Doubling of SITE_ROOT for non-root setup

Hi There,

Not sure if this a bug or a config issue - so I’ve also posted in GitHub.

I have seafile 6.0.4 setup behind NGINX with HTTPS as a non-root setup as per:

  • https://manual.seafile.com/deploy/deploy_with_nginx.html and
  • https://manual.seafile.com/deploy/https_with_nginx.html and
  • https://manual.seafile.com/deploy/deploy_seahub_at_non-root_domain.html

Everything basically works - especially with the desktop client - however I have some issues with the Web UI with links that seems to have SITE_ROOT doubled. For example, when I first attempt to access my site by going to https://censored/seafile/ I get redirected to the login page but at the following URL (note the next param):

https://censored/seafile/accounts/login/?next=/seafile/seafile/

So if I login successfully with that page, I get a message saying the page could not be found as I’ve arrived at:

https://censored/seafile/seafile/

If I manually chop that down to

https://censored/seafile/

Then everything works as expected. Except for:

  • I note that in the bottom left the ‘Clients’ link is actually https://censored/seafile/seafile/download_client_program/
  • If I’m logged in as an admin I note the menu item System Admin up on the top right profile drop down points to https://censored/seafile/seafile/sysadmin/
  • If I manually fix that URL and get to the System Admin then all the right hand menu items are fine except for System Settings which points to https://censored/seafile/sysadmin/seafile/sys/settings/

AFAIK they’re the only links with issues - everything else works. And from the fact it’s like that, I’ve pretty well ruled out an issue with NGINX config.

I’ve also rm -rf /tmp/seahub_cache but with no joy.

Below are my configuration files. I hope you can help.

seahub_settings.py

FILE_SERVER_ROOT = 'https://censored/seafhttp'

SERVE_STATIC = False
MEDIA_URL = '/seafile/media/'
COMPRESS_URL = MEDIA_URL
STATIC_URL = MEDIA_URL + 'assets/'
SITE_ROOT = '/seafile/'
LOGIN_URL = '/seafile/accounts/login/'

SECRET_KEY = "censored"

EMAIL_BACKEND = 'django_smtp_ssl.SSLEmailBackend'
EMAIL_USE_TLS = True
EMAIL_HOST = 'censored'
EMAIL_HOST_USER = 'censored'
EMAIL_HOST_PASSWORD = 'censored'
EMAIL_PORT = 465
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
SERVER_EMAIL = EMAIL_HOST_USER

seafile.conf

[fileserver]
port=8082

ccnet.conf

[General]
USER_NAME = censored
ID = censored
NAME = censored
SERVICE_URL = https://censored/seafile

[Client]
PORT = 13419

NGINX site config

server {
        listen      80 default_server;
        server_name censored;
        return      301 https://$server_name$request_uri;
}

server {
        # SSL configuration
        #
        listen 443 ssl default_server;
        # listen [::]:443 ssl default_server;
        ssl_certificate     /etc/ssl/nginx/cacert.pem;    # path to your cacert.pem
        ssl_certificate_key /etc/ssl/nginx/privkey.pem;   # path to your privkey.pem

        root /var/www/html;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name censored;

        proxy_set_header X-Forwarded-For $remote_addr;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }

        location /seafile {
                include /etc/nginx/fastcgi_params;
                fastcgi_param   HTTPS               on;
                fastcgi_param   HTTP_SCHEME         https;
                fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
                fastcgi_param   PATH_INFO           $fastcgi_script_name;

                fastcgi_pass 127.0.0.1:8000;
                fastcgi_read_timeout 36000;
        }

        location /seafile/media {
                rewrite ^/seafile/media(.*)$ $1 break;
                root /opt/seafile/seafile-server-latest/seahub/media;
        }

        location /seafhttp {
                rewrite ^/seafhttp(.*)$ $1 break;
                proxy_pass             http://127.0.0.1:8082;
                client_max_body_size   0;
                proxy_connect_timeout  36000s;
                proxy_read_timeout     36000s;
                proxy_send_timeout     36000s;
                send_timeout           36000s;
        }
}

Here is my working config.
apache 2.4, seafile pro server 6.0.2:

ccnet.conf
[General]
USER_NAME = seafile
SERVICE_URL = https://www.example.com/seafile

seafile.conf
[fileserver]
port = 8082

seahub_settings.py
SERVE_STATIC = False
MEDIA_URL = ‘/seafile/media/’
COMPRESS_URL = MEDIA_URL
STATIC_URL = MEDIA_URL + ‘assets/’
SITE_ROOT = ‘/seafile/’
LOGIN_URL = ‘/seafile/accounts/login/’ # NOTE: since version 5.0.4
FILE_SERVER_ROOT = ‘https://www.example.com/seafilehttp

apache.conf

Alias /seafile/media  /home/seafile/seafile-server-latest/seahub/media
RewriteEngine On

<Location /seafile/media>
    ProxyPass !
    Require all granted
</Location>

# seafile fileserver
#
ProxyPass /seafilehttp http://127.0.0.1:8082
ProxyPassReverse /seafilehttp http://127.0.0.1:8082
RewriteRule ^/seafilehttp - [QSA,L]

ProxyPass /seafhttp http://127.0.0.1:8082
ProxyPassReverse /seafhttp http://127.0.0.1:8082
RewriteRule ^/seafhttp - [QSA,L]
#
# seahub
#


RewriteRule ^/seafile$ /seafile/ [L,R=301]
SetEnvIf Request_URI . proxy-fcgi-pathinfo=unescape
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
ProxyPass /seafile fcgi://127.0.0.1:8000/seafile

What i have forgotten: you have to start seahub as fastcgi, like:

sudo -u seafile ./seahub.sh start-fastcgi

Hi Markus,

Thanks for that, but I do actually have it all running and working other than those three mentioned page links.

Anyone else have any ideas?

Cheers.