1 依赖
### 基本
apt update
apt install -y python3 python3-setuptools python3-pip python3-ldap libmysqlclient-dev python3-dev default-libmysqlclient-dev build-essential libmemcached-dev
### python
pip3 install --timeout=3600 django==3.2.* future mysqlclient pymysql Pillow pylibmc \
captcha jinja2 sqlalchemy==1.4.3 psd-tools django-pylibmc django-simple-captcha pycryptodome==3.12.0 cffi==1.14.0
2 目录
mkdir /opt/seafile
cd /opt/seafile
3 用户
adduser seafile
chown -R seafile: /opt/seafile
su seafile
4 package
### 在 https://customer.seafile.com/ 下载
tar xf seafile-pro-server_9.0.5_x86-64_Ubuntu.tar.gz
### 此时的目录文件结构
tree -L 2 /opt/seafile
.
├── seafile-license.txt
└── seafile-pro-server-9.0.5
│ ├── check-db-type.py
│ ├── check_init_admin.py
│ ├── create-db
│ ├── index_op.py
│ ├── migrate.py
│ ├── migrate-repo.py
│ ├── migrate-repo.sh
│ ├── migrate.sh
│ ├── pro
│ ├── remove-objs.py
│ ├── remove-objs.sh
│ ├── reset-admin.sh
│ ├── run_index_master.sh
│ ├── run_index_worker.sh
│ ├── runtime
│ ├── seaf-backup-cmd.py
│ ├── seaf-backup-cmd.sh
│ ├── seaf-encrypt.sh
│ ├── seaf-fsck.sh
│ ├── seaf-fuse.sh
│ ├── seaf-gc.sh
│ ├── seaf-gen-key.sh
│ ├── seafile
│ ├── seafile-background-tasks.sh
│ ├── seafile.sh
│ ├── seaf-import.sh
│ ├── seahub
│ ├── seahub-extra
│ ├── seahub.sh
│ ├── setup-seafile-mysql.py
│ ├── setup-seafile-mysql.sh
│ ├── setup-seafile.sh
│ ├── sql
│ └── upgrade
└── seafile-pro-server_9.0.5_x86-64.tar.gz
5 数据库 (docker)
### docker-compose.yml
version: '2.0'
services:
db:
image: mariadb:10.5
container_name: seafile-mysql
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=***
- MYSQL_LOG_CONSOLE=true
- MYSQL_PASSWORD=***
- MYSQL_USER=seafile
volumes:
- ./db:/var/lib/mysql
ports:
- "3306:3306"
networks:
- seafile-net
networks:
seafile-net:
### docker MySQL数据库权限问题
docker exec -it seafile-mysql bash
mysql -uroot -p***
grant all privileges on *.* to root@'%' identified by '***' with grant option;
flush privileges;
exit;
exit
6 setup
cd seafile-server-9.0.5
./setup-seafile-mysql.sh
### 选择 [1] Create new ccnet/seafile/seahub databases
### 目前的目录文件结构
tree -L 2 /opt/seafile
.
├── seafile-license.txt # license file
├── ccnet
├── conf
│ └── ccnet.conf
│ └── gunicorn.conf.py
│ └── __pycache__
│ └── seafdav.conf
│ └── seafevents.conf
│ └── seafile.conf
│ └── seahub_settings.py
├── logs
│ ├── controller.log
│ ├── elasticsearch_deprecation.log
│ ├── elasticsearch_index_indexing_slowlog.log
│ ├── elasticsearch_index_search_slowlog.log
│ ├── elasticsearch.log
│ ├── file_updates_sender.log
│ ├── index.log
│ ├── seafevents.log
│ ├── seafile.log
│ ├── seahub.log
│ └── slow_logs
├── pids
│ ├── elasticsearch.pid
│ ├── seafevents.pid
│ ├── seaf-server.pid
│ └── seahub.pid
├── pro-data
│ └── search
├── seafile-data
│ ├── httptemp
│ ├── library-template
│ ├── storage
│ └── tmpfiles
├── seafile-pro-server-9.0.5
│ ├── check-db-type.py
│ ├── check_init_admin.py
│ ├── create-db
│ ├── index_op.py
│ ├── migrate.py
│ ├── migrate-repo.py
│ ├── migrate-repo.sh
│ ├── migrate.sh
│ ├── pro
│ ├── reset-admin.sh
│ ├── run_index_master.sh
│ ├── run_index_worker.sh
│ ├── runtime
│ ├── seaf-backup-cmd.py
│ ├── seaf-backup-cmd.sh
│ ├── seaf-encrypt.sh
│ ├── seaf-fsck.sh
│ ├── seaf-fuse.sh
│ ├── seaf-gc.sh
│ ├── seaf-gen-key.sh
│ ├── seafile
│ ├── seafile-background-tasks.sh
│ ├── seafile.sh
│ ├── seaf-import.sh
│ ├── seahub
│ ├── seahub-extra
│ ├── seahub.sh
│ ├── setup-seafile-mysql.py
│ ├── setup-seafile-mysql.sh
│ ├── setup-seafile.sh
│ ├── sql
│ └── upgrade
├── seafile-server-latest -> seafile-pro-server-9.0.5
├── seahub-data
│ └── avatars
7 启动
cd /opt/seafile-server-latest
./seafile.sh start
./seahub.sh start
### 作为系统服务开机启动
### seafile.service
[Unit]
Description=seafile
After=network-online.target
[Service]
Type=forking
ExecStart=/opt/seafile/seafile-server-latest/seafile.sh start
ExecStop=/opt/seafile/seafile-server-latest/seafile.sh stop
LimitNOFILE=infinity
User=1000
Group=1000
[Install]
WantedBy=multi-user.target
### seahub.service
[Unit]
Description=seahub
After=network-online.target
[Service]
Type=forking
ExecStart=/opt/seafile/seafile-server-latest/seahub.sh start
ExecStop=/opt/seafile/seafile-server-latest/seahub.sh stop
LimitNOFILE=infinity
User=1000
Group=1000
[Install]
WantedBy=multi-user.target
8 其他
ElasticSearch 文件搜索 (docker)
### docker-compose.yml
version: '2.0'
services:
elasticsearch:
image: elasticsearch:7.16.2
container_name: seafile-elasticsearch
user: "1000:1000"
restart: unless-stopped
environment:
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms1g -Xmx1g"
ulimits:
memlock:
soft: -1
hard: -1
mem_limit: 2g
ports:
- "127.0.0.1:9200:9200"
volumes:
- ./esdata:/usr/share/elasticsearch/data
networks:
seafile-net:
### 编辑 /opt/seafile/conf/seafevents.conf
[INDEX FILES]
external_es_server = true
es_host = 127.0.0.1
es_port = 9200
enabled = true
interval = 10m
highlight = fvh
index_office_pdf = true
memcached (docker)
### docker-compose.yml
version: '2.0'
services:
memcached:
image: memcached:1.5.6
container_name: seafile-memcached
restart: unless-stopped
entrypoint: memcached -m 256
ports:
- "11211:11211"
networks:
- seafile-net
networks:
seafile-net:
### 编辑 /opt/seafile/conf/seahub_settings.py
CACHES = {
'default': {
'BACKEND': 'django_pylibmc.memcached.PyLibMCCache',
'LOCATION': '127.0.0.1:11211',
},
'locmem': {
'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
},
}
COMPRESS_CACHE_BACKEND = 'locmem'
文档预览 (docker)
### docker-compose.yml
version: '2.0'
services:
office-preview:
image: seafileltd/office-preview:latest
container_name: seafile-office-preview
restart: unless-stopped
ports:
- "8089:8089"
command: bash start.sh
volumes:
- ./office-preview/shared:/shared
- ./fonts:/usr/share/fonts #可将需要的字体上传至该目录
networks:
- seafile-net
networks:
seafile-net:
### 启动后,停止容器, 新建 /opt/seafile/office-preview/shared/office_convertor_settings.py, SECRET_KEY 位于 /opt/seafile/conf/seahub_settings.py, 重启容器
SECRET_KEY = "******"
WORKERS = 10
OUTPUT_DIR = '/shared/output'
PORT = 8089
### 编辑 /opt/seafile/conf/seahub_settings.py
OFFICE_CONVERTOR_ROOT = 'http://127.0.0.1:8089'
webdav
### 编辑 /opt/seafile/conf/seafdav.conf
[WEBDAV]
enabled = true
port = 8080
share_name = /webdav
AWS S3 储存后端
### 编辑 /opt/seafile/conf/seafevents.conf
[commit_object_backend]
name = s3
bucket = seafile-commits
key_id = ***
key = ***
host = s3.com
[fs_object_backend]
name = s3
bucket = seafile-fs
key_id = ***
key = ***
host = s3.com
[block_backend]
name = s3
bucket = seafile-blocks
key_id = ***
key = ***
host = s3.com
9 NGINX 反向代理
server
{
listen 80;
listen 443 ssl http2;
server_name seafile.com;
if ($server_port !~ 443){
rewrite ^(/.*)$ https://$host$1 permanent;
}
ssl_certificate /path/certificate.pem;
ssl_certificate_key /path/certificate_key.pem;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
client_max_body_size 10g;
location / {
proxy_pass http://127.0.0.1:8000/;
proxy_read_timeout 310s;
proxy_set_header Host $host;
proxy_set_header Forwarded "for=$remote_addr;proto=$scheme";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection "";
proxy_http_version 1.1;
}
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://127.0.0.1:8082;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_request_buffering off;
}
location /webdav {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 1200s;
}
location /media {
root /opt/seafile/seafile-server-latest/seahub;
}
access_log /path/seafile.com.log;
error_log /path/seafile.com.error.log;
}
10 其他配置
### 编辑 /opt/seafile/conf/seahub_settings.py
# 时区
TIME_ZONE = 'Asia/Shanghai'
# 两步验证
ENABLE_TWO_FACTOR_AUTH = True
# webdav独立密码
ENABLE_WEBDAV_SECRET = True
# 自定义前端样式, 自定义custom.css 储存到 /opt/seafile/seahub-data/custom/
BRANDING_CSS = 'custom/custom.css'
Lasted update: Apr 12, 2022 at 03:56 pm