====== Seafile ======
Instalujemy pakiety:
pkg install mysql56-server seahub seafile-server gettext-tools
Włączamy MySQL:
echo 'mysql_enable="YES"' > /etc/rc.conf.d/mysql
service mysql-server start
Ustawiamy hasło na root-a na MySQL:
mysqladmin -u root password
Jeśli baza jest zdalna (lub odpalana w jailu), trzeba przynajmniej na chwilę dać uprawnienia root-owi na pełną kontrolę zdalną:
mysql -u root -p
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
Uruchamiamy setup seafile:
cd /usr/local/www/haiwen/seafile-server/
./setup-seafile-mysql.sh
Przykładowy output:
Checking python on this machine ...
Checking python module: setuptools ... Done.
Checking python module: python-imaging ... Done.
Checking python module: python-mysqldb ... Done.
-----------------------------------------------------------------
This script will guide you to setup your seafile server using MySQL.
Make sure you have read seafile server manual at
https://github.com/haiwen/seafile/wiki
Press ENTER to continue
-----------------------------------------------------------------
What is the name of the server? It will be displayed on the client.
3 - 15 letters or digits
[ server name ] Files
What is the ip or domain of the server?
For example: www.mycompany.com, 192.168.1.101
[ This server's ip or domain ] seafile.domain.com
Where do you want to put your seafile data?
Please use a volume with enough free space
[ default "/usr/local/www/haiwen/seafile-data" ]
Which port do you want to use for the seafile fileserver?
[ default "8082" ]
-------------------------------------------------------
Please choose a way to initialize seafile databases:
-------------------------------------------------------
[1] Create new ccnet/seafile/seahub databases
[2] Use existing ccnet/seafile/seahub databases
[ 1 or 2 ] 1
What is the host of mysql server?
[ default "localhost" ] 192.168.0.6
Which hosts should be able to use your MySQL Account?
[ default "%" ] 192.168.0.6
What is the port of mysql server?
[ default "3306" ]
What is the password of the mysql root user?
[ root password ]
verifying password of user root ... done
Enter the name for mysql user of seafile. It would be created if not exists.
[ default "root" ] seafile
Enter the password for mysql user "seafile":
[ password for seafile ]
Enter the database name for ccnet-server:
[ default "ccnet-db" ]
Enter the database name for seafile-server:
[ default "seafile-db" ]
Enter the database name for seahub:
[ default "seahub-db" ]
---------------------------------
This is your configuration
---------------------------------
server name: Files
server ip/domain: seafile.domain.com
seafile data dir: /usr/local/www/haiwen/seafile-data
fileserver port: 8082
database: create new
ccnet database: ccnet-db
seafile database: seafile-db
seahub database: seahub-db
database user: seafile
---------------------------------
Press ENTER to continue, or Ctrl-C to abort
---------------------------------
Generating ccnet configuration ...
done
Successly create configuration dir /usr/local/www/haiwen/ccnet.
Generating seafile configuration ...
Done.
done
Generating seahub configuration ...
----------------------------------------
Now creating seahub database tables ...
----------------------------------------
creating seafile-server-latest symbolic link ... done
-----------------------------------------------------------------
Your seafile server configuration has been finished successfully.
-----------------------------------------------------------------
run seafile server: ./seafile.sh { start | stop | restart }
run seahub server: ./seahub.sh { start | stop | restart }
-----------------------------------------------------------------
If you are behind a firewall, remember to allow input/output of these tcp ports:
-----------------------------------------------------------------
port of seafile fileserver: 8082
port of seahub: 8000
When problems occur, Refer to
https://github.com/haiwen/seafile/wiki
for information.
Generujemy locale dla Seahub-a (port tego domyślnie nie robi):
cd /usr/local/www/haiwen/seafile-server/seahub
for i in locale/*/*/*.po thirdpart/captcha/locale/*/*/*.po thirdpart/registration/locale/*/*/*.po ; do echo Procesing: $i ; msgfmt -v -o ${i%.po}.mo $i ; done
Konfigurujemy domyślne locale dla Seahub. W pliku ''/usr/local/www/haiwen/seafile-server/seahub/seahub/settings.py'' ustawiamy:
TIME_ZONE = 'Europe/Warsaw'
LANGUAGE_CODE = 'pl'
Do pliku ''/usr/local/www/haiwen/conf/seahub_settings.py'' również dopisujemy locale, dodatkowo FILE_SERVER_ROOT (potrzebny do http) oraz konfigurację poczty:
FILE_SERVER_ROOT = 'https://seafile.domain.com/seafhttp'
TIME_ZONE = 'Europe/Warsaw'
LANGUAGE_CODE = 'pl'
LANGUAGE = 'pl'
SITE_NAME = 'Files'
SITE_TITLE = 'Private Seafile'
EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.domain.com'
EMAIL_HOST_USER = 'seafile@smtp.domain.com'
EMAIL_HOST_PASSWORD = 'xxxxxxxxxxxxxxxxxxxxxxxx'
EMAIL_PORT = 587
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
SERVER_EMAIL = EMAIL_HOST_USER
W pliku ''/usr/local/www/haiwen/conf/ccnet.conf'' ustawiamy SERVICE_URL:
SERVICE_URL = https://seafile.domain.com
W pliku ''/usr/local/www/haiwen/conf/seafdav.conf'' włączamy obsługę WEBDAV:
[WEBDAV]
enabled = true
port = 8080
fastcgi = true
share_name = /seafdav
Poprawiamy prawa dostępu do całego seafile-a:
cd /usr/local/www/
chown -R seafile:seafile haiwen
Konfiguracja nginx:
server {
listen 80;
listen [::]:80;
server_name seafile.domain.com;
return 301 https://$server_name$request_uri; # enforce https
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name seafile.domain.com;
access_log /var/log/nginx/seafile.domain.com-access.log;
error_log /var/log/nginx/seafile.domain.com-error.log;
ssl_certificate /etc/ssl/www/seafile.domain.com.crt;
ssl_certificate_key /etc/ssl/www/seafile.domain.com.key;
proxy_set_header X-Forwarded-For $remote_addr;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
server_tokens off;
location / {
fastcgi_pass 127.0.0.1:8000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
access_log /var/log/nginx/seahub.access.log;
error_log /var/log/nginx/seahub.error.log;
fastcgi_read_timeout 36000;
}
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://127.0.0.1:8082;
client_max_body_size 0;
proxy_request_buffering off;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
send_timeout 36000s;
}
location /seafdav {
fastcgi_pass 127.0.0.1:8080;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
client_max_body_size 0;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
send_timeout 36000s;
# This option is only available for Nginx >= 1.8.0. See more details below.
proxy_request_buffering off;
access_log /var/log/nginx/seafdav.access.log;
error_log /var/log/nginx/seafdav.error.log;
}
location /media {
root /usr/local/www/haiwen/seafile-server-latest/seahub;
}
}
Przed pierwszym uruchomieniem wywalamy z ''/tmp'' śmieci Seahub-a:
rm -rf /tmp/seahub_cache
Uruchamiamy serwisy:
echo 'nginx_enable="YES"' > /etc/rc.conf.d/nginx
echo 'seafile_enable="YES"' > /etc/rc.conf.d/seafile
echo 'seahub_enable="YES"' > /etc/rc.conf.d/seahub
echo 'seahub_fastcgi="YES"' >> /etc/rc.conf.d/seahub
service nginx start
service seafile start
service seahub start
Ustawiamy superadmina:
/usr/local/www/haiwen/seafile-server/reset-admin.sh
Jeśli wszystko działa, wywalamy uprawnienia root-a by mógł się globalnie logować do MySQL-a:
mysql> show grants for root;
+------------------------------------------------------------------------------------------+
| Grants for root@% |
+------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY PASSWORD '*XX' WITH GRANT OPTION |
+------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
mysql> REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'root'@'%';
Query OK, 0 rows affected (0.00 sec)
mysql> DROP USER 'root'@'%';
Query OK, 0 rows affected (0.00 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)