Seafile v10.0.1 502 bad gateway with SSL

Seafile Server
,
1

Hello,
I’m trying to set up Seafile using docker on my Ubuntu Server v22.04 VPS. I followed the instructions here on the seafile website at /docker/deploy_seafile_with_docker/ and downloaded the docker-compose.yml file, and ran docker-compose up -d.

When I run docker-compose up -d with SEAFILE_SERVER_LETSENCRYPT=false, and the HTTP port set to a high port, Seafile works correctly. I’m able to login, and after logging in, going to system admin and changing SERVICE_URL and FILE_SERVER_ROOT to use my custom port, file uploads and downloads both work.

Initially I created a reverse proxy to this Seafile website with Nginx, outside of the docker container. However, the downloads were not offered over HTTPS, and since the Seafile website itself wasn’t HTTPS, I felt like there would be some security concerns, so I tried setting up HTTPS Seafile.

When SEAFILE_SERVER_LETSENCRYPT=true, SEAFILE_SERVER_HOSTNAME is set to my hostname, and I have a DNS record pointing to the Server, Seafile gives a 502 bad gateway error from Nginx. This is not accessing it through the proxy I made. However, the error is given over HTTPS.

When I check the Seafile logs, I get this error:

seafile  | [2023-10-06 12:24:43] Preparing for letsencrypt ...
seafile  | [2023-10-06 12:24:43] Starting letsencrypt verification
seafile  | Traceback (most recent call last):
seafile  |   File "/scripts/start.py", line 95, in <module>
seafile  |     main()
seafile  |   File "/scripts/start.py", line 51, in main
seafile  |     init_letsencrypt()
seafile  |   File "/scripts/bootstrap.py", line 84, in init_letsencrypt
seafile  |     call('/scripts/ssl.sh {0} {1}'.format(ssl_dir, domain))
seafile  |   File "/scripts/utils.py", line 70, in call
seafile  |     return subprocess.check_call(*a, **kw)
seafile  |   File "/usr/lib/python3.8/subprocess.py", line 364, in check_call
seafile  |     raise CalledProcessError(retcode, cmd)
seafile  | subprocess.CalledProcessError: Command '/scripts/ssl.sh /shared/ssl <seafile>.<example>.com' returned non-zero exit status 1.

The website at /docker/deploy_seafile_with_docker/ says that if I get the non-zero exit status 128, I should edit /scripts/ssl.sh in the docker container. However, my non-zero exit status is 1. I tried this anyway, but there are no instances of the phrase “git:” in /scripts/ssl.sh. Anyway, this error is apparently fixed in my version.

I’m not sure where to go from here. No one else online seems to have this problem. How do I fix this?

2

If you use nginx outside of docker container but on same machine and want to use LE cert you need an open 80 port for LE veryfication. And i guess you dont need to forward 80 port (80:80) into container. Also you need to set this to SEAFILE_SERVER_LETSENCRYPT=false.
I personally use Nginx with letsencrypt on another VM. So i just proxy pass to 80 port of my vm with seafile docker and on this VM i have 80:80.

3

For anyone who might be reading this in the future, the HTTPS implementation of Seafile doesn’t seem to work well in my experience. I went back to creating a HTTP Seafile instance, then using nginx to create a reverse proxy to it.

I mentioned in this post that the downloads weren’t offered over HTTPS. To fix this. log into the web UI, click the profile picture in the top right, then click settings at the left. Change SERVICE_URL to https://<your_domain>.com (and replace with your domain of course).

Also, change FILE_SERVER_ROOT to https://<your_domain>.com/seafhttp.

Then my browser complained that parts of the site were insecure, to fix this you simply have to upload a profile picture. After this, it worked fine.