Seafile with a separated proxy

Hi! I’m trying to get my old trusty server decoupled from its nginx service, as I have a bunch of other subdomains being served, and the future plan is to keep in separated containers. I have a new nginx LXC container, and I installed nginx onto it. I copied the Seafile nginx config and SSL certs onto it, changing the proxy_pass addresses (where before it was now it’s, and so on) and the /media path accordingly, but I’m getting 502 errors when I try to go through the new nginx container.

This is the new configuration:

# Required for OnlyOffice DocumentServer
map $http_x_forwarded_proto $the_scheme {
    default $http_x_forwarded_proto;
    "" $scheme;

map $http_x_forwarded_host $the_host {
    default $http_x_forwarded_host;
    "" $host;

map $http_upgrade $proxy_connection {
    default upgrade;
    "" close;

server {
        listen       80;  
        rewrite ^ https://$http_host$request_uri? permanent;    # force redirect http to https
        server_tokens off;
server {
        listen 443;
        ssl on;
        # Let's Encrypt cert
        ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
        # path to your cacert.pem
        ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
        proxy_set_header X-Forwarded-For $remote_addr;
        add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
        server_tokens off;

        #let's encrypt
       location ^~ /.well-known/acme-challenge {
        default_type "text/plain";
root /etc/letsencrypt/live/;
        #TLS 1.3
        ssl_protocols TLSv1.2 TLSv1.3;

        location / {
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_read_timeout  1200s;
        client_max_body_size 0;

        access_log      /var/log/nginx/seahub.access.log;
        error_log       /var/log/nginx/seahub.error.log;
   location /seafhttp {
        rewrite ^/seafhttp(.*)$ $1 break;
        client_max_body_size 0;
        proxy_connect_timeout  36000s;
        proxy_read_timeout  36000s;
        proxy_send_timeout  36000s;
        proxy_request_buffering on; #doesn't work until nginx v1.7.11 currently v1.4

    location /media {
        root /media/Seafile/seafile-server-latest/seahub;
    location /onlyofficeds/ {

        # THIS ONE IS IMPORTANT ! - Trailing slash !
        proxy_http_version 1.1;
        client_max_body_size 100M; # Limit Document size to 100MB
       proxy_read_timeout 3600s;
        proxy_connect_timeout 3600s;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $proxy_connection;

        # THIS ONE IS IMPORTANT ! - Subfolder and NO trailing slash !
        proxy_set_header X-Forwarded-Host $the_host/onlyofficeds;

        proxy_set_header X-Forwarded-Proto $the_scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

However, as mentioned, this doesn’t bring joy. It gets me a 502 Bad Gateway. The only difference between this file and the original from the Seafile server residing on the is the change from to the Seafile IP. Oh, and the /media relative path, of course. But as you can see, this is not a /media issue, as I don’t even get there…I get a 502 before I get a chance.