Looks to me like your problem is that Seafile is using HTTPS but Mattermost
is not.
That said, I don't understand how you are able to get to Mattermost at all,
since you are setting HSTS headers that should prevent your browser from
going to a non-secure page on your domain.
Add HTTPS configuration for Mattermost and see if that helps.
--
Moshe Katz
-- kohenk...@gmail.com
-- +1(301)867-3732
On Tue, May 15, 2018 at 4:35 AM Nginx-Chris <nginx-fo...@forum.nginx.org>
wrote:
> Root Server with Ubuntu 16.04.
> Nginx Version: 1.10.3
>
> I have an Nginx server that serves 1 Application: An open source Cloud
> Server from Seafile that listens on cloud.mydomain.com
>
> I now tried to add another Application to my server: A Mattermost server
> that should listen on chat.mydomain.com
>
> When I am adding the Nginx config for Mattermost, then it only is available
> when I deactivate the Seafile nginx config.
>
> So the server only serves one application at a time and that's always the
> Seafile Server.
> Then no nginx error.logs or access.logs get any data from the Mattermost
> login attempts.
>
> I am pasting the configs below and am hoping that someone could give me a
> tip what I have a done wrong or what I need to change.
> I don't understand why Nginx does not listen for chat.mydomain.com
>
> Any help would be very much appreciated!
>
> SEAFILE NGINX CONFIG:
>
> server {
>
> listen 80 http2;
> listen [::]:80 http2;
> server_name cloud.mydomain.com;
>
> rewrite ^ https://$http_host$request_uri? permanent; # force
> redirect
> http to https
>
> # Enables or disables emitting nginx version on error pages and in the
> "Server" response header field.
> server_tokens off;
>
> }
>
> server {
> listen 443 ssl http2; # managed by Certbot
> listen [::]:443 http2;
> ssl on;
>
> server_name cloud.mydomain.com;
>
> ssl_session_cache shared:SSL:5m;
> server_tokens off;
>
> ssl_certificate /etc/letsencrypt/live/cloud.mydomain.com/fullchain.pem
> ;
> # managed by Certbot
> ssl_certificate_key
> /etc/letsencrypt/live/cloud.mydomain.com/privkey.pem; # managed by Certbot
>
> include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
>
> ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
>
> proxy_set_header X-Forwarded-For $remote_addr;
>
> add_header Strict-Transport-Security "max-age=31536000;
> includeSubDomains";
>
> location / {
> proxy_pass http://127.0.0.1:8000;
> proxy_set_header Host $host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded-Host $server_name;
> proxy_set_header X-Forwarded-Proto https;
>
> proxy_read_timeout 1200s;
>
> # used for view/edit office file via Office Online Server
> client_max_body_size 0;
>
> access_log /var/log/nginx/seahub.access.log;
> error_log /var/log/nginx/seahub.error.log;
> }
>
> location /seafhttp {
> rewrite ^/seafhttp(.*)$ $1 break;
> proxy_pass http://127.0.0.1:8082;
> client_max_body_size 0;
>
> proxy_connect_timeout 36000s;
> proxy_read_timeout 36000s;
> proxy_send_timeout 36000s;
> send_timeout 36000s;
>
> proxy_request_buffering off;
> }
>
> location /media {
> root /home/user/seafile.cloud/seafile-server-latest/seahub;
> }
>
> location /webdav {
> fastcgi_pass 127.0.0.1:8080;
> fastcgi_param SCRIPT_FILENAME
> $document_root$fastcgi_script_name;
> fastcgi_param PATH_INFO $fastcgi_script_name;
>
> fastcgi_param SERVER_PROTOCOL $server_protocol;
> fastcgi_param QUERY_STRING $query_string;
> fastcgi_param REQUEST_METHOD $request_method;
> fastcgi_param CONTENT_TYPE $content_type;
> fastcgi_param CONTENT_LENGTH $content_length;
> fastcgi_param SERVER_ADDR $server_addr;
> fastcgi_param SERVER_PORT $server_port;
> fastcgi_param SERVER_NAME $server_name;
> fastcgi_param HTTPS on;
> fastcgi_param HTTP_SCHEME https;
>
> client_max_body_size 0;
> proxy_connect_timeout 36000s;
> proxy_read_timeout 36000s;
> proxy_send_timeout 36000s;
> send_timeout 36000s;
>
> # This option is only available for Nginx >= 1.8.0. See more
> details
> below.
> proxy_request_buffering off;
>
> access_log /var/log/nginx/seafdav.access.log;
> error_log /var/log/nginx/seafdav.error.log;
> }
> }
>
>
>
>
> MATTERMOST NGINX CONFIG:
>
> upstream backend {
> server 127.0.0.1:8065;
> }
>
> proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m
> max_size=3g inactive=120m use_temp_path=off;
>
> server {
> listen 80;
> listen [::]:80;
> server_name chat.mydomain.com;
>
> location ~/api/v[0-9]+/(users/)?websocket$ {
> proxy_set_header Upgrade $http_upgrade;
> proxy_set_header Connection "upgrade";
> client_max_body_size 50M;
> proxy_set_header Host $http_host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded-Proto $scheme;
> proxy_set_header X-Frame-Options SAMEORIGIN;
> proxy_buffers 256 16k;
> proxy_buffer_size 16k;
> proxy_read_timeout 600s;
> proxy_pass http://backend;
> }
>
> location / {
> client_max_body_size 50M;
> proxy_set_header Connection "";
> proxy_set_header Host $http_host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded-Proto $scheme;
> proxy_set_header X-Frame-Options SAMEORIGIN;
> proxy_buffers 256 16k;
> proxy_buffer_size 16k;
> proxy_read_timeout 600s;
> proxy_cache mattermost_cache;
> proxy_cache_revalidate on;
> proxy_cache_min_uses 2;
> proxy_cache_use_stale timeout;
> proxy_cache_lock on;
> proxy_pass http://backend;
> }
> }
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?2,279794,279794#msg-279794
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
