Seafile behind a proxy

My Seafile instance is running on a dedicated webserver behind a reverse proxy which is handling the SSL encryption.

This setup with the protocol change on one of the webservers does not work out of the box / this case is not documented in the official server documentation.

My setup:

INTERNET <--( HTTPS )--> Apache Reverse Proxy <--( HTTP )--> Apache Webserver <-- (FCGI) --> Seafile

In the configuration of the reverse proxy, it's important to set a header for the original protocol:

ProxyPreserveHost On
ProxyVia Block

RequestHeader set X-Forwarded-Proto 'https' env=HTTPS
ProxyPass / http://my-internal-seafile-webserver/
ProxyPassReverse / http://my-internal-seafile-webserver/

The regular seafile webserver is configured as written in the official server manual: https://manual.seafile.com/deploy/deploy_with_apache.html

In the seafile configuration the external hostname is configured:

conf/ccnet.conf

SERVICE_URL = https://my-public-seafile-domain/

conf/seahub_settings.py

FILE_SERVER_ROOT = 'https://my-public-seafile-domain/seafhttp'
HTTP_SERVER_ROOT = 'https://my-public-seafile-domain/';

# Setup support for proxy headers
USE_X_FORWARDED_HOST = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

Without these settings, the links generated in the webfronted are sometimes wrong (wrong hostname and/or protocol).

KobelNET Blog

Languages

Latest articles

Blog

KobelNET Blog

Languages

Latest articles

Blog

Seafile behind a proxy

BASIC Auth with Oracle WebLogic

Setup CyanogenMod on Google Nexus 10