Installing docker

See reference.computers.setup.docker-install

Setup Seafile with docker

1cd
2mkdir docker-compose/seafile; cd seafile
3mkdir mysql-data
4mkdir seafile-data
5touch .env
6touch dot-env-template

Overview

  • docker-compose file spools up three containers: mariadb, memcached, seafile.
  • These communicate via their internal network seafile-net
  • additionally, the network seafile-npm is created to enable seafile talk to Nginx Proxy Manager. The npm docker container will be added to this network in npm’s docker-compose file.
  • Since npm and seafile will be on the same seafile_seafile-npm network, npm can directly access seafile:80. So there is no need to expose seafile’s ports to the host. Therefore, the port mapping parts of the docker-compose file below are commented out.
  • The docker-compose file pulls in info from various environment variables. We create a dot-env-template file and a .env file. Both are similar, but the .env file has the actual content whereas the dot-env-template file does not have the sensitive content and can be backed up or committed to a git repository. The .env file will be in .gitignore because it contains sensitive content that is not needed to recreate the docker setup and should not be exposed inadvertently.
  • We don’t use any of seafile’s https features because we manage https termination at/with nginx proxy manager. See subsection on this below. But also see below that we do set the SERVICE_URL to https in the post-install configuration.

docker-compose.yaml

 1version: '2.0'
 2services:
 3  db:
 4    image: mariadb:10.5
 5    container_name: seafile-mysql
 6    environment:
 7      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}  # Requested, set the root's password of MySQL service.
 8      - MYSQL_LOG_CONSOLE=true
 9    volumes:
10      - ./mysql-data:/var/lib/mysql  # Requested, specifies the path to MySQL data persistent store.
11    networks:
12      - seafile-net
13
14  memcached:
15    image: memcached:1.5.6
16    container_name: seafile-memcached
17    entrypoint: memcached -m 256
18    networks:
19      - seafile-net
20          
21  seafile:
22    image: seafileltd/seafile-mc:9.0.1
23    container_name: seafile
24#    ports:
25#      - "127.0.0.1:83:80"
26#     - "443:443"  # If https is enabled, cancel the comment.
27    volumes:
28      - ./seafile-data:/shared   # Requested, specifies the path to Seafile data persistent store.
29    environment:
30      - DB_HOST=db
31      - DB_ROOT_PASSWD=${MYSQL_ROOT_PASSWORD}  # Requested, the value shuold be root's password of MySQL service.
32      - TIME_ZONE=America/Los_Angeles  # Optional, default is UTC. Should be uncomment and set to your local time zone.
33      - SEAFILE_ADMIN_EMAIL=${SEAFILE_ADMIN_EMAIL} # Specifies Seafile admin user, default is 'me@example.com'.
34      - SEAFILE_ADMIN_PASSWORD=${SEAFILE_ADMIN_PASSWORD}     # Specifies Seafile admin password, default is 'asecret'.
35      - SEAFILE_SERVER_LETSENCRYPT=false   # Whether to use https or not.
36      - SEAFILE_SERVER_HOSTNAME=${SEAFILE_SERVER_HOSTNAME} # Specifies your host name if https is enabled.
37    depends_on:
38      - db
39      - memcached
40    networks:
41      - seafile-net
42      - seafile-npm
43networks:
44  seafile-net:
45  seafile-npm:

Note: Initially, the dockerfile was pulling in env variables with formatting SEAFILE_SERVER_HOSTNAME="${SEAFILE_SERVER_HOSTNAME}" because that is what I read on some blog post. However, the " " were possibly causing issues. seahub would fail to start (as noted by output of the command docker logs -f seafile). Poking around, I noticed that the seahub-settings.py file had some weird " characters in the SERVICE_URL (or something similar to that) key value. I removed the “”, and seahub’s issues magically went away /shrug.

.env file

Create a .env file and a dot-env-template file with the content

1MYSQL_ROOT_PASSWORD=
2SEAFILE_ADMIN_EMAIL=
3SEAFILE_ADMIN_PASSWORD=
4SEAFILE_SERVER_HOSTNAME=

Note that there is no space after the = when you add the values in the .env. file. Leave the dot-env-template file empty though.

TIP: In a pinch, can generate random passwords with

1head /dev/urandom | tr -dc A-Za-z0-9 | head -c16

NPM and SSL / https configuration

Configure reverse proxy to seafile:80 as a new proxy host in NPM. Force SSL.

Seafile actually does not know that it is running behind https. We are not using any https functionality in seafile. Rather, nginx proxy manager will be the termination point for seafile.seapost.org. It’ll reverse proxy this https traffic to seafile:80 internally, without https.

Modify Seafile server configurations

The config files are under shared/seafile/conf. You can modify the configurations, if needed, according to Seafile manual

1docker exec -it seafile /bin/bash

After modification, you need to restart the container:

1docker-compose restart

Troubleshooting

If you need a shell inside the docker container, use the command

1docker exec -it seafile /bin/bash

Find logs

The Seafile logs are under shared/logs/seafile in the docker, or /opt/seafile-data/logs/seafile in the server that run the docker.

The system logs are under shared/logs/var-log, or /opt/seafile-data/logs/var-log in the server that run the docker.

Post install

  • Log in to seafile using the admin username/pw set in the .env file.
  • In sys admin settings configure
    1SERVICE_URL = https://seafile.seapost.org
    2FILE_SERVER_ROOT = https://seafile.seapost.org/seafhttp
    
    Without this, the clients may not work properly (I have not tested this)
  • Change SITE_TITLE and SITE_NAME as needed (Seafile and Sagar’s Seafile)
  • Change LOGIN_ATTEMPT_LIMIT to 2
  • enable two factor authentication in admin settings
  • Enable 2FA in user settings
  • Set Avtar (photo) in user settings
  • Change password is user settings. NOTE: I think that changing the user password through the user settings essentially supercedes the admin password environment variable in the .env file i.e. that env variable password is not valid any more.
  • Switch to golang file server. sudo editor seafile-data/seafile/conf/seafile.conf and add the line
    1[fileserver]
    2use_go_fileserver = true
    
    then docker-compose restart. HOWEVER, I have no clue whether this fileserver is actually being used. No mention of it in docker logs -f seafile.

Upgrade

See Seafile’s docker deployment manual. Note that rather than using the latest tag, we explicitly specify the actual version in our docker-compose.yaml file

References

  1. https://manual.seafile.com/docker/deploy_seafile_with_docker/ <– Seafile docker installation manual

TODO

  1. Configure Seafile to send email
  2. Enable some go related settings in v9.0.1 which are off by default
  3. Figure out what to backup in the installation and how to do backup and recovery of the seafile application