Hi. I had a running configuration on raspbian. Version 6.3.4. It worked fine with http. However, I need to migrate to https.
So I installed nginx, added the nginx seafile configuration file, modified ccnet.conf, modified seahub_settings.py. Now I get “bad gateway” which is probably the most ambiguous message on Earth.
Where could I start looking to find the root cause? I start seafile with fastcgi.
ccnet.conf:
[General]
USER_NAME = XXXX
ID = XXXX
NAME = XXX
SERVICE_URL = https://192.168.1.110:8001
[Client]
PORT = 13419
[08/13/20 23:42:00] ../common/session.c(132): using config file /home/seafile/conf/ccnet.conf
[08/13/20 23:42:00] ../common/session.c(455): socket file exists, delete it anyway
[08/13/20 23:42:00] ../common/session.c(484): Listen on /home/seafile/ccnet/ccnet.sock for local clients
[08/13/20 23:42:00] ../common/session.c(290): Update pubinfo file
[08/13/20 23:42:01] ../common/session.c(398): Accepted a local client
[08/13/20 23:42:01] ../common/session.c(398): Accepted a local client
[08/13/20 23:42:01] ../common/session.c(398): Accepted a local client
[08/13/20 23:42:01] ../common/session.c(398): Accepted a local client
[08/13/20 23:42:03] ../common/session.c(398): Accepted a local client
[08/13/20 23:42:03] ../common/peer.c(943): Local peer down
Alright, I found some more hints. Fast-cgi does not work so I altered my seahub config file. Then I receive the request dependency warning when starting seahub. So I did:
sudo pip install -Iv urllib3==1.22
However, my client log gives:
libcurl failed to GET 192.168.1.110/seafhttp/protocol-version: Couldn't connect to server.
and my client GUI shows “waiting for synchronization”…
Additional info: client on Android seems to work fine. Also reaching the library through the seahub browser interface works. Just my desktop client is stuck.
Do you have several Desktops which don’t work or is it just the one?
If not, maybe the problem is on the machine, e.g. some problem with old cache files or something? Have you tried reinstalling the client?
So, to give it another try, I used the standard ports, but now I get “Unhandled http redirect from server. Please check server cofiguration” from my client
This is my nginx:
server {
listen 80;
server_name 192.168.1.110;
server_tokens off;
rewrite ^ https://$http_host$request_uri? permanent; # force redirect http to https
}
server {
listen 443 http2; # former 8001
ssl on;
ssl_certificate /etc/nginx/ssl/seahub.crt;
ssl_certificate_key /etc/nginx/ssl/seahub.key;
server_name 192.168.1.110;
server_tokens off; # Nginx does not reveal its version number to make life more difficult for attackers
error_page 497 https://$host:$server_port$request_uri;
# ssl_protocols TLSv1.2 TLSv1.3;
client_max_body_size 10G; # set max upload size
# proxy for seahub:
location / {
proxy_pass http://127.0.0.1:8000;
# proxy_set_header Host $host;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto https; # was commented
proxy_read_timeout 1200s;
# used for view/edit office file via Office Online Server
client_max_body_size 0;
access_log /var/log/nginx/seahub.access.log;
error_log /var/log/nginx/seahub.error.log;
}
# proxy for seafile:
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://127.0.0.1:8082;
client_max_body_size 0;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
}
}
Alright, after some trial and error, I solved the “redirect” issue by deleting the complete configuration folder on my client. You will find the folder when looking at the entry in ~/.ccnet/seafile.ini (on Kubuntu).
Another finding: if i activate “proxy_set_header X-Forwarded-Proto https;” in the nginx file, I get an 403 CSRF error in the web interface. After commenting the line, the error is gone.
Final finding: After changing port 443 to another port and deleting the client folder again, it keeps working