SOLVED - Seafile Docker behind Nginx proxy - WEBDAV

GITchristoph · August 28, 2018, 7:16am

Hi

I got Seafile running in Docker and would like to activate Webdav.

I have other docker images running on the same server, so I am using them behind an Nginx proxy (natively installed on the Ubuntu 16.04 machine). I am trying to sort the docker installation via ports.

The “normal” Seafile installation works nice. This helped me setting it up:

The Nginx config is:

server {
listen 443 ssl http2;
listen [::]:443 http2 ssl;
server_name seafile.example.com;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /etc/letsencrypt/live/seafile.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/seafile.example.com/privkey.pem;

proxy_set_header X-Real-IP $remote_addr;

location / {
proxy_pass http://localhost:3100;
proxy_read_timeout 310s;
proxy_set_header Host $host;
proxy_set_header Forwarded “for=$remote_addr;proto=$scheme”;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection “”;
proxy_http_version 1.1;
}
}

Now I activated Webdav in seafdav.conf

[WEBDAV]
enabled = true
port = 8080
fastcgi = true
share_name = /webdav

In my Seafile docker start script, I exposed port 3180:8080.

Now I am not sure how to configure my Nginx-Proxy.

I tried two options: a proxy pass and the same fastcgi script as written in the seafile manual.
Both don’t work for on my server. 502: Bad Gateway error.

Would anyone have an idea what I am doing wrong? I know it’s not a real Seafile issue, more an Nginx issue. But any help would be appreciated. I will keep looking as well.

location /webdav {
proxy_pass http://localhost:3180;
proxy_read_timeout 310s;
proxy_set_header Host $host;
proxy_set_header Forwarded “for=$remote_addr;proto=$scheme”;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection “”;
proxy_http_version 1.1;
}

and I tried the same as in the Seafile manual:

location /webdav {
fastcgi_pass 127.0.0.1:3180;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;

    fastcgi_param   SERVER_PROTOCOL     $server_protocol;
    fastcgi_param   QUERY_STRING        $query_string;
    fastcgi_param   REQUEST_METHOD      $request_method;
    fastcgi_param   CONTENT_TYPE        $content_type;
    fastcgi_param   CONTENT_LENGTH      $content_length;
    fastcgi_param   SERVER_ADDR         $server_addr;
    fastcgi_param   SERVER_PORT         $server_port;
    fastcgi_param   SERVER_NAME         $server_name;
    fastcgi_param   HTTPS               on;
    fastcgi_param   HTTP_SCHEME         https;

    client_max_body_size 0;
    proxy_connect_timeout  36000s;
    proxy_read_timeout  36000s;
    proxy_send_timeout  36000s;
    send_timeout  36000s;

    # This option is only available for Nginx >= 1.8.0. See more details below.
    proxy_request_buffering off;

    access_log      /var/log/nginx/seafdav.access.log;
    error_log       /var/log/nginx/seafdav.error.log;
}

GITchristoph · August 28, 2018, 8:27am

I found several items but did not get it solved yet.

1. Issue
If I change in the seafdav.conf the setting from /seafdav to /webdav, then this does not get changed in the docker nginx config. So I don’t think that I can do this change.
Maybe in the future this could be implemented with an environment variable?

So I changed it all back to /seafdav and kept testing.

2. Issue
It does not seem to be a problem with nginx but with the Seafile.
Seafile gets started like this:

docker run -d --name seafile
-e SEAFILE_SERVER_HOSTNAME=seafile.example.com
-e SEAFILE_ADMIN_EMAIL=admin@example.com
-e SEAFILE_ADMIN_PASSWORD=********
-v /opt/docker/seafile:/shared
-p 127.0.0.1:3100:80
-p 127.0.0.1:3180:8080
seafileltd/seafile:latest

If I open 127.0.0.1:3100 in my browser, then Seafile opens just normal.
But if I open 127.0.0.1:3180, then I get an error message:

The connection was reset
The connection to the server was reset while the page was loading.

So the problem is still within Seafile. But now I stop understanding, where the problem is.
I deleted the docker container a couple of times and redid it already.

I will keep investigating…

Anyone any idea?

Chris

GITchristoph · August 28, 2018, 8:49am

Ok, We are back to the initial Nginx question

127.0.0.1:3100/seafdav opens the webdav login. So Seafile works!

I just need to figure out, how to forward to seafdav in the proxy.

GITchristoph · August 28, 2018, 9:00am

And this brought me the solution:

An extra proxy setting in the nginx config for to the access to seafdav is not required.
Just put https://seafile.example.com/seafdav and that’s it.

In order for this whole thread to give some result at least in the end:

Since I prefer the /webdav instead the /seafdav, this can be changed in the nginx config file like this:

location /webdav {
proxy_pass http://localhost:3100/seafdav;
proxy_read_timeout 310s;
proxy_set_header Host $host;
proxy_set_header Forwarded “for=$remote_addr;proto=$scheme”;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection “”;
proxy_http_version 1.1;
}

The port 8080 does not need to be forwarded to 3180 neither when the docker image is started up.

I hope it will help someone else as well some day.

I had to get my head around this

Greeting, Chris

jobenvil · August 28, 2018, 7:42pm

What does this exaclty means? You have already created an extra proxy location in nginx for seafdav/webdav.

fastcgi = false must be adapted on seafdav.conf in order to work

GITchristoph · August 28, 2018, 9:24pm

It means that with this nginx config before the docker container you can access https://seafile.example.com/seafdav in the cocker container.

No location for /seafdav is required.

I hope that makes more sense now.

server {
listen 443 ssl http2;
listen [::]:443 http2 ssl;
server_name seafile.example.com;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /etc/letsencrypt/live/seafile.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/seafile.example.com/privkey.pem;

proxy_set_header X-Real-IP $remote_addr;

location / {
proxy_pass http://localhost:3100;
proxy_read_timeout 310s;
proxy_set_header Host $host;
proxy_set_header Forwarded “for=$remote_addr;proto=$scheme”;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection “”;
proxy_http_version 1.1;
client_max_body_size 0;
proxy_request_buffering off;
}

GITchristoph · August 29, 2018, 8:34am

In the seafile docker image the seafdav setting in the nginx config is still done with FastCGI.
That’s why FastCGI still needs to be set to 'true" in my opinion or the nginx configuration inside the docker image needs to be adjusted after every update.

zymin · December 28, 2018, 3:26am

where is the niginx config file in docker?

cr1st1p · November 2, 2019, 8:20am

I know this is marked solved, but in case others are interested - I just created a pull request that would fix many things, including webdav activation. Until it gets merged, you can get inspiration from its diff.
github haiwen/seafile-docker/pull/187