Press "Enter" to skip to content

解答:docker部署seafile修改80端口映射到主机其他端口,无法访问

Last updated on 2020年7月7日

问题见:https://bbs.seafile.com/t/docker-seafile-80/3195/5

但是回答的比较简单,对于刚刚入手 docker 的朋友可能不太熟悉

步骤一

修改部分已用中文标注

#以下为 docker-compose.yml 可适当修改其中的配置
version: '2.0'
services:
  db:
    image: mariadb:10.1
    container_name: seafile-mysql
    environment:
      - MYSQL_ROOT_PASSWORD=db_dev  # Requested, set the root's password of MySQL service.
      - MYSQL_LOG_CONSOLE=true
    volumes:
      - /opt/seafile-mysql/db:/var/lib/mysql  # Requested, specifies the path to MySQL data persistent store.
    networks:
      - seafile-net

  memcached:
    image: memcached:1.5.6
    container_name: seafile-memcached
    entrypoint: memcached -m 256
    networks:
      - seafile-net
          
  seafile:
    image: seafileltd/seafile-mc:latest
    container_name: seafile
    ports:
      - "8088:8088"  # 注意端口在这里更改,如8088(通常只修改宿主机端口号即可如:8088:80)
#      - "443:443"  # If https is enabled, cancel the comment.
    volumes:
      - /opt/seafile-data:/shared   # Requested, specifies the path to Seafile data persistent store.
      - /your/path/seafile.nginx.conf.template:/templates/seafile.nginx.conf.template:ro   # 添加这个文件映射(该命令用于修改docker内部端口号,如不需要可以注释)
    environment:
      - DB_HOST=db
      - DB_ROOT_PASSWD=db_dev  # Requested, the value shuold be root's password of MySQL service.
#      - TIME_ZONE=Asia/Shanghai # Optional, default is UTC. Should be uncomment and set to your local time zone.
      - SEAFILE_ADMIN_EMAIL=me@example.com # Specifies Seafile admin user, default is 'me@example.com'.
      - SEAFILE_ADMIN_PASSWORD=asecret     # Specifies Seafile admin password, default is 'asecret'.
      - SEAFILE_SERVER_LETSENCRYPT=false   # Whether use letsencrypt to generate cert.
      - SEAFILE_SERVER_HOSTNAME=seafile.example.com # Specifies your host name.
    depends_on:
      - db
      - memcached
    networks:
      - seafile-net

networks:
  seafile-net:

步骤二

以下为修改docker内部端口号,如不需要可以忽略。
步骤一中的/your/path/seafile.nginx.conf.template 文件从哪里来呢?
官方GitHub上有: 传送门

当然最稳妥的做法是进入容器内部复制一份出来,因为版本问题可能不一致。拷贝方法:

# 进入容器
docker exec -it seafile /bin/bash
#复制输出的内容,保存成文件
cat /templates/seafile.nginx.conf.template

步骤三

按需修改步骤二中的文件,如修改端口后(修改部分已用中文标注):

# -*- mode: nginx -*-
# Auto generated Aat {{ current_timestr }}
{% if https -%}
server {
    listen 80; # 这里是https的证书监听端口,没用到可以不用修改
    server_name _ default_server;

    # allow certbot to connect to challenge location via HTTP Port 80
    # otherwise renewal request will fail
    location /.well-known/acme-challenge/ {
        alias /var/www/challenges/;
        try_files $uri =404;
    }

    location / {
        rewrite ^ https://{{ domain }}$request_uri? permanent;
    }
}
{% endif -%}

server {
{% if https -%}
    listen 443; # https 监听端口,没用到可以不修改
    ssl on;
    ssl_certificate      /shared/ssl/{{ domain }}.crt;
    ssl_certificate_key  /shared/ssl/{{ domain }}.key;

    ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;

    # TODO: More SSL security hardening: ssl_session_tickets & ssl_dhparam
    # ssl_session_tickets on;
    # ssl_session_ticket_key /etc/nginx/sessionticket.key;
    # ssl_session_cache shared:SSL:10m;
    # ssl_session_timeout 10m;
{% else -%}
    listen 8088; # 默认http访问,修改这里的监听端口
{% endif -%}

    server_name {{ domain }};

    client_max_body_size 10m;

    location / {
        proxy_pass http://127.0.0.1:8000/;
        proxy_read_timeout 310s;
        proxy_set_header Host $host;
        proxy_set_header Forwarded "for=$remote_addr;proto=$scheme";
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Connection "";
        proxy_http_version 1.1;

        client_max_body_size 0;
        access_log      /var/log/nginx/seahub.access.log seafileformat;
        error_log       /var/log/nginx/seahub.error.log;
    }

    location /seafhttp {
        rewrite ^/seafhttp(.*)$ $1 break;
        proxy_pass http://127.0.0.1:8082;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        client_max_body_size 0;
        proxy_connect_timeout  36000s;
        proxy_read_timeout  36000s;
        proxy_request_buffering off;
        access_log      /var/log/nginx/seafhttp.access.log seafileformat;
        error_log       /var/log/nginx/seafhttp.error.log;
    }

    location /seafdav {
        client_max_body_size 0;
        fastcgi_pass    127.0.0.1:8080;
        fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
        fastcgi_param   PATH_INFO           $fastcgi_script_name;

        fastcgi_param   SERVER_PROTOCOL     $server_protocol;
        fastcgi_param   QUERY_STRING        $query_string;
        fastcgi_param   REQUEST_METHOD      $request_method;
        fastcgi_param   CONTENT_TYPE        $content_type;
        fastcgi_param   CONTENT_LENGTH      $content_length;
        fastcgi_param   SERVER_ADDR         $server_addr;
        fastcgi_param   SERVER_PORT         $server_port;
        fastcgi_param   SERVER_NAME         $server_name;

        access_log      /var/log/nginx/seafdav.access.log seafileformat;
        error_log       /var/log/nginx/seafdav.error.log;
    }

    location /media {
        root /opt/seafile/seafile-server-latest/seahub;
    }

    # For letsencrypt
    location /.well-known/acme-challenge/ {
        alias /var/www/challenges/;
        try_files $uri =404;
    }
}

步骤四

最重要的一步,重启你的 docker,强烈建议先停止容器,再重新启动docker-compose downdocker-compose up -d)。我的版本(seafile-server-7.0.5)使用 docker-compose restart 并不其作用,浪费了十几分钟排查问题!!!
注意:端口号尽量避开 seafile 内部已经占用的8000、8080、8082等端口

注意⚠️

如果都修改后仍不起效,请检查如下问题:

  1. 宿主机是否放行新定义的端口号如:8088
  2. 检查docker内部 /shared/nginx/conf/seafile.nginx.conf 生成日期是否是刚刚生成的

针对检查项2可做如下调整:

# 进入容器
docker exec -it seafile /bin/bash
#删除存在的文件, 再次重启 seafile docker 会自动生成
rm -f /shared/nginx/conf/seafile.nginx.conf

问题2来源于网友的机器,排查发现该文件/shared/nginx/conf/seafile.nginx.conf存在 .swp 崩溃文件,猜测很可能是docker启动异常时导致。

有心力的同学可以查看 GitHub 来了解 seafile-docker 的详细内容:https://github.com/haiwen/seafile-docker

5 Comments

  1. Reynardli
    Reynardli 2020年3月24日

    使用了 -d 参数,seafile-mamcached 没有运行成功done的标志。
    其他两个seafile 和seafile-mysql 都显示了done

    然后访问域名:端口号 显示拒绝连接请求

    然后我停止了所有容器,重新restart了 docker后。 还是没有办法通过网页访问…
    前问是我哪里操作错了吗… 或者我应该怎么排查哪里出了问题呢…

    (p.s. 如果可以的话,我也有填写自己的邮箱,可以帮我看一下吗?我可以把我的VPS的IP和密码,以及解析的域名地址发给你….)

  2. Reynardli
    Reynardli 2020年3月23日

    博主..我按你的分享设置好了配置文件,但是停掉容器输入命令后,代码就卡在这里不动了,能麻烦帮我看看是哪里出错了吗….
    [root@Reynardli ~]# docker-compose up
    Starting seafile-mysql …
    Starting seafile-mysql … done
    Starting seafile … done
    Attaching to seafile-memcached, seafile-mysql, seafile
    seafile | *** Booting runit daemon…
    seafile | *** Runit started as PID 32
    seafile | *** Running /scripts/start.py…
    seafile | [03/23/2020 10:03:39][upgrade]: Running script /opt/seafile/seafile-server-7.0.5/upgrade/minor-upgrade.sh
    seafile |
    seafile | Seafile server started
    seafile |
    seafile | Done.
    seafile |
    seafile | Starting seahub at port 8000 …
    seafile |
    seafile | Seahub is started
    seafile |
    seafile | Done.
    seafile |

    • thinkwei
      thinkwei 2020年3月23日

      看输出没有 error,换一下命令试试
      docker-compose up #一般在终端中调试使用
      docker-compose up -d #表示后台启动,注意【-d】参数

  3. Reynardli
    Reynardli 2020年3月23日

    感谢博主的解答,十分感谢!!写的很详细啦,我这就去试试。

发表评论

电子邮件地址不会被公开。 必填项已用*标注

Captcha Code