read-Write)
2023-03-01 13:54:28.012 - <140197270312768> wsgidav.wsgidav_app         WARNING :  Basic authentication is enabled: It is highly recommended to enable SSL.
2023-03-01 13:54:32.294 - <140197200643840> wsgidav.wsgidav_app         INFO    :  127.0.0.1 - <username> - [2023-03-01 07:54:32] "PROPFIND <path>" length=84, depth=1, elap=0.290sec -> 207 Multi-Status
2023-03-01 13:54:42.345 - <140197200643840> wsgidav.wsgidav_app         INFO    :  127.0.0.1 - <username> - [2023-03-01 07:54:42] "MOVE <filename>~ttxpart~" dest="<domain>/seafdav/<path>/<filename>", depth=0, overwrite=F, elap=0.034sec -> 502 Bad Gateway

WinSCP log (partial)

. 2023-03-01 19:51:13.102 Sending request-line and headers:
. 2023-03-01 19:51:13.102 Request sent; retry is 1.
. 2023-03-01 19:51:13.102 ssl: Got TLS closure.
. 2023-03-01 19:51:13.102 Aborted request (-3): Could not read status line
. 2023-03-01 19:51:13.102 sess: Closing connection.
. 2023-03-01 19:51:13.102 ssl: Shutdown state: not sent | received.
. 2023-03-01 19:51:13.102 ssl: Sending closure.
. 2023-03-01 19:51:13.102 sess: Connection closed.
. 2023-03-01 19:51:13.102 Persistent connection timed out, retrying.
. 2023-03-01 19:51:13.102 Sending request-line and headers:
. 2023-03-01 19:51:13.102 req: Connecting to <ip-number>:443
. 2023-03-01 19:51:13.232 Doing SSL negotiation.
. 2023-03-01 19:51:14.434 Request sent; retry is 0.
. 2023-03-01 19:51:15.774 [status-line] < HTTP/1.1 502 Bad Gateway
. 2023-03-01 19:51:15.774 Header Name: [date], Value: [Wed, 01 Mar 2023 13:51:18 GMT]
. 2023-03-01 19:51:15.774 Header Name: [server], Value: [gunicorn]
. 2023-03-01 19:51:15.774 Header Name: [content-type], Value: [text/html]
. 2023-03-01 19:51:15.774 Header Name: [content-length], Value: [589]
. 2023-03-01 19:51:15.774 End of headers.
. 2023-03-01 19:51:15.774 auth: Post-send (#0), code is 502 (want 401), WWW-Authenticate is (none)
. 2023-03-01 19:51:15.774 Request ends, status 502 class 5xx, error line:
. 2023-03-01 19:51:15.774 502 Bad Gateway
. 2023-03-01 19:51:15.774 Request ends.
. 2023-03-01 19:51:15.774 Asking user:
. 2023-03-01 19:51:15.774 Error renaming file '<filename>' to '<filename>'. ("502 Bad Gateway")

What could be causing this error?

I am running Seafile 9.0.15 pro on Apache, php8.1 pfm, no docker.

nonhocapito · March 1, 2023, 11:57pm

This seems to be related to the issue described here.

However, the fix suggested, replacing lines in (I guess) /seahub/thirdpart/wsgidav/request_server.py doesn’t seem to solve it for me. 502 error still happening.

I did find a temporary workaround by disabling redirect to SSL on the domain, and loading WebDav on a simple http connection. No more Error 502.
This suggests the problem does lie in a WebDav bug in handling ss v. non-ssl on a reverse proxy configuration.

kkettinger · April 2, 2023, 1:41pm

The solution i came accross is to rewrite the destination url.

Without rewriting, the MOVE command passes the whole url which somehow doesn’t work with wsgidav:

"MOVE /Fotos/DCIM/Camera/IMG_20230312_190344.jpg~ttxpart~" dest="https://custom.domain.de:9000/seafdav/Fotos/DCIM/Camera/IMG_20230312_190344.jpg", length=0, depth=0, overwrite=T, elap=0.029sec -> 502 Bad Gateway

With the solution you remove the destination host part in the url all together by using a relative url instead of absolute:

"MOVE /Fotos/DCIM/Camera/IMG_20230312_190344.jpg~ttxpart~" dest="/seafdav/Fotos/DCIM/Camera/IMG_20230312_190344.jpg", length=0, depth=0, overwrite=T, elap=0.721sec -> 204 No Content

As i can’t include links (for whatever reason, even to the forum…), the solution for a nginx reverse proxy is this (which came from the user hambier):

# in the "location /seafdav" block:
set $destination $http_destination;
if ($destination ~* ^https?://[^/]+(/seafdav/.+)$) {
		set $destination $1;
}
proxy_set_header Destination $destination;

This should be possible with apache too.

Edit:
My whole /seafdav part in the nginx confs looks like this:

location /seafdav {
	proxy_pass         http://127.0.0.1:8080/seafdav;
	proxy_set_header   Host $host;
	proxy_set_header   X-Real-IP $remote_addr;
	proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header   X-Forwarded-Host $server_name;
	proxy_set_header   X-Forwarded-Proto $scheme;
	proxy_read_timeout  1200s;
	proxy_request_buffering off;
	client_max_body_size 0;

	set $destination $http_destination;
	if ($destination ~* ^https?://[^/]+(/seafdav/.+)$) {
			set $destination $1;
	}
	proxy_set_header Destination $destination;

	access_log      /var/log/nginx/seafdav.access.log seafileformat;
	error_log       /var/log/nginx/seafdav.error.log;
}

nonhocapito · April 3, 2023, 2:19pm

Is it possible your solution is similar to mine, in that by removing the host (and thus the https protocol), your seadav establishes a simple http connection instead?

vikarti · November 4, 2024, 2:12am

Didn’t worked for me.
Changing

proxy_set_header X-Forwarded-Proto $scheme;

to

proxy_set_header X-Forwarded-Proto https;

did help.
My seafile server doesn’t do https, https is being done by nginx proxy manager in front of it.