diff --git a/manual/docker/deploy_seafile_with_docker.md b/manual/docker/deploy_seafile_with_docker.md index c7f141b31..5ca698266 100644 --- a/manual/docker/deploy_seafile_with_docker.md +++ b/manual/docker/deploy_seafile_with_docker.md @@ -12,9 +12,9 @@ The following assumptions and conventions are used in the rest of this document: Use the [official installation guide for your OS to install Docker](https://docs.docker.com/engine/install/). -### Download and modify `docker-compose.yml` +### Download and modify `.env` -Download the `docker-compose.yml` sample file into Seafile's directory and modify the Compose file to fit your environment and settings. +From Seafile Docker 12.0, we recommend that you use `.env`, `seafile-server.yml` and `caddy.yml` files for configuration. **NOTE:** Different versions of Seafile have different compose files. @@ -22,31 +22,40 @@ Download the `docker-compose.yml` sample file into Seafile's directory and modif mkdir /opt/seafile cd /opt/seafile -# Seafile CE 10.0 -wget -O "docker-compose.yml" "https://manual.seafile.com/docker/docker-compose/ce/10.0/docker-compose.yml" +# Seafile CE 12.0 +wget -O .env https://manual.seafile.com/docker/docker-compose/ce/12.0/env +wget https://manual.seafile.com/docker/docker-compose/ce/12.0/seafile-server.yml +wget https://manual.seafile.com/docker/docker-compose/ce/12.0/caddy.yml -# Seafile CE 11.0 -wget -O "docker-compose.yml" "https://manual.seafile.com/docker/docker-compose/ce/11.0/docker-compose.yml" - -nano docker-compose.yml +nano .env ``` The following fields merit particular attention: -* The password of MySQL root (`MYSQL_ROOT_PASSWORD` and `DB_ROOT_PASSWD`) -* The volume directory of MySQL data (volumes) -* The volume directory of Seafile data (volumes). +- `SEAFILE_VOLUMES`: The volume directory of Seafile data +- `SEAFILE_MYSQL_VOLUMES`: The volume directory of MySQL data +- `SEAFILE_CADDY_VOLUMES`: The volume directory of Caddy data +- `SEAFILE_MYSQL_ROOT_PASSWORD`: The user `root` password of MySQL +- `SEAFILE_MYSQL_DB_PASSWORD`: The user `seafile` password of MySQL +- `JWT`: JWT_PRIVATE_KEY, A random string with a length of no less than 32 characters, generate example: `pwgen -s 40 1` +- `SEAFILE_SERVER_HOSTNAME`: Seafile server hostname or domain +- `SEAFILE_SERVER_PROTOCOL`: Seafile server protocol (http or https) +- `TIME_ZONE`: Time zone (default UTC) +- `SEAFILE_ADMIN_EMAIL`: Admin username +- `SEAFILE_ADMIN_PASSWORD`: Admin password + +NOTE: SSL is now handled by the caddy server. ### Start Seafile server Start Seafile server with the following command ```bash -# if `docker-compose.yml` file is in current directory: -docker-compose up -d +# if `.env` file is in current directory: +docker compose up -d -# if `docker-compose.yml` file is elsewhere: -docker-compose -f /path/to/docker-compose.yml up -d +# if `.env` file is elsewhere: +docker compose -f /path/to/.env up -d ``` Wait for a few minutes for the first time initialization, then visit `http://seafile.example.com` to open Seafile Web UI. @@ -61,22 +70,21 @@ Placeholder spot for shared volumes. You may elect to store certain persistent i * /opt/seafile-data/seafile/logs: This is the directory that would contain the log files of seafile server processes. For example, you can find seaf-server logs in `/opt/seafile-data/seafile/logs/seafile.log`. * /opt/seafile-data/logs: This is the directory for operating system and Nginx logs. * /opt/seafile-data/logs/var-log: This is the directory that would be mounted as `/var/log` inside the container. For example, you can find the nginx logs in `/opt/seafile-data/logs/var-log/nginx/`. -* /opt/seafile-data/ssl: This is directory for certificate, which does not exist by default. ### Find logs To monitor container logs (from outside of the container), please use the following commands: ```bash -# if the `docker-compose.yml` file is in current directory: +# if the `.env` file is in current directory: docker compose logs --follow -# if the `docker-compose.yml` file is elsewhere: -docker compose -f /path/to/docker-compose.yml logs --follow +# if the `.env` file is elsewhere: +docker compose -f /path/to/.env logs --follow # you can also specify container name: docker compose logs seafile --follow -# or, if the `docker-compose.yml` file is elsewhere: -docker compose -f /path/to/docker-compose.yml logs seafile --follow +# or, if the `.env` file is elsewhere: +docker compose -f /path/to/.env logs seafile --follow ``` The Seafile logs are under `/shared/logs/seafile` in the docker, or `/opt/seafile-data/logs/seafile` in the server that run the docker. @@ -84,121 +92,25 @@ The Seafile logs are under `/shared/logs/seafile` in the docker, or `/opt/seafil The system logs are under `/shared/logs/var-log`, or `/opt/seafile-data/logs/var-log` in the server that run the docker. To monitor all Seafile logs simultaneously (from outside of the container), run + ```bash sudo tail -f $(find /opt/seafile-data/ -type f -name *.log 2>/dev/null) ``` ## More configuration options -### Custom admin username and password - -The default admin account is `me@example.com` and the password is `asecret`. You can use a different password by setting the container's environment variables in the `docker-compose.yml`: -e.g. - -```yml -seafile: - ... - - environment: - ... - - SEAFILE_ADMIN_EMAIL=me@example.com - - SEAFILE_ADMIN_PASSWORD=a_very_secret_password - ... - -``` - -### Let's Encrypt SSL certificate - -If you set `SEAFILE_SERVER_LETSENCRYPT` to `true`, the container would request a letsencrypt-signed SSL certificate for you automatically. - -e.g. - -```yml -seafile: - ... - ports: - - "80:80" - - "443:443" - ... - environment: - ... - - SEAFILE_SERVER_LETSENCRYPT=true - - SEAFILE_SERVER_HOSTNAME=seafile.example.com - ... - -``` - -Since version 10.0.x, if you want to use a reverse proxy and apply for a certificate outside docker, you can use `FORCE_HTTPS_IN_CONF` to force write `https://` in the configuration file. - -e.g. - -```yml -seafile: - ... - environment: - ... - - SEAFILE_SERVER_LETSENCRYPT=false - - SEAFILE_SERVER_HOSTNAME=seafile.example.com - - FORCE_HTTPS_IN_CONF=true - ... - -``` - -If you want to use your own SSL certificate, you can mount the certificate into the docker container by setting the container's volumes variables in the `docker-compose.yml`. - -⚠️ Assuming your site name is `seafile.example.com`, then your certificate must have the name `seafile.example.com.crt`, and the private key must have the name `seafile.example.com.key` in container. - -e.g. - -```yml -seafile: - ... - ports: - - "80:80" - - "443:443" - ... - volumes: - ... - - /etc/letsencrypt/live/seafile.example.com/fullchain.pem:/shared/ssl/seafile.example.com.crt - - /etc/letsencrypt/live/seafile.example.com/privkey.pem:/shared/ssl/seafile.example.com.key - environment: - ... - - SEAFILE_SERVER_LETSENCRYPT=false - - SEAFILE_SERVER_HOSTNAME=seafile.example.com - - FORCE_HTTPS_IN_CONF=true - ... - ... -``` - ### Use an existing mysql-server -If you want to use an existing mysql-server, you can modify the `docker-compose.yml` as follows - -```yml -services: - #db: - #image: mariadb:10.11 - #... - - seafile: - ... - environment: - ... - - DB_HOST=192.168.0.2 - - DB_PORT=3306 - - DB_ROOT_PASSWD=mysql_root_password - ... - depends_on: - #- db - - memcached +If you want to use an existing mysql-server, you can modify the `.env` as follows + +```env +SEAFILE_MYSQL_DB_HOST=192.168.0.2 +SEAFILE_MYSQL_DB_PORT=3306 +SEAFILE_MYSQL_ROOT_PASSWORD=ROOT_PASSWORD +SEAFILE_MYSQL_DB_PASSWORD=PASSWORD ``` -* The entire db chapter needs to be removed -* The host of MySQL (`DB_HOST`) -* The port of MySQL (`DB_PORT`) -* The password of MySQL root (`DB_ROOT_PASSWD`) -* db in depends_on chapter needs to be removed -* `DB_ROOT_PASSWD` is needed during installation. Later, after Seafile is installed, the user `seafile` will be used to connect to the mysql-server (in `conf/seafile.conf`). You can remove the `DB_ROOT_PASSWD`. +NOTE: `SEAFILE_MYSQL_ROOT_PASSWORD` is needed during installation. Later, after Seafile is installed, the user `seafile` will be used to connect to the mysql-server (SEAFILE_MYSQL_DB_PASSWORD). You can remove the `SEAFILE_MYSQL_ROOT_PASSWORD`. ### Modify Seafile server configurations @@ -222,18 +134,12 @@ Enter the username and password according to the prompts. You now have a new adm ### Run Seafile as non root user inside docker -Since version 10.0, you can use run seafile as non root user in docker. (**NOTE:** Programs such as `my_init`, Nginx are still run as `root` inside docker.) +You can use run seafile as non root user in docker. (**NOTE:** Programs such as `my_init`, Nginx are still run as `root` inside docker.) -First add the `NON_ROOT=true` to the `docker-compose.yml`. - -```yml -seafile: - ... - environment: - ... - - NON_ROOT=true - ... +First add the `NON_ROOT=true` to the `.env`. +```env +NON_ROOT=true ``` Then modify `/opt/seafile-data/seafile/` permissions. @@ -242,16 +148,6 @@ Then modify `/opt/seafile-data/seafile/` permissions. chmod -R a+rwx /opt/seafile-data/seafile/ ``` -Note: Before version 11.0.9, you have to create a seafile user on the host, and modify the owner to seafile in `/opt/seafile-data/seafile/`. (**NOTE:** Do not change the `uid` and `gid`.) - -```bash -groupadd --gid 8000 seafile - -useradd --home-dir /home/seafile --create-home --uid 8000 --gid 8000 --shell /bin/sh --skel /dev/null seafile - -chown -R seafile:seafile /opt/seafile-data/seafile/ -``` - Then destroy the containers and run them again: ```bash @@ -271,29 +167,6 @@ When files are deleted, the blocks comprising those files are not immediately re The required scripts can be found in the `/scripts` folder of the docker container. To perform garbage collection, simply run `docker exec seafile /scripts/gc.sh`. For the community edition, this process will stop the seafile server, but it is a relatively quick process and the seafile server will start automatically once the process has finished. The Professional supports an online garbage collection. -## Deploy Seafile docker with custom port - -Assume your custom port is 8001, when it is a new installation, you only need to modify the `docker-compose.yml` and start the Seafile docker. - -```yml - seafile: - ... - ports: - - "8001:80" - environment: - ... - - SEAFILE_SERVER_HOSTNAME=seafile.example.com:8001 - ... - ... -``` - -If you have installed the Seafile docker, besides modifying the `docker-compose.yml`, you also need to modify the already generated configuration file `conf/seahub_settings.py`, then restart Seafile: - -```py -SERVICE_URL = "http://seafile.example.com:8001" -FILE_SERVER_ROOT = "http://seafile.example.com:8001/seafhttp" -``` - ## FAQ ### You can run docker commands like `docker exec` to find errors diff --git a/manual/docker/deploy_seafile_with_docker_v12.0.md b/manual/docker/deploy_seafile_with_docker_v12.0.md deleted file mode 100644 index 889cb1dc2..000000000 --- a/manual/docker/deploy_seafile_with_docker_v12.0.md +++ /dev/null @@ -1,176 +0,0 @@ -# Deploy Seafile with Docker (v12.0) - -## Getting started - -The following assumptions and conventions are used in the rest of this document: - -- `/opt/seafile-data` is the directory of Seafile. If you decide to put Seafile in a different directory — which you can — adjust all paths accordingly. -- Seafile uses two [Docker volumes](https://docs.docker.com/storage/volumes/) for persisting data generated in its database and Seafile Docker container. The volumes' [host paths](https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes) are `/opt/seafile-mysql` and `/opt/seafile-data`, respectively. It is not recommended to change these paths. If you do, account for it when following these instructions. -- All configuration and log files for Seafile and the webserver Nginx are stored in the volume of the Seafile container. - -### Install docker - -Use the [official installation guide for your OS to install Docker](https://docs.docker.com/engine/install/). - -### Download and modify `.env` - -From Seafile Docker 12.0, we recommend that you use `.env`, `seafile-server.yml` and `caddy.yml` files for configuration. - -**NOTE:** Different versions of Seafile have different compose files. - -```bash -mkdir /opt/seafile -cd /opt/seafile - -# Seafile CE 12.0 -wget -O .env https://manual.seafile.com/docker/docker-compose/ce/12.0/env -wget https://manual.seafile.com/docker/docker-compose/ce/12.0/seafile-server.yml -wget https://manual.seafile.com/docker/docker-compose/ce/12.0/caddy.yml - -nano .env -``` - -The following fields merit particular attention: - -- `SEAFILE_VOLUMES`: The volume directory of Seafile data -- `SEAFILE_MYSQL_VOLUMES`: The volume directory of MySQL data -- `SEAFILE_CADDY_VOLUMES`: The volume directory of Caddy data -- `SEAFILE_MYSQL_ROOT_PASSWORD`: The user `root` password of MySQL -- `SEAFILE_MYSQL_DB_PASSWORD`: The user `seafile` password of MySQL -- `JWT`: JWT_PRIVATE_KEY, A random string with a length of no less than 32 characters, generate example: `pwgen -s 40 1` -- `SEAFILE_SERVER_HOSTNAME`: Seafile server hostname or domain -- `SEAFILE_SERVER_PROTOCOL`: Seafile server protocol (http or https) -- `TIME_ZONE`: Time zone (default UTC) -- `SEAFILE_ADMIN_EMAIL`: Admin username -- `SEAFILE_ADMIN_PASSWORD`: Admin password - -NOTE: SSL is now handled by the caddy server. - -### Start Seafile server - -Start Seafile server with the following command - -```bash -# if `.env` file is in current directory: -docker compose up -d - -# if `.env` file is elsewhere: -docker compose -f /path/to/.env up -d -``` - -Wait for a few minutes for the first time initialization, then visit `http://seafile.example.com` to open Seafile Web UI. - -## Seafile directory structure - -### `/opt/seafile-data` - -Placeholder spot for shared volumes. You may elect to store certain persistent information outside of a container, in our case we keep various log files and upload directory outside. This allows you to rebuild containers easily without losing important information. - -* /opt/seafile-data/seafile: This is the directory for seafile server configuration and data. - * /opt/seafile-data/seafile/logs: This is the directory that would contain the log files of seafile server processes. For example, you can find seaf-server logs in `/opt/seafile-data/seafile/logs/seafile.log`. -* /opt/seafile-data/logs: This is the directory for operating system and Nginx logs. - * /opt/seafile-data/logs/var-log: This is the directory that would be mounted as `/var/log` inside the container. For example, you can find the nginx logs in `/opt/seafile-data/logs/var-log/nginx/`. - -### Find logs - -To monitor container logs (from outside of the container), please use the following commands: - -```bash -# if the `.env` file is in current directory: -docker compose logs --follow -# if the `.env` file is elsewhere: -docker compose -f /path/to/.env logs --follow - -# you can also specify container name: -docker compose logs seafile --follow -# or, if the `.env` file is elsewhere: -docker compose -f /path/to/.env logs seafile --follow -``` - -The Seafile logs are under `/shared/logs/seafile` in the docker, or `/opt/seafile-data/logs/seafile` in the server that run the docker. - -The system logs are under `/shared/logs/var-log`, or `/opt/seafile-data/logs/var-log` in the server that run the docker. - -To monitor all Seafile logs simultaneously (from outside of the container), run - -```bash -sudo tail -f $(find /opt/seafile-data/ -type f -name *.log 2>/dev/null) -``` - -## More configuration options - -### Use an existing mysql-server - -If you want to use an existing mysql-server, you can modify the `.env` as follows - -```env -SEAFILE_MYSQL_DB_HOST=192.168.0.2 -SEAFILE_MYSQL_DB_PORT=3306 -SEAFILE_MYSQL_ROOT_PASSWORD=ROOT_PASSWORD -SEAFILE_MYSQL_DB_PASSWORD=PASSWORD -``` - -NOTE: `SEAFILE_MYSQL_ROOT_PASSWORD` is needed during installation. Later, after Seafile is installed, the user `seafile` will be used to connect to the mysql-server (SEAFILE_MYSQL_DB_PASSWORD). You can remove the `SEAFILE_MYSQL_ROOT_PASSWORD`. - -### Modify Seafile server configurations - -The config files are under `/opt/seafile-data/seafile/conf`. You can modify the configurations according to [Seafile manual](https://manual.seafile.com/) - -After modification, you need to restart the container: - -```bash -docker compose restart -``` - -### Add a new admin - -Ensure the container is running, then enter this command: - -```bash -docker exec -it seafile /opt/seafile/seafile-server-latest/reset-admin.sh -``` - -Enter the username and password according to the prompts. You now have a new admin account. - -### Run Seafile as non root user inside docker - -You can use run seafile as non root user in docker. (**NOTE:** Programs such as `my_init`, Nginx are still run as `root` inside docker.) - -First add the `NON_ROOT=true` to the `.env`. - -```env -NON_ROOT=true -``` - -Then modify `/opt/seafile-data/seafile/` permissions. - -```bash -chmod -R a+rwx /opt/seafile-data/seafile/ -``` - -Then destroy the containers and run them again: - -```bash -docker compose down -docker compose up -d -``` - -Now you can run Seafile as `seafile` user. (**NOTE:** Later, when doing maintenance, other scripts in docker are also required to be run as `seafile` user, e.g. `su seafile -c ./seaf-gc.sh`) - -## Backup and recovery - -Follow the instructions in [Backup and restore for Seafile Docker](../maintain/backup_recovery.md) - -## Garbage collection - -When files are deleted, the blocks comprising those files are not immediately removed as there may be other files that reference those blocks (due to the magic of deduplication). To remove them, Seafile requires a ['garbage collection'](../maintain/seafile_gc.md) process to be run, which detects which blocks no longer used and purges them. (**NOTE:** for technical reasons, the GC process does not guarantee that _every single_ orphan block will be deleted.) - -The required scripts can be found in the `/scripts` folder of the docker container. To perform garbage collection, simply run `docker exec seafile /scripts/gc.sh`. For the community edition, this process will stop the seafile server, but it is a relatively quick process and the seafile server will start automatically once the process has finished. The Professional supports an online garbage collection. - -## FAQ - -### You can run docker commands like `docker exec` to find errors - -```bash -docker exec -it seafile /bin/bash -``` diff --git a/manual/docker/pro-edition/deploy_seafile_pro_with_docker.md b/manual/docker/pro-edition/deploy_seafile_pro_with_docker.md index 356a406c7..a825cc7c2 100644 --- a/manual/docker/pro-edition/deploy_seafile_pro_with_docker.md +++ b/manual/docker/pro-edition/deploy_seafile_pro_with_docker.md @@ -3,6 +3,7 @@ This manual explains how to deploy and run Seafile Server Professional Edition (Seafile PE) on a Linux server using Docker and Docker Compose. The deployment has been tested for Debian/Ubuntu and CentOS, but Seafile PE should also work on other Linux distributions. ## Requirements + Seafile PE requires a minimum of 2 cores and 2GB RAM. If Elasticsearch is installed on the same server, the minimum requirements are 4 cores and 4 GB RAM, and make sure the [mmapfs counts](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules-store.html#mmapfs) do not cause excptions like out of memory, which can be increased by following command (see for futher details): ```shell @@ -36,62 +37,49 @@ Use the [official installation guide for your OS to install Docker](https://docs Log into Seafile's private repository and pull the Seafile image: -``` +```bash docker login docker.seadrive.org -docker pull docker.seadrive.org/seafileltd/seafile-pro-mc:latest +docker pull docker.seadrive.org/seafileltd/seafile-pro-mc:12.0-latest ``` When prompted, enter the username and password of the private repository. They are available on the download page in the [Customer Center](https://customer.seafile.com/downloads). -NOTE: Older Seafile PE versions are also available in the repository (back to Seafile 7.0). To pull an older version, replace 'latest' tag by the desired version. +NOTE: Older Seafile PE versions are also available in the repository (back to Seafile 7.0). To pull an older version, replace '12.0-latest' tag by the desired version. -### Downloading and Modifying docker-compose.yml +### Downloading and Modifying `.env` -Download the docker-compose.yml sample file into Seafile's directory and modify the Compose file to fit your environment and settings. +From Seafile Docker 12.0, we recommend that you use `.env`, `seafile-server.yml` and `caddy.yml` files for configuration. NOTE: Different versions of Seafile have different compose files. -``` +```bash mkdir /opt/seafile cd /opt/seafile -# Seafile PE 7.1 and 8.0 -wget -O "docker-compose.yml" "https://manual.seafile.com/docker/docker-compose/pro/7.1_8.0/docker-compose.yml" - -# Seafile PE 9.0 -wget -O "docker-compose.yml" "https://manual.seafile.com/docker/docker-compose/pro/9.0/docker-compose.yml" - -# Seafile PE 10.0 -wget -O "docker-compose.yml" "https://manual.seafile.com/docker/docker-compose/pro/10.0/docker-compose.yml" - -# Seafile PE 11.0 -wget -O "docker-compose.yml" "https://manual.seafile.com/docker/docker-compose/pro/11.0/docker-compose.yml" +# Seafile PE 12.0 +wget -O .env https://manual.seafile.com/docker/docker-compose/pro/12.0/env +wget https://manual.seafile.com/docker/docker-compose/pro/12.0/seafile-server.yml +wget https://manual.seafile.com/docker/docker-compose/pro/12.0/caddy.yml -nano docker-compose.yml +nano .env ``` The following fields merit particular attention: -* The password of MariaDB root (MYSQL_ROOT_PASSWORD and DB_ROOT_PASSWD) -* The Seafile admin email address (SEAFILE_ADMIN_EMAIL) -* The Seafile admin password (SEAFILE_ADMIN_PASSWORD) -* The listening ports of the container seafile -* The host name (SEAFILE_SERVER_HOSTNAME) -* The use of Let's Encrypt for HTTPS (SEAFILE_SERVER_LETSENCRYPT) - -The new password for MYSQL_ROOT_PASSWORD and DB_ROOT_PASSWD must be identical. - -To enable HTTPS access (which is required for production use) enter the SEAFILE_SERVER_HOSTNAME and uncomment port 443 in the configuration of the container seafile. If you want to use Let's Encrypt to obtain a SSL certificate, set SEAFILE_SERVER_LETSENCRYPT to `true` (and do not comment out port 80 because it is required when requesting a Let's Encrypt certificate). If you want to use your own SSL certificate, leave SEAFILE_SERVER_LETSENCRYPT set to `false` and follow the instructions in section [Configuring a Custom SSL Certificate](https://manual.seafile.com/docker/pro-edition/deploy_seafile_pro_with_docker/#configuring-a-custom-ssl-certificate). - -Additional customizable options in the Compose file are: - -* The volume path for the container db -* The volume path for the container elasticsearch -* The volume path for the container seafile -* The image tag of the Seafile version to install (image) -* The time zone (TIME_ZONE) - -If you have pulled a particular version, modify the image tag accordingly. +- `SEAFILE_VOLUMES`: The volume directory of Seafile data +- `SEAFILE_MYSQL_VOLUMES`: The volume directory of MySQL data +- `SEAFILE_CADDY_VOLUMES`: The volume directory of Caddy data +- `SEAFILE_ELASTICSEARCH_VOLUMES`: The volume directory of Elasticsearch data +- `SEAFILE_MYSQL_ROOT_PASSWORD`: The `root` password of MySQL +- `SEAFILE_MYSQL_DB_PASSWORD`: The user `seafile` password of MySQL +- `JWT`: JWT_PRIVATE_KEY, A random string with a length of no less than 32 characters, generate example: `pwgen -s 40 1` +- `SEAFILE_SERVER_HOSTNAME`: Seafile server hostname or domain +- `SEAFILE_SERVER_PROTOCOL`: Seafile server protocol (http or https) +- `TIME_ZONE`: Time zone (default UTC) +- `SEAFILE_ADMIN_EMAIL`: Admin username +- `SEAFILE_ADMIN_PASSWORD`: Admin password + +NOTE: SSL is now handled by the caddy server. To conclude, set the directory permissions of the Elasticsearch volumne: @@ -108,7 +96,7 @@ Run docker compose in detached mode: docker compose up -d ``` -NOTE: You must run the above command in the directory with the docker-compose.yml. +NOTE: You must run the above command in the directory with the `.env`. Wait a few moment for the database to initialize. You can now access Seafile at the host name specified in the Compose file. (A 502 Bad Gateway error means that the system has not yet completed the initialization.) @@ -146,167 +134,60 @@ Placeholder spot for shared volumes. You may elect to store certain persistent i * /opt/seafile-data/seafile/logs: This is the directory that would contain the log files of seafile server processes. For example, you can find seaf-server logs in `/opt/seafile-data/seafile/logs/seafile.log`. * /opt/seafile-data/logs: This is the directory for operating system and Nginx logs. * /opt/seafile-data/logs/var-log: This is the directory that would be mounted as `/var/log` inside the container. For example, you can find the nginx logs in `/opt/seafile-data/logs/var-log/nginx/`. -* /opt/seafile-data/ssl: This is directory for certificate, which does not exist by default. ### Reviewing the Deployment -The command `docker container list` should list the four containers specified in the docker-compose.yml. +The command `docker container list` should list the containers specified in the `.env`. The directory layout of the Seafile container's volume should look as follows: -``` +```bash $ tree /opt/seafile-data -L 2 /opt/seafile-data ├── logs │   └── var-log ├── nginx │   └── conf -├── seafile -│   ├── ccnet -│   ├── conf -│   ├── logs -│   ├── pro-data -│   ├── seafile-data -│   └── seahub-data -└── ssl - ├── account.conf - ├── ca - ├── http.header - ├── SEAFILE_SERVER_HOSTNAME - ├── SEAFILE_SERVER_HOSTNAME.crt - └── SEAFILE_SERVER_HOSTNAME.key +└── seafile +    ├── ccnet +    ├── conf +    ├── logs +    ├── pro-data +    ├── seafile-data +    └── seahub-data ``` -NOTE: The directory `ssl` does not exist if Let's Encrypt is not used for HTTPS. SEAFILE_SERVER_HOSTNAME substitutes for the host name used in the docker-compose.yml file. - All Seafile config files are stored in `/opt/seafile-data/seafile/conf`. The nginx config file is in `/opt/seafile-data/nginx/conf`. Any modification of a configuration file requires a restart of Seafile to take effect: -``` +```bash docker compose restart ``` All Seafile log files are stored in `/opt/seafile-data/seafile/logs` whereas all other log files are in `/opt/seafile-data/logs/var-log`. -## Configuring a Custom SSL Certificate - -NOTE: This section is only relevant when you do not want to use a Let's Encrypt certificate, but a certificate of your own. - -Create a folder for the certificate: - -``` -mkdir /opt/seafile-data/ssl -``` - -Save your certificate and private key in this folder. - -Modify the nginx configuration `seafile.nginx.conf` in `/opt/seafile-data/nginx/conf` to look like this: - -``` -server { - listen 80; - server_name example.seafile.com default_server; - - location / { - rewrite ^ https://$host$request_uri? permanent; - } -} -server { - listen 443; - ssl on; - ssl_certificate /shared/ssl/your-ssl-crt.crt; - ssl_certificate_key /shared/ssl/your-ssl-key.key; - ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS; - - server_name example.seafile.com; - ... - -``` - -Modify the values for server_name, ssl_certificate, and ssl_certificate_key to correspond to your situation. - -Now reload the nginx configuration: - -``` -docker exec -it seafile /usr/sbin/nginx -s reload -``` - -NOTE: If you got the following error when SEAFILE_SERVER_LETSENCRYPT=true is set: - -```log -subprocess.CalledProcessError: Command '/scripts/ssl.sh /shared/ssl cloud.seafile-demo.de' returned non-zero exit status 128. -``` - -In /scripts/ssl.sh (script in seafile container), `git clone git://` has to be replaced with `git clone https://`. - -Then restart the container: - -```shell -docker compose restart -``` - -Since version 9.0.6, we use acme (not acme-tiny) to get certificate and fix this error. - -Since version 10.0.x, if you want to use a reverse proxy and apply for a certificate outside docker, you can use `FORCE_HTTPS_IN_CONF` to force write `https://` in the configuration file. - -e.g. - -``` -seafile: - ... - environment: - ... - - SEAFILE_SERVER_LETSENCRYPT=false - - SEAFILE_SERVER_HOSTNAME=seafile.example.com - - FORCE_HTTPS_IN_CONF=true - ... - -``` - ## Use an existing mysql-server -If you want to use an existing mysql-server, you can modify the `docker-compose.yml` as follows - -```yml -services: - #db: - #image: mariadb:10.11 - #... - - seafile: - ... - environment: - ... - - DB_HOST=192.168.0.2 - - DB_PORT=3306 - - DB_ROOT_PASSWD=mysql_root_password - ... - depends_on: - #- db - - memcached +If you want to use an existing mysql-server, you can modify the `.env` as follows + +```env +SEAFILE_MYSQL_DB_HOST=192.168.0.2 +SEAFILE_MYSQL_DB_PORT=3306 +SEAFILE_MYSQL_ROOT_PASSWORD=ROOT_PASSWORD +SEAFILE_MYSQL_DB_PASSWORD=PASSWORD ``` -* The entire db chapter needs to be removed -* The host of MySQL (DB_HOST) -* The port of MySQL (DB_PORT) -* The password of MySQL root (DB_ROOT_PASSWD) -* db in depends_on chapter needs to be removed -* When Seafile is installed, the user `seafile` will be used to connect to the mysql-server (in conf/seafile.conf). You can remove the `DB_ROOT_PASSWD`. +NOTE: `SEAFILE_MYSQL_ROOT_PASSWORD` is needed during installation. Later, after Seafile is installed, the user `seafile` will be used to connect to the mysql-server (SEAFILE_MYSQL_DB_PASSWORD). You can remove the `SEAFILE_MYSQL_ROOT_PASSWORD`. ## Run Seafile as non root user inside docker -Since version 10.0, you can use run seafile as non root user in docker. (NOTE: Programs such as my_init, Nginx are still run as root inside docker.) +You can use run seafile as non root user in docker. (**NOTE:** Programs such as `my_init`, Nginx are still run as `root` inside docker.) -First add the `NON_ROOT=true` to the docker-compose.yml. +First add the `NON_ROOT=true` to the `.env`. -```yml -seafile: - ... - environment: - ... - - NON_ROOT=true - ... +```env +NON_ROOT=true ``` Then modify `/opt/seafile-data/seafile/` permissions. @@ -315,28 +196,19 @@ Then modify `/opt/seafile-data/seafile/` permissions. chmod -R a+rwx /opt/seafile-data/seafile/ ``` -Note: Before version 11.0.7-pro, you have to create a seafile user on the host, and modify the owner to seafile in `/opt/seafile-data/seafile/`. (**NOTE:** Do not change the `uid` and `gid`.) - -```bash -groupadd --gid 8000 seafile - -useradd --home-dir /home/seafile --create-home --uid 8000 --gid 8000 --shell /bin/sh --skel /dev/null seafile - -chown -R seafile:seafile /opt/seafile-data/seafile/ -``` - -Restarting the container run Seafile use seafile user. (NOTE: Later when do maintenance, other scripts in docker also required to run as seafile user, e.g. `su seafile -c ./seaf-gc.sh`) +Then destroy the containers and run them again: ```bash docker compose down docker compose up -d ``` +Now you can run Seafile as `seafile` user. (**NOTE:** Later, when doing maintenance, other scripts in docker are also required to be run as `seafile` user, e.g. `su seafile -c ./seaf-gc.sh`) + ## Backup and Recovery Follow the instructions in [Backup and restore for Seafile Docker](../../maintain/backup_recovery.md) - ## Garbage Collection When files are deleted, the blocks comprising those files are not immediately removed as there may be other files that reference those blocks (due to the magic of deduplication). To remove them, Seafile requires a ['garbage collection'](https://manual.seafile.com/maintain/seafile_gc/) process to be run, which detects which blocks no longer used and purges them. (NOTE: for technical reasons, the GC process does not guarantee that _every single_ orphan block will be deleted.) @@ -345,15 +217,13 @@ The required scripts can be found in the `/scripts` folder of the docker contain ## OnlyOffice with Docker -You need to manually add the OnlyOffice config to docker-compose.yml +You need to manually add the OnlyOffice config to `.env` * [OnlyOffice with Docker](deploy_onlyoffice_with_docker.md) ## Clamav with Docker -Since version 9.0.6, you can deploy Clamav with Docker. - -You need to manually add the Clamav config to docker-compose.yml +You need to manually add the Clamav config to `.env` * [Deploy Clamav with Docker](../../deploy_pro/deploy_clamav_with_seafile.md) @@ -393,7 +263,6 @@ You need to manually add the Clamav config to docker-compose.yml * [Import Directory to Seafile](../../deploy_pro/seaf_import.md) - ## FAQ Q: I forgot the Seafile admin email address/password, how do I create a new admin account? diff --git a/manual/docker/pro-edition/deploy_seafile_pro_with_docker_v12.0.md b/manual/docker/pro-edition/deploy_seafile_pro_with_docker_v12.0.md deleted file mode 100644 index 5c45b66b4..000000000 --- a/manual/docker/pro-edition/deploy_seafile_pro_with_docker_v12.0.md +++ /dev/null @@ -1,285 +0,0 @@ -# Installation of Seafile Server Professional Edition with Docker (v12.0) - -This manual explains how to deploy and run Seafile Server Professional Edition (Seafile PE) on a Linux server using Docker and Docker Compose. The deployment has been tested for Debian/Ubuntu and CentOS, but Seafile PE should also work on other Linux distributions. - -## Requirements - -Seafile PE requires a minimum of 2 cores and 2GB RAM. If Elasticsearch is installed on the same server, the minimum requirements are 4 cores and 4 GB RAM, and make sure the [mmapfs counts](https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules-store.html#mmapfs) do not cause excptions like out of memory, which can be increased by following command (see for futher details): - -```shell -sysctl -w vm.max_map_count=262144 #run as root -``` - -or modify **/etc/sysctl.conf** and reboot to set this value permanently: - -```shell -nano /etc/sysctl.conf - -# modify vm.max_map_count -vm.max_map_count=262144 -``` - -Seafile PE can be used without a paid license with up to three users. Licenses for more user can be purchased in the [Seafile Customer Center](https://customer.seafile.com) or contact Seafile Sales at sales@seafile.com. - -## Setup - -The following assumptions and conventions are used in the rest of this document: - -- `/opt/seafile-data` is the directory of Seafile. If you decide to put Seafile in a different directory - which you can - adjust all paths accordingly. -- Seafile uses two [Docker volumes](https://docs.docker.com/storage/volumes/) for persisting data generated in its database and Seafile Docker container. The volumes' [host paths](https://docs.docker.com/compose/compose-file/compose-file-v3/#volumes) are /opt/seafile-mysql and /opt/seafile-data, respectively. It is not recommended to change these paths. If you do, account for it when following these instructions. -- All configuration and log files for Seafile and the webserver Nginx are stored in the volume of the Seafile container. - -### Installing Docker - -Use the [official installation guide for your OS to install Docker](https://docs.docker.com/engine/install/). - -### Downloading the Seafile Image - -Log into Seafile's private repository and pull the Seafile image: - -```bash -docker login docker.seadrive.org -docker pull docker.seadrive.org/seafileltd/seafile-pro-mc:12.0-latest -``` - -When prompted, enter the username and password of the private repository. They are available on the download page in the [Customer Center](https://customer.seafile.com/downloads). - -NOTE: Older Seafile PE versions are also available in the repository (back to Seafile 7.0). To pull an older version, replace '12.0-latest' tag by the desired version. - -### Downloading and Modifying `.env` - -From Seafile Docker 12.0, we recommend that you use `.env`, `seafile-server.yml` and `caddy.yml` files for configuration. - -NOTE: Different versions of Seafile have different compose files. - -```bash -mkdir /opt/seafile -cd /opt/seafile - -# Seafile PE 12.0 -wget -O .env https://manual.seafile.com/docker/docker-compose/pro/12.0/env -wget https://manual.seafile.com/docker/docker-compose/pro/12.0/seafile-server.yml -wget https://manual.seafile.com/docker/docker-compose/pro/12.0/caddy.yml - -nano .env -``` - -The following fields merit particular attention: - -- `SEAFILE_VOLUMES`: The volume directory of Seafile data -- `SEAFILE_MYSQL_VOLUMES`: The volume directory of MySQL data -- `SEAFILE_CADDY_VOLUMES`: The volume directory of Caddy data -- `SEAFILE_ELASTICSEARCH_VOLUMES`: The volume directory of Elasticsearch data -- `SEAFILE_MYSQL_ROOT_PASSWORD`: The `root` password of MySQL -- `SEAFILE_MYSQL_DB_PASSWORD`: The user `seafile` password of MySQL -- `JWT`: JWT_PRIVATE_KEY, A random string with a length of no less than 32 characters, generate example: `pwgen -s 40 1` -- `SEAFILE_SERVER_HOSTNAME`: Seafile server hostname or domain -- `SEAFILE_SERVER_PROTOCOL`: Seafile server protocol (http or https) -- `TIME_ZONE`: Time zone (default UTC) -- `SEAFILE_ADMIN_EMAIL`: Admin username -- `SEAFILE_ADMIN_PASSWORD`: Admin password - -NOTE: SSL is now handled by the caddy server. - -To conclude, set the directory permissions of the Elasticsearch volumne: - -```bash -mkdir -p /opt/seafile-elasticsearch/data -chmod 777 -R /opt/seafile-elasticsearch/data -``` - -### Starting the Docker Containers - -Run docker compose in detached mode: - -```bash -docker compose up -d -``` - -NOTE: You must run the above command in the directory with the `.env`. - -Wait a few moment for the database to initialize. You can now access Seafile at the host name specified in the Compose file. (A 502 Bad Gateway error means that the system has not yet completed the initialization.) - -### Find logs - -To view Seafile docker logs, please use the following command - -```shell -docker compose logs -f -``` - -The Seafile logs are under `/shared/logs/seafile` in the docker, or `/opt/seafile-data/logs/seafile` in the server that run the docker. - -The system logs are under `/shared/logs/var-log`, or `/opt/seafile-data/logs/var-log` in the server that run the docker. - -### Activating the Seafile License - -If you have a `seafile-license.txt` license file, simply put it in the volume of the Seafile container. The volumne's default path in the Compose file is `/opt/seafile-data`. If you have modified the path, save the license file under your custom path. - -Then restart Seafile: - -```bash -docker compose down - -docker compose up -d -``` - -## Seafile directory structure - -### `/opt/seafile-data` - -Placeholder spot for shared volumes. You may elect to store certain persistent information outside of a container, in our case we keep various log files and upload directory outside. This allows you to rebuild containers easily without losing important information. - -* /opt/seafile-data/seafile: This is the directory for seafile server configuration 、logs and data. - * /opt/seafile-data/seafile/logs: This is the directory that would contain the log files of seafile server processes. For example, you can find seaf-server logs in `/opt/seafile-data/seafile/logs/seafile.log`. -* /opt/seafile-data/logs: This is the directory for operating system and Nginx logs. - * /opt/seafile-data/logs/var-log: This is the directory that would be mounted as `/var/log` inside the container. For example, you can find the nginx logs in `/opt/seafile-data/logs/var-log/nginx/`. - -### Reviewing the Deployment - -The command `docker container list` should list the containers specified in the `.env`. - -The directory layout of the Seafile container's volume should look as follows: - -```bash -$ tree /opt/seafile-data -L 2 -/opt/seafile-data -├── logs -│   └── var-log -├── nginx -│   └── conf -└── seafile -    ├── ccnet -    ├── conf -    ├── logs -    ├── pro-data -    ├── seafile-data -    └── seahub-data -``` - -All Seafile config files are stored in `/opt/seafile-data/seafile/conf`. The nginx config file is in `/opt/seafile-data/nginx/conf`. - -Any modification of a configuration file requires a restart of Seafile to take effect: - -```bash -docker compose restart -``` - -All Seafile log files are stored in `/opt/seafile-data/seafile/logs` whereas all other log files are in `/opt/seafile-data/logs/var-log`. - -## Use an existing mysql-server - -If you want to use an existing mysql-server, you can modify the `.env` as follows - -```env -SEAFILE_MYSQL_DB_HOST=192.168.0.2 -SEAFILE_MYSQL_DB_PORT=3306 -SEAFILE_MYSQL_ROOT_PASSWORD=ROOT_PASSWORD -SEAFILE_MYSQL_DB_PASSWORD=PASSWORD -``` - -NOTE: `SEAFILE_MYSQL_ROOT_PASSWORD` is needed during installation. Later, after Seafile is installed, the user `seafile` will be used to connect to the mysql-server (SEAFILE_MYSQL_DB_PASSWORD). You can remove the `SEAFILE_MYSQL_ROOT_PASSWORD`. - -## Run Seafile as non root user inside docker - -You can use run seafile as non root user in docker. (**NOTE:** Programs such as `my_init`, Nginx are still run as `root` inside docker.) - -First add the `NON_ROOT=true` to the `.env`. - -```env -NON_ROOT=true -``` - -Then modify `/opt/seafile-data/seafile/` permissions. - -```bash -chmod -R a+rwx /opt/seafile-data/seafile/ -``` - -Then destroy the containers and run them again: - -```bash -docker compose down -docker compose up -d -``` - -Now you can run Seafile as `seafile` user. (**NOTE:** Later, when doing maintenance, other scripts in docker are also required to be run as `seafile` user, e.g. `su seafile -c ./seaf-gc.sh`) - -## Backup and Recovery - -Follow the instructions in [Backup and restore for Seafile Docker](../../maintain/backup_recovery.md) - -## Garbage Collection - -When files are deleted, the blocks comprising those files are not immediately removed as there may be other files that reference those blocks (due to the magic of deduplication). To remove them, Seafile requires a ['garbage collection'](https://manual.seafile.com/maintain/seafile_gc/) process to be run, which detects which blocks no longer used and purges them. (NOTE: for technical reasons, the GC process does not guarantee that _every single_ orphan block will be deleted.) - -The required scripts can be found in the `/scripts` folder of the docker container. To perform garbage collection, simply run `docker exec seafile /scripts/gc.sh`. For the community edition, this process will stop the seafile server, but it is a relatively quick process and the seafile server will start automatically once the process has finished. The Professional supports an online garbage collection. - -## OnlyOffice with Docker - -You need to manually add the OnlyOffice config to `.env` - -* [OnlyOffice with Docker](deploy_onlyoffice_with_docker.md) - -## Clamav with Docker - -You need to manually add the Clamav config to `.env` - -* [Deploy Clamav with Docker](../../deploy_pro/deploy_clamav_with_seafile.md) - -## Other functions - -### LDAP/AD Integration for Pro - -* [Configure LDAP in Seafile Pro](../../deploy_pro/using_ldap_pro.md) -* [Syncing Groups from LDAP/AD](../../deploy_pro/ldap_group_sync.md) -* [Syncing Roles from LDAP/AD](../../deploy_pro/ldap_role_sync.md) - -### S3/OpenSwift/Ceph Storage Backends - -* [Setup Seafile Professional Server With Amazon S3](../../deploy_pro/setup_with_amazon_s3.md) -* [Setup Seafile Professional Server With OpenStack Swift](../../deploy_pro/setup_with_swift.md) -* [Setup Seafile Professional Server With Ceph](../../deploy_pro/setup_with_ceph.md) -* [Data migration between different backends](../../deploy_pro/migrate.md) -* [Using multiple storage backends](../../deploy_pro/multiple_storage_backends.md) - -### Online File Preview and Editing - -* [Enable Office/PDF Documents Online Preview](../../deploy_pro/office_documents_preview.md) -* [Integrating with Office Online Server](../../deploy_pro/office_web_app.md) - -### Advanced User Management - -* [Multi-Institutions Support](../../deploy_pro/multi_institutions.md) -* [Roles and Permissions](../../deploy_pro/roles_permissions.md) - -### Advanced Authentication - -* [Two-factor Authentication](../../deploy_pro/two_factor_authentication.md) -* [ADFS or SAML 2.0](../../deploy_pro/adfs.md) -* [CAS](../../deploy_pro/cas.md) - -### Admin Tools - -* [Import Directory to Seafile](../../deploy_pro/seaf_import.md) - - -## FAQ - -Q: I forgot the Seafile admin email address/password, how do I create a new admin account? - -A: You can create a new admin account by running - -```bash -docker exec -it seafile /opt/seafile/seafile-server-latest/reset-admin.sh -``` - -The Seafile service must be up when running the superuser command. - -Q: If, for whatever reason, the installation fails, how do I to start from a clean slate again? - -A: Remove the directories /opt/seafile, /opt/seafile-data, /opt/seafile-elasticsearch, /opt/seafile-mysql and /opt/seafile-caddy and start again. - -Q: Something goes wrong during the start of the containers. How can I find out more? - -A: You can view the docker logs using this command: `docker compose logs -f`. diff --git a/mkdocs.yml b/mkdocs.yml index 8720a38fc..ce892d4d2 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -20,12 +20,15 @@ theme: plugins: - search - awesome-pages + - mike # Customization extra: social: - icon: fontawesome/brands/github link: https://github.com/haiwen/seafile-admin-docs/ + version: + provider: mike extra_css: - stylesheets/extra.css @@ -81,9 +84,6 @@ nav: - Migration from Seafile Community: docker/pro-edition/migrate_ce_to_pro_with_docker.md - Migrate from non-docker deployment: docker/non_docker_to_docker.md - Seafile Docker autostart: docker/seafile_docker_autostart.md - - Seafile Setup with Docker (v12.0): - - Seafile Community Installation (v12.0): docker/deploy_seafile_with_docker_v12.0.md - - Seafile Professional Installation (v12.0): docker/pro-edition/deploy_seafile_pro_with_docker_v12.0.md - Advanced Setup Options: - LDAP/AD Integration: - LDAP Integration: deploy/using_ldap.md