Hi everybody,
I’m trying to setup Seafile Pro on my VPS.
Seafile is running inside of Docker, I’ve used the docker-compose file to start it.
Since my VPS is serving multiple things and not just Seafile I’m using NGINX as reverse Proxy. I’ve followed the Guide on how to setup Seafile with NGINX and also to use it with HTTPS, I’m using Certbot for the certificates and edited the NGINX conf file accordingly.
Now the problem is I cant access seahub on the browser, whenever I open the domain where Seafile is running on I a too many redirects error.
I’m really wondering why that is the case since I followed the official Seafile guides as closely as possible.
Let me show you my configs now.
I’ve mapped the seafile docker container to port 3094 on my host machine.
Domain:
seafile[dot]wertgebung[dot]de
NGINX Config
server {
listen 80;
server_name seafile.wertgebung.de;
rewrite ^ https://$http_host$request_uri? permanent; # force redirect http to https
proxy_set_header X-Forwarded-For $remote_addr;
server_tokens off;
}
server {
listen 443 ssl;
# ssl on;
ssl_certificate /etc/letsencrypt/live/seafile.wertgebung.de/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/seafile.wertgebung.de/privkey.pem; # managed by Certbot
server_name seafile.wertgebung.de;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:5m;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# secure settings (A+ at SSL Labs ssltest at time of writing)
# see https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS';
# ssl_prefer_server_ciphers on
proxy_set_header X-Forwarded-For $remote_addr;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
server_tokens off;
location / {
proxy_pass http://127.0.0.1:3094;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto https;
access_log /var/log/nginx/seahub.access.log;
error_log /var/log/nginx/seahub.error.log;
proxy_read_timeout 1200s;
client_max_body_size 0;
}
# If you are using [FastCGI](http://en.wikipedia.org/wiki/FastCGI),
# which is not recommended, you should use the following config for location `/`.
#
# location / {
# fastcgi_pass 127.0.0.1:8000;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param PATH_INFO $fastcgi_script_name;
#
# fastcgi_param SERVER_PROTOCOL $server_protocol;
# fastcgi_param QUERY_STRING $query_string;
# fastcgi_param REQUEST_METHOD $request_method;
# fastcgi_param CONTENT_TYPE $content_type;
# fastcgi_param CONTENT_LENGTH $content_length;
# fastcgi_param SERVER_ADDR $server_addr;
# fastcgi_param SERVER_PORT $server_port;
# fastcgi_param SERVER_NAME $server_name;
# fastcgi_param REMOTE_ADDR $remote_addr;
# fastcgi_read_timeout 36000;
#
# client_max_body_size 0;
#
# access_log /var/log/nginx/seahub.access.log;
# error_log /var/log/nginx/seahub.error.log;
# }
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://127.0.0.1:8082;
client_max_body_size 0;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
send_timeout 36000s;
}
location /media {
root /home/user/haiwen/seafile-server-latest/seahub;
}
}
docker-compose.yml
version: '2.0'
services:
db:
image: mariadb:10.5
container_name: seafile-mysql
environment:
- MYSQL_ROOT_PASSWORD=c9byJc7BY6jwzecRLMpu # Requested, set the root's password of MySQL service.
- MYSQL_LOG_CONSOLE=true
volumes:
- ./mysql/db:/var/lib/mysql # Requested, specifies the path to MySQL data persistent store.
networks:
- seafile-net
memcached:
image: memcached:1.5.6
container_name: seafile-memcached
entrypoint: memcached -m 256
networks:
- seafile-net
elasticsearch:
image: seafileltd/elasticsearch-with-ik:5.6.16
container_name: seafile-elasticsearch
environment:
- discovery.type=single-node
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms1g -Xmx1g"
ulimits:
memlock:
soft: -1
hard: -1
mem_limit: 2g
volumes:
- ./elasticsearch/data:/usr/share/elasticsearch/data # Requested, specifies the path to Elasticsearch data persistent store.
networks:
- seafile-net
seafile:
image: docker.seadrive.org/seafileltd/seafile-pro-mc:latest
container_name: seafile
ports:
- "3094:80"
# - "443:443" # If https is enabled, cancel the comment.
volumes:
- ./data:/shared # Requested, specifies the path to Seafile data persistent store.
environment:
- DB_HOST=db
- DB_ROOT_PASSWD=c9byJc7BY6jwzecRLMpu # Requested, the value shuold be root's password of MySQL service.
# - TIME_ZONE=Asia/Shanghai # Optional, default is UTC. Should be uncomment and set to your local time zone.
- SEAFILE_ADMIN_EMAIL=hoerl@wertgebung.de # Specifies Seafile admin user, default is 'me@example.com'
- SEAFILE_ADMIN_PASSWORD=asecret # Specifies Seafile admin password, default is 'asecret'
- SEAFILE_SERVER_LETSENCRYPT=false # Whether to use https or not
- SEAFILE_SERVER_HOSTNAME=seafile.wertgebung.de # Specifies your host name if https is enabled
depends_on:
- db
- memcached
- elasticsearch
networks:
- seafile-net
networks:
seafile-net:
ccnet.conf
[General]
SERVICE_URL = https://seafile.wertgebung.de/
[Database]
ENGINE = mysql
HOST = db
PORT = 3306
USER = seafile
PASSWD = *****************
DB = ccnet_db
CONNECTION_CHARSET = utf8
[Client]
UNIX_SOCKET = /opt/seafile/ccnet.sock
seafile.conf
[fileserver]
host = 127.0.0.1
port = 8082
[database]
type = mysql
host = db
port = 3306
user = seafile
password = 08ee51f3-4ff0-4d6e-8681-a72785c52b5d
db_name = seafile_db
connection_charset = utf8
I hope someone can help me because I’m really stuck getting Seafile to run.