Too many redirects with Seafile Pro in Docker behind NGINX

Seafile Server
, ,
1

Hi everybody,

I’m trying to setup Seafile Pro on my VPS.

Seafile is running inside of Docker, I’ve used the docker-compose file to start it.
Since my VPS is serving multiple things and not just Seafile I’m using NGINX as reverse Proxy. I’ve followed the Guide on how to setup Seafile with NGINX and also to use it with HTTPS, I’m using Certbot for the certificates and edited the NGINX conf file accordingly.

Now the problem is I cant access seahub on the browser, whenever I open the domain where Seafile is running on I a too many redirects error.

Bildschirmfoto 2021-07-03 um 13.20.28
Bildschirmfoto 2021-07-03 um 13.20.281792×2047 461 KB

I’m really wondering why that is the case since I followed the official Seafile guides as closely as possible.

Let me show you my configs now.

I’ve mapped the seafile docker container to port 3094 on my host machine.

Domain:
seafile[dot]wertgebung[dot]de

NGINX Config

server {
    listen 80;
    server_name seafile.wertgebung.de;
    rewrite ^ https://$http_host$request_uri? permanent;    # force redirect http to https

    proxy_set_header X-Forwarded-For $remote_addr;

    server_tokens off;
}

server {
    listen 443 ssl;
    # ssl on;
    ssl_certificate /etc/letsencrypt/live/seafile.wertgebung.de/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/seafile.wertgebung.de/privkey.pem; # managed by Certbot
    server_name seafile.wertgebung.de;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:5m;
    
    # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    
    # secure settings (A+ at SSL Labs ssltest at time of writing)
    # see https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx
    # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    # ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS';
    # ssl_prefer_server_ciphers on
    
    proxy_set_header X-Forwarded-For $remote_addr;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; 
    server_tokens off;

    location / {
            proxy_pass         http://127.0.0.1:3094;
            proxy_set_header   Host $host;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Host $server_name;
            proxy_set_header   X-Forwarded-Proto https;

            access_log      /var/log/nginx/seahub.access.log;
            error_log       /var/log/nginx/seahub.error.log;

            proxy_read_timeout  1200s;

            client_max_body_size 0;
        }
# If you are using [FastCGI](http://en.wikipedia.org/wiki/FastCGI),
# which is not recommended, you should use the following config for location `/`.
#
#    location / {
#         fastcgi_pass    127.0.0.1:8000;
#         fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
#         fastcgi_param   PATH_INFO           $fastcgi_script_name;
#
#         fastcgi_param  SERVER_PROTOCOL     $server_protocol;
#         fastcgi_param   QUERY_STRING        $query_string;
#         fastcgi_param   REQUEST_METHOD      $request_method;
#         fastcgi_param   CONTENT_TYPE        $content_type;
#         fastcgi_param   CONTENT_LENGTH      $content_length;
#         fastcgi_param  SERVER_ADDR         $server_addr;
#         fastcgi_param  SERVER_PORT         $server_port;
#         fastcgi_param  SERVER_NAME         $server_name;
#         fastcgi_param   REMOTE_ADDR         $remote_addr;
#        fastcgi_read_timeout 36000;
#
#         client_max_body_size 0;
#
#         access_log      /var/log/nginx/seahub.access.log;
#        error_log       /var/log/nginx/seahub.error.log;
#    }

        location /seafhttp {
            rewrite ^/seafhttp(.*)$ $1 break;
            proxy_pass http://127.0.0.1:8082;
            client_max_body_size 0;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout  36000s;
            proxy_read_timeout  36000s;
            proxy_send_timeout  36000s;
            send_timeout  36000s;
        }
        location /media {
            root /home/user/haiwen/seafile-server-latest/seahub;
        }
}

docker-compose.yml

version: '2.0'
services:
  db:
    image: mariadb:10.5
    container_name: seafile-mysql
    environment:
      - MYSQL_ROOT_PASSWORD=c9byJc7BY6jwzecRLMpu  # Requested, set the root's password of MySQL service.
      - MYSQL_LOG_CONSOLE=true
    volumes:
      - ./mysql/db:/var/lib/mysql  # Requested, specifies the path to MySQL data persistent store.
    networks:
      - seafile-net

  memcached:
    image: memcached:1.5.6
    container_name: seafile-memcached
    entrypoint: memcached -m 256
    networks:
      - seafile-net

  elasticsearch:
    image: seafileltd/elasticsearch-with-ik:5.6.16
    container_name: seafile-elasticsearch
    environment:
      - discovery.type=single-node
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms1g -Xmx1g"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    mem_limit: 2g
    volumes:
      - ./elasticsearch/data:/usr/share/elasticsearch/data  # Requested, specifies the path to Elasticsearch data persistent store.
    networks:
      - seafile-net
          
  seafile:
    image: docker.seadrive.org/seafileltd/seafile-pro-mc:latest
    container_name: seafile
    ports:
      - "3094:80"
#     - "443:443"  # If https is enabled, cancel the comment.
    volumes:
      - ./data:/shared   # Requested, specifies the path to Seafile data persistent store.
    environment:
      - DB_HOST=db
      - DB_ROOT_PASSWD=c9byJc7BY6jwzecRLMpu  # Requested, the value shuold be root's password of MySQL service.
#      - TIME_ZONE=Asia/Shanghai # Optional, default is UTC. Should be uncomment and set to your local time zone.
      - SEAFILE_ADMIN_EMAIL=hoerl@wertgebung.de # Specifies Seafile admin user, default is 'me@example.com'
      - SEAFILE_ADMIN_PASSWORD=asecret     # Specifies Seafile admin password, default is 'asecret'
      - SEAFILE_SERVER_LETSENCRYPT=false   # Whether to use https or not
      - SEAFILE_SERVER_HOSTNAME=seafile.wertgebung.de # Specifies your host name if https is enabled
    depends_on:
      - db
      - memcached
      - elasticsearch
    networks:
      - seafile-net

networks:
  seafile-net:

ccnet.conf

[General]
SERVICE_URL = https://seafile.wertgebung.de/

[Database]
ENGINE = mysql
HOST = db
PORT = 3306
USER = seafile
PASSWD = *****************
DB = ccnet_db
CONNECTION_CHARSET = utf8

[Client]
UNIX_SOCKET = /opt/seafile/ccnet.sock

seafile.conf

[fileserver]
host = 127.0.0.1
port = 8082

[database]
type = mysql
host = db
port = 3306
user = seafile
password = 08ee51f3-4ff0-4d6e-8681-a72785c52b5d
db_name = seafile_db
connection_charset = utf8

I hope someone can help me because I’m really stuck getting Seafile to run.