Fresh installation on Debian 11 + Docker >> Error from setup-seafile-mysql.py (see latest post)

Hi, this is my first seafile installation. I setup a fresh debian 11 server and modified the docker-compose.yaml as you can see here:

version: ‘2.0’
services:
db:
image: mariadb:10.5
container_name: seafile-mysql
environment:
- MYSQL_ROOT_PASSWORD=ireplaced.this # Requested, set the root’s password of MySQL service.
- MYSQL_LOG_CONSOLE=true
volumes:
- /opt/seafile-mysql/db:/var/lib/mysql # Requested, specifies the path to MySQL data persistent store.
networks:
- seafile-net

memcached:
image: memcached:1.5.6
container_name: seafile-memcached
entrypoint: memcached -m 256
networks:
- seafile-net

seafile:
image: seafileltd/seafile-mc:latest
container_name: seafile
ports:
- “80:80”
- “443:443” # If https is enabled, cancel the comment.
volumes:
- /opt/seafile-data:/shared # Requested, specifies the path to Seafile data persistent store.
environment:
- DB_HOST=localhost
- DB_ROOT_PASSWD=ireplaced.this # Requested, the value shuold be root’s password of MySQL service.
- TIME_ZONE=UTC # Optional, default is UTC. Should be uncomment and set to your local time zone.
- SEAFILE_ADMIN_EMAIL=mailireplaced.this # Specifies Seafile admin user, default is ‘me@example.com’.
- SEAFILE_ADMIN_PASSWORD=ireplaced.this # Specifies Seafile admin password, default is ‘asecret’.
- SEAFILE_SERVER_LETSENCRYPT=true # Whether to use https or not.
- SEAFILE_SERVER_HOSTNAME=URLireplacedthis # Specifies your host name if https is enabled.
depends_on:
- db
- memcached
networks:
- seafile-net

networks:
seafile-net:

Ports 80,443, 8000 and 8082 are forwarded.

The Error logs from the seafile docker show this:

*** Running /etc/my_init.d/01_create_data_links.sh…
*** Booting runit daemon…
*** Runit started as PID 17
*** Running /scripts/enterpoint.sh…
2021-08-17 09:45:58 Nginx ready
2021-08-17 09:45:58 This is a idle script (infinite loop) to keep container running.
Cloning into ‘/shared/ssl/letsencrypt’…
Generating RSA private key, 4096 bit long modulus (2 primes)
…++++
…++++
e is 65537 (0x010001)
Generating RSA private key, 4096 bit long modulus (2 primes)
…++++
…++++
e is 65537 (0x010001)
Parsing account key…
Parsing CSR…
Found domains: seafile.ireplaced.this
Getting directory…
Directory found!
Registering account…
Registered!
Creating new order…
Order created!
Verifying seafile.ireplaced.this…
Traceback (most recent call last):
File “/shared/ssl/letsencrypt/acme_tiny.py”, line 141, in get_crt
assert (disable_check or _do_request(wellknown_url)[0] == keyauthorization)
File “/shared/ssl/letsencrypt/acme_tiny.py”, line 46, in _do_request
raise ValueError(“{0}:\nUrl: {1}\nData: {2}\nResponse Code: {3}\nResponse: {4}”.format(err_msg, url, data, code, resp_data))
ValueError: Error:
Url: THISWASHTTP://seafile.ireplaced.this/.well-known/acme-challenge/yu4c2pogU3Z88KT4h762g7RMBvRzEziK0PIUA3gUoxY
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/shared/ssl/letsencrypt/acme_tiny.py”, line 199, in
main(sys.argv[1:])
File “/shared/ssl/letsencrypt/acme_tiny.py”, line 195, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact, check_port=args.check_port)
File “/shared/ssl/letsencrypt/acme_tiny.py”, line 143, in get_crt
raise ValueError(“Wrote file to {0}, but couldn’t download {1}: {2}”.format(wellknown_path, wellknown_url, e))
ValueError: Wrote file to /var/www/challenges/yu4c2pogU3Z88KT4h762g7RMBvRzEziK0PIUA3gUoxY, but couldn’t download THISWASHTTP://seafile.ireplaced.this/.well-known/acme-challenge/yu4c2pogU3Z88KT4h762g7RMBvRzEziK0PIUA3gUoxY: Error:
Url: THISWASHTTP://seafile.ireplaced.this/.well-known/acme-challenge/yu4c2pogU3Z88KT4h762g7RMBvRzEziK0PIUA3gUoxY
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)>
[2021-08-17 09:45:59] Preparing for letsencrypt …
[2021-08-17 09:45:59] Starting letsencrypt verification
Traceback (most recent call last):
File “/scripts/start.py”, line 86, in
main()
File “/scripts/start.py”, line 51, in main
init_letsencrypt()
File “/scripts/bootstrap.py”, line 71, in init_letsencrypt
call(‘/scripts/ssl.sh {0} {1}’.format(ssl_dir, domain))
File “/scripts/utils.py”, line 70, in call
return subprocess.check_call(*a, **kw)
File “/usr/lib/python3.8/subprocess.py”, line 364, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘/scripts/ssl.sh /shared/ssl seafile.ireplaced.this’ returned non-zero exit status 1.

What am I doing wrong? Not a good start though :frowning:

I found a problem with the firewall. The DNS Rebind Protection caused this error. Now the script runs through.

Now I just get a “502 - Bad Gateway” on HTTP and HTTPS. So the next problem arrived :see_no_evil:

I have no clue what’s the problem.

*** Running /etc/my_init.d/01_create_data_links.sh…
*** Booting runit daemon…
*** Runit started as PID 17
*** Running /scripts/enterpoint.sh…
2021-08-17 11:49:03 Waiting Nginx
nginx: [warn] the “ssl” directive is deprecated, use the “listen … ssl” directive instead in /etc/nginx/sites-enabled/seafile.nginx.conf:20
2021-08-17 11:49:03 Nginx ready
2021-08-17 11:49:03 This is a idle script (infinite loop) to keep container running.
Certificate will not expire
Found existing the script for renew the cert.
Skip create the crontab for letscncrypt since maybe we have created before.
nginx: [warn] the “ssl” directive is deprecated, use the “listen … ssl” directive instead in /etc/nginx/sites-enabled/seafile.nginx.conf:20
Checking python on this machine …
/opt/seafile/seafile-data already exists
[2021-08-17 11:49:03] Preparing for letsencrypt …
[2021-08-17 11:49:03] Found existing cert file /shared/ssl/seafile.IREPLACED.THIS.crt
[2021-08-17 11:49:03] Skip letsencrypt verification since we have a valid certificate
[2021-08-17 11:49:03] Now running setup-seafile-mysql.py in auto mode.
Traceback (most recent call last):
File “/scripts/start.py”, line 86, in
main()
File “/scripts/start.py”, line 56, in main
init_seafile_server()
File “/scripts/bootstrap.py”, line 145, in init_seafile_server
call(‘{} auto -n seafile’.format(setup_script), env=env)
File “/scripts/utils.py”, line 70, in call
return subprocess.check_call(*a, **kw)
File “/usr/lib/python3.8/subprocess.py”, line 364, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘/opt/seafile/seafile-server-8.0.7/setup-seafile-mysql.sh auto -n seafile’ returned non-zero exit status 255.

Debian 11 is not yet officially supported. (As far as I know, the Seafile Admin Manual at https://manual.seafile.com makes not mention of Debian 11.)

Debian 11 support will be added in Seafile 9.0: https://cloud.seatable.io/dtable/external-links/a85d4221e41344c19566/?tid=hsCb&vid=0000&row-id=P79r2vRHSkCih2_Q4Y0CSA

This does not mean that Seafile 8.0 cannot be run on Debian 11, but you are probably among the first to attempt it.

1 Like

Even in a docker container? I switched to a direct installation (not docker) on Rocky Linux (centOS8) now. I thought in docker the host doesn’t really matter.

You’re right, it doesn’t matter. You probably fucked up by recreating containers but didn’t deleted all of the created volumes.