Does anyone have Seafile working with the Traefik reverse proxy? A bit of searching doesn’t turn anything up. If so, I’d really appreciate seeing a sample of how to get the /seafhttp directory proxied properly.
I figured it out. The
PathPrefixStrip rule is pretty nifty. For anyone else interested in using Traefik, this is how I configured the Traefik labels on the Seafile docker container:
labels: - traefik.docker.network=traefik - traefik.enable=true - traefik.seafgui.frontend.rule=Host:example.com - traefik.seafgui.port=8000 - traefik.seafdav.frontend.rule=Host:example.com;PathPrefixStrip:/seafdav - traefik.seafdav.port=8080 - traefik.seafhttp.frontend.rule=Host:example.com;PathPrefixStrip:/seafhttp - traefik.seafhttp.port=8082
If you’re using the official container, nginx is included an so you only have to proxy nginx, not all directories.
Please submit your findings to the manual.
Submitted in https://github.com/haiwen/seafile-docs/pull/480
The meat of it is:
Here we deploy Seahub and FileServer with the Traefik reverse proxy. We assume you are running Seahub using domain
Configuring Traefik with a Configuration File
Traefik can be configured in the main
traefik.toml file, and / or in files specified therein. Here is an example of configuring Traefik’s configuration file for a locally installed instance of Seafile:
[backends] [backends.seafapp] [backends.seafapp.servers.primary] url = "http://127.0.0.1:8000" weight = 1 [backends.seafdav] [backends.seafdav.servers.primary] url = "http://127.0.0.1:8080" weight = 1 [backends.seafile] [backends.seafhttp.servers.primary] url = "http://127.0.0.1:8082" weight = 1 [frontends] [frontends.seafapp] backend = "seafapp" [frontends.seafapp.routes] [frontends.seafapp.routes.primary] rule = "Host:seafile.example.com" [frontends.seafdav] backend = "seafdav" [frontends.seafdav.routes] [frontends.seafdav.routes.primary] rule = "Host:seafile.example.com;PathPrefixStrip:/seafdav" [frontends.seafhttp] backend = "seafhttp" [frontends.seafhttp.routes] [frontends.seafhttp.routes.primary] rule = "Host:seafile.example.com;PathPrefixStrip:/seafhttp"
Note that this is valid for a locally installed instance of Traefik, or a Traefik container running with NET=HOST. If Traefik is running in a container without these privelages,
host.docker.internal or an address bound to the host’s loopback interface should be substituted for
Proxying the Official Docker Image
The official Docker image for Seafile has a built-in Nginx server that proxies the
/seafdav paths to their respective ports. Thus the official Docker image can be proxied simply by making Traefik aware through labels:
services: seafile: labels: - traefik.docker.network=traefik - traefik.enable=true - traefik.frontend.rule=Host:seafile.example.com - traefik.port=80 networks: - traefik
Proxying Unofficial Docker Images
In Docker images that do not include their own proxy, Traefik can handle proxying the
/seafdav paths to the right ports through segment labels:
services: seafile: labels: - traefik.docker.network=traefik - traefik.enable=true - traefik.seafapp.backend=Seafile Web App - traefik.seafapp.frontend.rule=Host:seafile.example.com - traefik.seafdav.port=8000 - traefik.seafdav.backend=Seafile WebDAV Server - traefik.seafdav.frontend.rule=Host:seafile.example.com;PathPrefixStrip:/seafdav - traefik.seafdav.port=8080 - traefik.seafhttp.backend=Seafile File Server - traefik.seafhttp.frontend.rule=Host:seafile.example.com;PathPrefixStrip:/seafhttp - traefik.seafhttp.port=8082 networks: - traefik
thanks for the docs. Unfortunately I am just starting out with Docker. Could you please provide a more complete example including a docker-compse.yml as well?
My reason to look for running seafile with docker and traefik is that I want to run two instances of seafile on one host, next to other microservices. All should be accessible on Port 443, have a let’s encrypt SSL cert and routing should take place based on host-names
That would be great! I cannot (yet) get my head around all this…
For anyone interested, I outlined a full config at
Have you tested the proxying settings you mentioned for the official docker image?
I am facing the problem that uploads fail when using traefik as a reverse proxy in front of seafiles nginx. Unfortunately I can’t seem to find any useful logs for this problem. If I strap away the reverse proxy and use seafile directly it works flawlessly. Any ideas?
OK, I figured it out. Was missing the s in https in the FILE_SERVER_ROOT option.
Isn’t so that for Container you just have to proxy port 443 (optionally 8080) and make a redirection from port 80?
For anyone using Traefik v2, here are the labels I needed to use on my Seafile container:
- traefik.http.routers.seafile.rule=Host(`seafile.example.com`) - traefik.http.services.seafile.loadbalancer.server.port=8000 - traefik.http.routers.seafile.service=seafile # on upload/download, a request to https://seafile.example.com/seafhttp/files/xxx/xxx.xx is attempted # this needs to turn in to http://<container-ip>:8082:/files/xxx/xxx/xx - traefik.http.routers.seafhttp.rule=Host(`seafile.example.com`) && PathPrefix(`/seafhttp`) - traefik.http.services.seafhttp.loadbalancer.server.port=8082 - traefik.http.routers.seafhttp.service=seafhttp - traefik.http.middlewares.sf-replacepath.replacepathregex.regex=^/seafhttp/(.*) - traefik.http.middlewares.sf-replacepath.replacepathregex.replacement=/$$1 - traefik.http.routers.seafhttp.middlewares=sf-replacepath