Error bad gateway with seafile / docker

Docker
1

Hello,
I have several dockers, including one for seafile and another for nginx. I have a domain name of type “domain-name” and I would like to have a subdomain of type “drive.domain-name”. My nginx config file for “drive.domain-name” is as follows:

`server {
if ($host = drive.nom.domain {
return 301 https://$host$request_uri;
} # managed by Certbot

listen       80;
listen  [::]:80;
server_name  drive.nom.domain;

location / {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_pass   http://172.17.0.6;
}

error_page   500 502 503 504  /50x.html;
location = /50x.html {
    root   /usr/share/nginx/html;
}

}

server {
listen 443 ssl;
listen [::]:443;
server_name drive.nom.domain.***;
ssl_certificate /etc/letsencrypt/live/nom.domain.com-0001/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/nom.domain.com-0001/privkey.pem; # managed by Certbot

location / {
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	# proxy_set_header X-Forwarded-Proto https;
	proxy_pass   http://172.17.0.6;
}

error_page   500 502 503 504  /50x.html;
location = /50x.html {
    root   /usr/share/nginx/html;
}

}
`

Seafile corresponds to my subdomain “drive.nom-de-domaine”
`version: ‘2.0’
services:
db:
image: mariadb:10.1
container_name: seafile-mysql
environment:
- MYSQL_ROOT_PASSWORD=******* # Requested, set the root’s password of MySQL service.
- MYSQL_LOG_CONSOLE=true
volumes:
- /opt/seafile-mysql/db:/var/lib/mysql # Requested, specifies the path to MySQL data persistent store.
networks:
- seafile_seafile-net
- bridge

memcached:
image: memcached:1.5.6
container_name: seafile-memcached
entrypoint: memcached -m 256
networks:
- seafile_seafile-net
- bridge

seafile:
image: seafileltd/seafile-mc:latest
container_name: seafile
ports:
- “80:80”
- “443:443” # If https is enabled, cancel the comment.
volumes:
- /opt/seafile-data:/shared # Requested, specifies the path to Seafile data persistent store.
environment:
- DB_HOST=****
- DB_ROOT_PASSWD=****** # Requested, the value shuold be root’s password of MySQL service.
- TIME_ZONE=Europe/Paris # Optional, default is UTC. Should be uncomment and set to your local time zone.
- SEAFILE_ADMIN_EMAIL=*********** # Specifies Seafile admin user, default is ‘me@example.com’.
- SEAFILE_ADMIN_PASSWORD=FictisVin49? # Specifies Seafile admin password, default is ‘asecret’.
- SEAFILE_SERVER_LETSENCRYPT=false # Whether to use https or not.
- SEAFILE_SERVER_HOSTNAME=drive.nom.domain.*** # Specifies your host name if https is enabled.
depends_on:
- db
- memcached
networks:
- seafile_seafile-net
- bridge

networks:
seafile_seafile-net:
bridge: `

The dockers’ configuration data is as follows.

The configuration of my docker seafile is as follows

image
image2287×587 66.2 KB

Here is the list of my networks:

My problem is that when I try to access the seafile service in a browser through “drive.domain-name”, I get the “502 bad gateway” error. Do you have any idea where this problem can come from? And if so, how to fix it. Thanks in advance.

indent preformatted text by 4 spaces
2

Hi,

I see a couple of issues:

  1. Never use the raw container ip. Connection will break as soon as the ip changes. You can use the service name, in your case, seafile.
  2. Your nginx configuration isn’t complete and uses the wrong port. See: HTTPS with Nginx - Seafile Admin Manual
3

I modified my file and I get this error :

image
image941×463 11.4 KB

seafile.nginx.conf :

    # -*- mode: nginx -*-

Auto generated at 05/27/2020 12:32:19

server {
if ($host = nom-de-domaine.com)
#return 301 https://$host$request_uri;
managed by Certbot

listen 80;
server_name   drive.nom-de-domaine.com;
server_tokens off;

}
server{
listen 443 ssl;
listen [::]:443;
server_name .nom-de-domaine.com;
server_tokens off;

client_max_body_size 10m;

location /seafile {
	proxy_pass http://127.0.0.1:8000/;
	proxy_read_timeout 310s;
	proxy_set_header Host $host;
	proxy_set_header Forwarded for=$remote_addr; #proto=$scheme;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header Connection "";
	proxy_http_version 1.1;

	client_max_body_size 0;
	access_log      /var/log/nginx/seahub.access.log seafileformat;
	error_log       /var/log/nginx/seahub.error.log;
}

location /seafhttp {
	rewrite ^/seafhttp(.*)$ $1 break;
	proxy_pass http://127.0.0.1:8082;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	client_max_body_size 0;
	proxy_connect_timeout  36000s;
	proxy_read_timeout  36000s;
	proxy_request_buffering off;
	access_log      /var/log/nginx/seafhttp.access.log seafileformat;
	error_log       /var/log/nginx/seafhttp.error.log;
}

location /seafdav {
	client_max_body_size 0;
	fastcgi_pass    127.0.0.1:8080;
	fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
	fastcgi_param   PATH_INFO           $fastcgi_script_name;

	fastcgi_param   SERVER_PROTOCOL     $server_protocol;
	fastcgi_param   QUERY_STRING        $query_string;
	fastcgi_param   REQUEST_METHOD      $request_method;
	fastcgi_param   CONTENT_TYPE        $content_type;
	fastcgi_param   CONTENT_LENGTH      $content_length;
	fastcgi_param   SERVER_ADDR         $server_addr;
	fastcgi_param   SERVER_PORT         $server_port;
	fastcgi_param   SERVER_NAME         $server_name;

	access_log      /var/log/nginx/seafdav.access.log seafileformat;
	error_log       /var/log/nginx/seafdav.error.log;
}

location /media {
    rewrite ^/seafmedia(.*)$ /media$1 break;
	root /opt/seafile/seafile-server-latest/seahub;
}

# For letsencrypt
location /.well-known/acme-challenge/ {
	alias /var/www/challenges/;
	try_files $uri =404;

}

}

nom-de-domaine-conf:
server {
if ($host = nom-de-domaine.com) {
return 301 https://$host$request_uri;
} # managed by Certbot

listen       80;
listen  [::]:80;
server_name  nom-de-domaine.com;


location / {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_pass   http://172.19.0.4;
}

error_page   500 502 503 504  /50x.html;
location = /50x.html {
    root   /usr/share/nginx/html;
}

}

server {
listen 443 ssl;
listen [::]:443;
server_name nom-de-domaine.com;
ssl_certificate /etc/letsencrypt/live/nom-de-domaine.com-0001/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/nom-de-domaine.com-0001/privkey.pem; # managed by Certbot

location / {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	# proxy_set_header X-Forwarded-Proto https;
	proxy_pass   http://172.19.0.4;
}

error_page   500 502 503 504  /50x.html;
location = /50x.html {
    root   /usr/share/nginx/html;
}

}

I don’t understand where it comes from, do you have any idea?

4

You’re looping here. In fact, I don’t understand what you’re trying to achieve with 2 config files instead of one. :sweat_smile:

And:

Is the volume properly expose in the nginx container ?

127.0.0.1 will come back to the nginx container. You probably want to read this: Networking in Compose | Docker Docs

This is deprecated, you probably don’t want it this way. Imo you’d better to have a basic working install and add extensions (memcached, webdav, …) later.

5

ok, i will try this, thanks

6

i remove the https redirect, and now i have this^:

image
image731×265 10.5 KB

7

Well, I learned in another thread that the official docker image provides its own nginx server. It’s a bit against the standard but then you don’t need your own.

Thus, just remove your nginx container. If your compose file is ok, it should work.

8

I have deactivated my nginx container.

in my config file I removed the https redirect:
#-- mode: nginx --
#Auto generated at 05/27/2020 12:32:19
server {
#if ($host = drive.domain.com)
#return 301 https://$host$request_uri;
# managed by Certbot

listen 80;
listen       [::]:80;
server_name  drive.domain.com;
server_tokens off;

location / {
	proxy_pass http://127.0.0.1:8000;
	proxy_read_timeout 310s;
	proxy_set_header Host $host;
	#proxy_set_header Forwarded for=$remote_addr; proto=$scheme;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header Connection "";
	proxy_http_version 1.1;

	client_max_body_size 0;
	access_log      /var/log/nginx/seahub.access.log seafileformat;
	error_log       /var/log/nginx/seahub.error.log;
}

location /seafhttp {
	rewrite ^/seafhttp(.*)$ $1 break;
	proxy_pass http://127.0.0.1:8082;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	client_max_body_size 0;
	proxy_connect_timeout  36000s;
	proxy_read_timeout  36000s;
	proxy_request_buffering off;
	access_log      /var/log/nginx/seafhttp.access.log seafileformat;
	error_log       /var/log/nginx/seafhttp.error.log;
}

location /seafdav {
	client_max_body_size 0;
	fastcgi_pass    127.0.0.1:8080;
	fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
	fastcgi_param   PATH_INFO           $fastcgi_script_name;

	fastcgi_param   SERVER_PROTOCOL     $server_protocol;
	fastcgi_param   QUERY_STRING        $query_string;
	fastcgi_param   REQUEST_METHOD      $request_method;
	fastcgi_param   CONTENT_TYPE        $content_type;
	fastcgi_param   CONTENT_LENGTH      $content_length;
	fastcgi_param   SERVER_ADDR         $server_addr;
	fastcgi_param   SERVER_PORT         $server_port;
	fastcgi_param   SERVER_NAME         $server_name;

	access_log      /var/log/nginx/seafdav.access.log seafileformat;
	error_log       /var/log/nginx/seafdav.error.log;
}

location /media {
    rewrite ^/seafmedia(.*)$ /media$1 break;
	root /opt/seafile/seafile-server-latest/seahub;
}

}
server{

listen 443 ssl;

listen [::]:443;

server_name drive.domain.com;

server_tokens off;

client_max_body_size 10m;

For letsencrypt

location /.well-known/acme-challenge/ {

alias /var/www/challenges/;

try_files $uri =404;

}

#}

when I try to access my site I get this:

image
image943×537 13.1 KB