Hi,
I recently installed Seafile on Debian 12 following the docs (no docker) and it looks correct. I can log in and browse, etc.
Then I followed the docs to set up a reverse proxy in nginx. The only variance is that I used an existing host with nginx rather than the seafile host. When I visit https//files.mydomain.com/ the login screen has no structure:
The other problem is that when I log in I get the error
Forbidden (403)
CSRF verification failed. Request aborted.
I have searched and read a few posts about this error but still haven’t found a solution for this problem.
nginx config file looks like this:
log_format seafileformat '$http_x_forwarded_for $remote_addr [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $upstream_response_time';
server {
listen 443 ssl;
ssl_certificate /etc/ssl/server_chain.pem;
ssl_certificate_key /etc/ssl/private/server.key;
server_name files.mydomain.com;
server_tokens off;
location / {
proxy_pass http://10.5.21.101:8000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_read_timeout 1200s;
proxy_set_header X-Forwarded-Proto https;
# used for view/edit office file via Office Online Server
client_max_body_size 1G;
access_log /var/log/nginx/seahub.access.log seafileformat;
error_log /var/log/nginx/seahub.error.log;
}
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://10.5.21.101:8082;
client_max_body_size 1G;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
proxy_request_buffering off;
send_timeout 36000s;
access_log /var/log/nginx/seafhttp.access.log seafileformat;
error_log /var/log/nginx/seafhttp.error.log;
}
location /media {
root /opt/seafile/seafile-server-latest/seahub;
}
}
server {
listen 80;
server_name files.mydomain.com;
return 301 https://files.mydomain.com$request_uri;
server_tokens off; # Prevents the Nginx version from being displayed in the HTTP response header
}
seahub_settings.py like this:
# -*- coding: utf-8 -*-
SECRET_KEY = "secret"
SERVICE_URL = "https://files.mydomain.com"
FILE_SERVER_ROOT = 'https://files.mydomain.com/seafhttp'
CSRF_TRUSTED_ORIGINS = 'https://files.mydomain.com'
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'seahub_db',
'USER': 'seafile',
'PASSWORD': 'also.secret',
'HOST': '127.0.0.1',
'PORT': '3306',
'OPTIONS': {'charset': 'utf8mb4'},
}
}
What did I do wrong?