Seafile 12: Problem starting containers

Seafile Server
1

Hi,
I’m trying to setup a seafile server in in a proxmox-machine. I did this with seafile 11 several months before.
This is my caddy-file:
caddy.yml:

COMPOSE_FILE='seafile-server.yml,caddy.yml'
COMPOSE_PATH_SEPARATOR=','


SEAFILE_IMAGE=seafileltd/seafile-mc:12.0-latest
SEAFILE_DB_IMAGE=mariadb:10.11
SEAFILE_MEMCACHED_IMAGE=memcached:1.6.29
SEAFILE_CADDY_IMAGE=lucaslorentz/caddy-docker-proxy:2.9

SEAFILE_VOLUME=/media/usbdrive/seafile_test/seafile-data
SEAFILE_MYSQL_VOLUME=/opt/seafile-mysql/db
SEAFILE_CADDY_VOLUME=/opt/seafile-caddy

SEAFILE_MYSQL_DB_HOST=db
INIT_SEAFILE_MYSQL_ROOT_PASSWORD=XXX
SEAFILE_MYSQL_DB_USER=seafile
SEAFILE_MYSQL_DB_PASSWORD=XXX

TIME_ZONE=Europe/Berlin

JWT_PRIVATE_KEY=XXX

SEAFILE_SERVER_HOSTNAME=XXX.net
SEAFILE_SERVER_PROTOCOL=https

INIT_SEAFILE_ADMIN_EMAIL=XXX@web.de
INIT_SEAFILE_ADMIN_PASSWORD=XXX


SEADOC_IMAGE=seafileltd/sdoc-server:1.0-latest
SEADOC_VOLUME=/opt/seadoc-data

ENABLE_SEADOC=false
SEADOC_SERVER_URL=https://xxx.net/sdoc-server


NOTIFICATION_SERVER_IMAGE=seafileltd/notification-server:12.0-latest
NOTIFICATION_SERVER_VOLUME=/opt/notification-data

Unfortunately, I can not upload the caddy-logfile, so I’m dropping a part of it here:

WRN WRN WRN WRN WRN WRN ts=1737823159.015182 logger=http.acme_client msg=HTTP request failed; retrying WRN WRN WRN WRN WRN WRN WRN WRN ts=1737823159.015182 WRN WRN WRN WRN WRN WRN WRN WRN ts=1737823159.015182 logger=http.acme_client WRN WRN WRN WRN WRN WRN WRN WRN ts=1737823159.015182 WRN WRN WRN WRN WRN WRN WRN WRN ts=1737823159.015182 logger=http.acme_client msg=HTTP request failed; retrying url=https://acme-v02.api.letsencrypt.org/directory error=performing request: Get "https://acme-v02.api.letsencrypt.org/directory": dial tcp 172.65.32.248:443: connect: network is unreachable

This seems to be the failure, but I can’t understand it:

Get "https://acme-v02.api.letsencrypt.org/directory": dial tcp 172.65.32.248:443: connect: network is unreachable

Thank you for your help :grinning:

2

It looks like it failed while trying to get (or renew) your certificate with letsencrypt (based on the name “acme-v02.api.letsencrypt.org”). It successfully did a DNS lookup to find that name points to the IP 172.65.32.248, but then when it tried to talk to the webserver at that IP, the connection failed with the message “network is unreachable”. This could mean a few things, like this might have been blocked by a firewall (on your server, or your router, or even your ISP), or you might not have the network configured correctly (for example, the default gateway address might be wrong).

I would try to test a connection to that address from your computer, from the server hosting the container, and from within the container to see where it works and where it doesn’t to get an idea of where the problem is coming from. So on your computer visit
https://acme-v02.api.letsencrypt.org/directory in the browser. Then SSH to the server and run “curl -v “https://acme-v02.api.letsencrypt.org/directory””. You might be able to run that from within the container too, but I don’t have a caddy container so I can’t confirm if it comes with curl. With that you should at least find out if it is the networking in the container, or the server, or some problem farther out on the network.

3

Thank you very much for your hint.
The container which is running docker is allowed to connect to the site https://acme-v02.api.letsencrypt.org/directory.
Unfortunately, the seafile-caddy container isn’t running, so I can not test it out.
Basically, i don’t think it’s a network problem because there is no firewall.

The first part of the logfile is this:

INF ts=1737882913.416565 msg=config is unchanged

INF ts=1737882913.4165716 logger=admin.api msg=load complete

INF ts=1737882913.4166899 logger=docker-proxy msg=Successfully configured server=localhost

INF ts=1737882934.2047958 logger=docker-proxy msg=New Caddyfile caddyfile=https://xxx.net {
	reverse_proxy 172.18.0.5:80

ping 172.18.0.5
´´´
 gives me 

PING 172.18.0.5 (172.18.0.5) 56(84) bytes of data.
From 62.155.242.2 icmp_seq=1 Destination Net Unreachable

I investigated this issue further.

curl https://acme-v02.api.letsencrypt.org/directory
is working on this machine.

4

After playing around I get this from the log of the seafile-caddy container:

INF ts=1737985200.5663588 logger=docker-proxy msg=Running caddy proxy server

INF ts=1737985200.5676525 logger=admin msg=admin endpoint started address=localhost:2019 enforce_origin=false origins=["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]

INF ts=1737985200.5678926 msg=autosaved config (load with --resume flag) file=/config/caddy/autosave.json

INF ts=1737985200.5679018 logger=docker-proxy msg=Running caddy proxy controller

INF ts=1737985200.5757825 logger=docker-proxy msg=Start CaddyfilePath= EnvFile= LabelPrefix=caddy PollingInterval=30 ProxyServiceTasks=true ProcessCaddyfile=true ScanStoppedContainers=false IngressNetworks=[seafile-net] DockerSockets=[""] DockerCertsPath=[""] DockerAPIsVersion=[""]

INF ts=1737985200.577011 logger=docker-proxy msg=Connecting to docker events DockerSocket=

INF ts=1737985200.5792189 logger=docker-proxy msg=IngressNetworksMap ingres=map[d84e5c06f4b0cd7174dab0dfa1d12d1875b38edce3a087c4d227f443ec32dbc6:true seafile-net:true]

INF ts=1737985200.6086283 logger=docker-proxy msg=Swarm is available new=false

INF ts=1737985200.614931 logger=docker-proxy msg=New Caddyfile caddyfile=# Empty caddyfile

WRN ts=1737985200.6188383 logger=docker-proxy msg=Caddyfile to json warning warn=[Caddyfile:1: Caddyfile input is not formatted; run 'caddy fmt --overwrite' to fix inconsistencies]

INF ts=1737985200.6188626 logger=docker-proxy msg=New Config JSON json={}

INF ts=1737985200.6188974 logger=docker-proxy msg=Sending configuration to server=localhost

INF ts=1737985200.6197598 logger=admin.api msg=received request method=POST host=localhost:2019 uri=/load remote_ip=127.0.0.1 remote_port=42570 headers={"Accept-Encoding":["gzip"],"Content-Length":["41"],"Content-Type":["application/json"],"User-Agent":["Go-http-client/1.1"]}

INF ts=1737985200.6198 msg=config is unchanged

INF ts=1737985200.6198075 logger=admin.api msg=load complete

INF ts=1737985200.61994 logger=docker-proxy msg=Successfully configured server=localhost

INF ts=1737985220.8674793 logger=docker-proxy msg=New Caddyfile caddyfile=http://xxx.net {
	reverse_proxy 172.18.0.5:80
}

INF ts=1737985220.86789 logger=docker-proxy msg=New Config JSON json={"apps":{"http":{"servers":{"srv0":{"listen":[":80"],"routes":[{"match":[{"host":["xxx.net"]}],"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"172.18.0.5:80"}]}]}]}],"terminal":true}]}}}}}

INF ts=1737985220.8679152 logger=docker-proxy msg=Sending configuration to server=localhost

INF ts=1737985220.8683324 logger=admin.api msg=received request method=POST host=localhost:2019 uri=/load remote_ip=127.0.0.1 remote_port=42570 headers={"Accept-Encoding":["gzip"],"Content-Length":["303"],"Content-Type":["application/json"],"User-Agent":["Go-http-client/1.1"]}

INF ts=1737985220.868914 logger=admin msg=admin endpoint started address=localhost:2019 enforce_origin=false origins=["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]

WRN ts=1737985220.8690743 logger=http.auto_https msg=server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server server_name=srv0 http_port=80

INF ts=1737985220.8693285 logger=http.log msg=server running name=srv0 protocols=["h1","h2","h3"]

INF ts=1737985220.8694649 msg=autosaved config (load with --resume flag) file=/config/caddy/autosave.json

INF ts=1737985220.8694751 logger=admin.api msg=load complete

INF ts=1737985220.8697443 logger=admin msg=stopped previous server address=localhost:2019

INF ts=1737985220.8697898 logger=tls.cache.maintenance msg=started background certificate maintenance cache=0xc0005fcc80

INF ts=1737985220.8707812 logger=docker-proxy msg=Successfully configured server=localhost

INF ts=1737985220.8760989 logger=tls msg=cleaning storage unit storage=FileStorage:/data/caddy

INF ts=1737985220.876505 logger=tls msg=finished cleaning storage units

Container is still unhealthy.

5

I started from scratch and now all containers are running