1. The problem I’m having:
I’m trying to move from nginx installed directly on the server to caddy within docker. I have succeeded with most of my reverse proxies, but I fail to redirect my documents from seafile to onlyoffice so that I can edit them within the browser.
THANKS FOR YOUR HELP!
2. Error messages and/or full log output:
I noticed that on schernthaner.local:88/welcome onlyoffice replies, but not using the reverse proxy as shown below. How can I fix the 308 error?
curl -v schernthaner.local/onlyofficeds/welcome
* Trying 127.0.1.1:80...
* Connected to schernthaner.local (127.0.1.1) port 80 (#0)
> GET /onlyofficeds/welcome HTTP/1.1
> Host: schernthaner.local
> User-Agent: curl/7.81.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://schernthaner.local/onlyofficeds/welcome
< Server: Caddy
< Date: Mon, 25 Mar 2024 20:06:34 GMT
< Content-Length: 0
<
* Closing connection 0
3. Caddy version:
2.7.6
4. How I installed and ran Caddy:
with docker-compose (see below)
a. System environment:
Docker on Ubuntu Server 22.04
c. Service/unit/compose file:
version: "3.7"
services:
caddy:
image: caddy:alpine
network_mode: host
restart: unless-stopped
cap_add:
- NET_ADMIN
environment:
- EMAIL=admin@schernthaner.eu
volumes:
- /Speicher/Docker/Caddy/Caddyfile:/etc/caddy/Caddyfile
- /Speicher/Docker/Caddy/data:/data
- /Speicher/Docker/Caddy/config:/config
d. My complete Caddy config:
cloud.schernthaner.eu {
reverse_proxy localhost:8001
handle_path /seafhttp* {
reverse_proxy localhost:8082
}
handle_path /seafmedia* {
rewrite * /media{uri}
root * /Speicher/Cloud/seafile-server-latest/seahub
file_server
}
handle /seafdav* {
reverse_proxy 127.0.0.1:8081
}
route /onlyofficeds/* {
uri strip_prefix /onlyofficeds
reverse_proxy 127.0.0.1:88/
}
}
5. My old nginx file
map $http_destination $nossl_destination {
"~^https:(.+)$" $1;
"~^http:(.+)$" $1;
}
# Required for only office document server
map $http_x_forwarded_proto $the_scheme {
default $http_x_forwarded_proto;
"" $scheme;
}
map $http_x_forwarded_host $the_host {
default $http_x_forwarded_host;
"" $host;
}
map $http_upgrade $proxy_connection {
default upgrade;
"" close;
}
#/etc/nginx/sites-available/
}
server {
server_name cloud.schernthaner.eu;
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/cloud.schernthaner.eu/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cloud.schernthaner.eu/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/ssl/certs/dhparam.pem;
server_tokens off;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
proxy_set_header X-Forwarded-For $remote_addr;
location / {
proxy_pass http://127.0.0.1:8001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_read_timeout 1200s;
# used for view/edit office file via Office Online Server
client_max_body_size 0;
access_log /var/log/nginx/seahub.access.log;
error_log /var/log/nginx/seahub.error.log;
}
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://127.0.0.1:8082;
client_max_body_size 0;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
proxy_request_buffering off;
send_timeout 36000s;
}
location /seafdav {
proxy_pass http://127.0.0.1:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
client_max_body_size 0;
proxy_set_header Destination "http:$nossl_destination";
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
send_timeout 36000s;
# This option is only available for Nginx >= 1.8.0. See more details below.
proxy_request_buffering off;
access_log /var/log/nginx/seafdav.access.log;
error_log /var/log/nginx/seafdav.error.log;
}
location /media {
root /Speicher/Cloud/seafile-server-latest/seahub;
}
location /onlyofficeds/ {
# THIS ONE IS IMPORTANT ! - Trailing slash !
proxy_pass http://127.0.0.1:88/;
proxy_http_version 1.1;
client_max_body_size 100M; # Limit Document size to 100MB
proxy_read_timeout 3600s;
proxy_connect_timeout 3600s;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
# THIS ONE IS IMPORTANT ! - Subfolder and NO trailing slash !
proxy_set_header X-Forwarded-Host $the_host/onlyofficeds;
proxy_set_header X-Forwarded-Proto $the_scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /notification/ping {
proxy_pass http://127.0.0.1:8083/ping;
# access_log /var/log/nginx/notification.access.log seafileformat;
error_log /var/log/nginx/notification.error.log;
}
location /notification {
proxy_pass http://127.0.0.1:8083/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# access_log /var/log/nginx/notification.access.log seafileformat;
error_log /var/log/nginx/notification.error.log;
}
}
}