Https not working: Docker installation as non root with non default ports on non default path with nginx proxy manager

On my server I installed via docker paperless-ngx, nginx proxy manager, watchtower (to update everything automatically) and try to install seafile. Everything was installed as non root. Because paperless-ngx and nginx proxy manager are using the ports of seafile, I had to make port-changes. I put all seafile files into /seafile. As non-root it also would not be possible to save to /opt.

mkdir ~/seafile && cat <<EOF > ~/seafile/docker-compose.yml
services:
  seafile-db:
    image: mariadb:10.11
    container_name: seafile-mysql
    environment:
      - MYSQL_ROOT_PASSWORD=password  # Required, set the root's password of MySQL service.
      - MYSQL_LOG_CONSOLE=true
      - MARIADB_AUTO_UPGRADE=1
    volumes:
      - ./seafile-mysql/seafile-db:/var/lib/mysql  # Required, specifies the path to MySQL data persistent store.
    networks:
      - seafile-net

  memcached:
    image: memcached:1.6.18
    container_name: seafile-memcached
    entrypoint: memcached -m 256
    networks:
      - seafile-net
          
  seafile:
    image: seafileltd/seafile-mc:11.0-latest
    container_name: seafile
    ports:
      - '8280:80'
#      - '8443:443'  # If https is enabled, cancel the comment.
    volumes:
      - ./seafile-data:/shared   # Required, specifies the path to Seafile data persistent store.
    environment:
      - DB_HOST=seafile-db
      - DB_ROOT_PASSWD=password  # Required, the value should be root's password of MySQL service.
      - TIME_ZONE=Europe/Zurich  # Optional, default is UTC. Should be uncomment and set to your local time zone.
      - SEAFILE_ADMIN_EMAIL=test@gmail.com # Specifies Seafile admin user, default is 'me@example.com'.
      - SEAFILE_ADMIN_PASSWORD=secret     # Specifies Seafile admin password, default is 'asecret'.
      - SEAFILE_SERVER_LETSENCRYPT=false   # Whether to use https or not.
      - SEAFILE_SERVER_HOSTNAME=seafile.xxx.de # Specifies your host name if https is enabled.
#      - FORCE_HTTPS_IN_CONF=true
#      - NON_ROOT=true
    depends_on:
      - seafile-db #neu
      - memcached
    networks:
      - seafile-net

networks:
  seafile-net:
EOF

docker-compose -f ~/seafile/docker-compose.yml up -d
sudo chmod -R a+rwx seafile/seafile-data/seafile/
docker-compose -f ~/seafile/docker-compose.yml down
docker-compose -f ~/seafile/docker-compose.yml up -d

nginx proxy manager is
Forward Hostname / IP*
IP: xxx.xxx.xx.xxx

Forward Port *
8280

  • Block Common Exploits and Websockets Support are activated
  • ssl Certificate for my site is ok
  • Force SSL and HTTP/2 Support are activated
    I have the certificates - there are green

I login and make a https://

  • SERVICE_URL
  • FILE_SERVER_ROOT

I can login via http:// xxx.xxx.xx.xxx:8280 (space after // for the posting, not in real)

I can not login via https nor upload files.

Where is the problem?

I think you better use rootless docker or rootless podman. Then inside the container namespace you are root but it is actually running as non-root.

Anyway, I don’t have a direct answer to your question.