6.3 Switching from FastCGI and Nginx

Hey everyone, been running Seafile for years now. I run HTTPS with Certbot, Fast CGI, and an Nginx Proxy. Obviously after the upgrade everything failed, so I rebuilt my Nginx config and removed all Fast CGI. My server resolves, but all of my resources are missing, inaccessible by the webserver due to bad Nginx proxying I presume. Can someone help me?

2018/12/14 20:39:11 [error] 3027#3027: *33586 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.45, server: file.domain.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:8000/favicon.ico", host: "file.domain.com"
2018/12/14 20:39:14 [error] 3027#3027: *33589 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.45, server: file.domain.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8000/", host: "file.domain.com"
2018/12/14 20:40:00 [error] 3027#3027: *33597 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.254, server: file.domain.com, request: "GET /api2/account/info/ HTTP/1.1", upstream: "http://127.0.0.1:8000/api2/account/info/", host: "file.domain.com"
2018/12/14 20:40:18 [error] 3027#3027: *33605 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.209, server: file.domain.com, request: "GET /api2/account/info/ HTTP/1.1", upstream: "http://127.0.0.1:8000/api2/account/info/", host: "file.domain.com"
2018/12/14 20:40:18 [error] 3027#3027: *33605 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.209, server: file.domain.com, request: "GET /api2/events/ HTTP/1.1", upstream: "http://127.0.0.1:8000/api2/events/", host: "file.domain.com"
2018/12/14 20:40:40 [error] 3027#3027: *33614 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.45, server: file.domain.com, request: "GET /api2/repos/ HTTP/1.1", upstream: "http://127.0.0.1:8000/api2/repos/", host: "file.domain.com"
2018/12/14 20:41:01 [error] 3027#3027: *33616 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.254, server: file.domain.com, request: "GET /api2/repos/ HTTP/1.1", upstream: "http://127.0.0.1:8000/api2/repos/", host: "file.domain.com"
2018/12/14 20:41:02 [error] 3027#3027: *33616 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.254, server: file.domain.com, request: "GET /api2/events/ HTTP/1.1", upstream: "http://127.0.0.1:8000/api2/events/", host: "file.domain.com"
2018/12/14 20:41:40 [error] 3027#3027: *33631 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.45, server: file.domain.com, request: "GET /api2/account/info/ HTTP/1.1", upstream: "http://127.0.0.1:8000/api2/account/info/", host: "file.domain.com"
2018/12/14 20:41:40 [error] 3027#3027: *33632 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.2.45, server: file.domain.com, request: "GET /api2/ping/ HTTP/1.1", upstream: "http://127.0.0.1:8000/api2/ping/", host: "file.domain.com"

Console errors show:

Loading failed for the <script> with source “https://file.domain.com/media/assets/scripts/i18n/en/djangojs.js”. file.domain.com:2980:1
Loading failed for the <script> with source “https://file.domain.com/media/assets/scripts/lib/require.640929dac3c2.js”. file.domain.com:3460:1 

Here is my seafile.conf NGINX server block:

server {
    listen       80;
    server_name   file.domain.com;
    rewrite ^ https://$http_host$request_uri? permanent;    # force redirect http to https
    server_tokens off;
}
server {
    listen 443 http2;
    listen [::]:443 http2;
    ssl on;
    ssl_certificate /etc/letsencrypt/live/file.domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/file.domain.com/privkey.pem;
    server_name file.domain.com;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:5m;

    # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
    ssl_dhparam /etc/nginx/dhparam.pem;

    # secure settings (A+ at SSL Labs ssltest at time of writing)
    # see https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS';
    ssl_prefer_server_ciphers on;

    proxy_set_header X-Forwarded-For $remote_addr;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
    server_tokens off;

    location / {
        proxy_pass         http://127.0.0.1:8000;
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_set_header   X-Forwarded-Proto https;

        access_log      /var/log/nginx/seahub.access.log;
        error_log       /var/log/nginx/seahub.error.log;

        proxy_read_timeout  1200s;

        client_max_body_size 0;
    }

    location /seafhttp {
        rewrite ^/seafhttp(.*)$ $1 break;
        proxy_pass http://127.0.0.1:8082;
        client_max_body_size 0;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_connect_timeout  36000s;
        proxy_read_timeout  36000s;
        proxy_send_timeout  36000s;
        send_timeout  36000s;
        proxy_request_buffering off;
    }
    location /media {
        root /home/user/haiwen/seafile-server-latest/seahub;
    }
}

As soon as I posted this, I saw the last line which was a bad path for media. that fixed it. Can delete the thread if desired.

Please mark it as solved.