seafile-containerized/README.md

222 lines
11 KiB
Markdown
Raw Normal View History

2021-01-28 12:30:23 +00:00
[![Docker Cloud Automated build](https://img.shields.io/docker/cloud/automated/ggogel/seafile-server?label=docker%20build%3A%20seafile-server%20)](https://hub.docker.com/r/ggogel/seafile-server)
[![Docker Cloud Build Status](https://img.shields.io/docker/cloud/build/ggogel/seafile-server?label=docker%20build%3A%20seafile-server%20)](https://hub.docker.com/r/ggogel/seafile-server)
2022-11-29 12:13:11 +00:00
[![Docker Image Version (tag latest semver)](https://img.shields.io/docker/v/ggogel/seafile-server/9.0.9)](https://hub.docker.com/r/ggogel/seafile-server)
[![Docker Pulls](https://img.shields.io/docker/pulls/ggogel/seafile-server)](https://hub.docker.com/r/ggogel/seafile-server)
2021-01-26 10:06:25 +00:00
2021-01-28 12:30:23 +00:00
[![Docker Cloud Automated build](https://img.shields.io/docker/cloud/automated/ggogel/seahub?label=docker%20build%3A%20seahub)](https://hub.docker.com/r/ggogel/seahub)
[![Docker Cloud Build Status](https://img.shields.io/docker/cloud/build/ggogel/seahub?label=docker%20build%3A%20seahub)](https://hub.docker.com/r/ggogel/seahub)
2022-11-29 12:13:11 +00:00
[![Docker Image Version (tag latest semver)](https://img.shields.io/docker/v/ggogel/seahub/9.0.9)](https://hub.docker.com/r/ggogel/seahub)
[![Docker Pulls](https://img.shields.io/docker/pulls/ggogel/seahub)](https://hub.docker.com/r/ggogel/seahub)
2021-01-26 10:06:25 +00:00
2021-01-28 12:30:23 +00:00
[![Docker Cloud Automated build](https://img.shields.io/docker/cloud/automated/ggogel/seahub-media?label=docker%20build%3A%20seahub-media)](https://hub.docker.com/r/ggogel/seahub-media)
[![Docker Cloud Build Status](https://img.shields.io/docker/cloud/build/ggogel/seahub-media?label=docker%20build%3A%20seahub-media)](https://hub.docker.com/r/ggogel/seahub-media)
2022-11-29 12:13:11 +00:00
[![Docker Image Version (tag latest semver)](https://img.shields.io/docker/v/ggogel/seahub/9.0.9)](https://hub.docker.com/r/ggogel/seahub-media)
[![Docker Pulls](https://img.shields.io/docker/pulls/ggogel/seahub-media)](https://hub.docker.com/r/ggogel/seahub-media)
2021-01-26 10:06:25 +00:00
2021-01-28 12:30:23 +00:00
[![Docker Cloud Automated build](https://img.shields.io/docker/cloud/automated/ggogel/seafile-caddy?label=docker%20build%3A%20seafile-caddy)](https://hub.docker.com/r/ggogel/seafile-caddy)
[![Docker Cloud Build Status](https://img.shields.io/docker/cloud/build/ggogel/seafile-caddy?label=docker%20build%3A%20seafile-caddy)](https://hub.docker.com/r/ggogel/seafile-caddy)
2022-11-29 12:13:11 +00:00
[![Docker Image Version (tag latest semver)](https://img.shields.io/docker/v/ggogel/seafile-caddy/1.0.6)](https://hub.docker.com/r/ggogel/seafile-caddy)
[![Docker Pulls](https://img.shields.io/docker/pulls/ggogel/seafile-caddy)](https://hub.docker.com/r/ggogel/seafile-caddy)
2021-01-26 10:04:42 +00:00
2021-01-22 23:25:22 +00:00
# Containerized Seafile Deployment
2021-01-23 14:28:58 +00:00
A fully containerized deployment of Seafile for Docker and Docker Swarm.
2021-01-22 23:25:22 +00:00
2021-11-17 07:13:45 +00:00
## Table of Contents
1. [Features](#features)
1. [Structure](#structure)
1. [Getting Started](#getting-started)
1. [Additional Information](#additional-information)
1. [Enable the New GoLang Fileserver coming with 9.0](#enable-the-new-golang-fileserver-coming-with-90)
1. [Upgrading Seafile Server](#upgrading-seafile-server)
1. [User Avatars and Custom Logos](#user-avatars-and-custom-logos)
1. [LDAP](#ldap)
1. [OAuth](#oauth)
1. [Garbage Collection](#garbage-collection)
1. [Access Log](#access-log)
2021-11-17 08:44:12 +00:00
1. [Docker Swarm](#Docker-Swarm-1)
2021-11-17 07:13:45 +00:00
1. [Storage](#storage)
1. [Network](#network)
1. [Reverse Proxy load balancing](#reverse-proxy-load-balancing)
1. [Example](#example)
2021-01-23 14:28:58 +00:00
## Features
2021-01-26 14:42:00 +00:00
- Complete redesign of the [official Docker deployment](https://manual.seafile.com/docker/deploy%20seafile%20with%20docker/) with containerization best-practices in mind.
2021-01-31 19:23:33 +00:00
- Runs seahub (frontend) and seafile server (backend) in separate containers, which commuicate with each other over TCP.
- Cluster without pro edition.
- Completely removed Nginx and self-implemented Let's Encrypt and replaced it with two caddy services.
2021-01-23 14:28:58 +00:00
- Increased Security:
- The caddy reverse proxy serves as a single entry point to the stack. Everything else runs in an isolated network.
- Using [Alpine Linux](https://alpinelinux.org/about/) based images for the frontend, which is designed with security in mind and comes with proactive security features.
2022-11-29 12:04:18 +00:00
- Official Seafile Docker deployment uses entirely outdated base images and dependencies. Here base images and dependencies are updated on a regular basis.
2021-01-23 14:28:58 +00:00
- Reworked Dockerfiles featuring multi-stage builds, allowing for smaller images and faster builds.
2022-11-29 12:04:18 +00:00
- Schedule offline garbage collection with cron job.
- Runs upgrade scripts automatically when a new image version is deployed.
- All features of Seafile Community Edition are included.
2021-01-23 18:31:33 +00:00
## Structure
2021-01-23 18:46:20 +00:00
Services:
- *seafile-server*
- contains the backend component called [seafile-server](https://github.com/haiwen/seafile-server)
- handles storage, some direct client access and seafdav
- *seahub*
- dynamic frontend component called [seahub](https://github.com/haiwen/seahub)
- serves the web-ui
- communicates with seafile-server
- *seahub-media*
- serves static website content as well as avatars and custom logos
- *db*
- the database used by *seafile-server* and *seahub*
- *memcached*
- database cache for *seahub*
- *seafile-caddy*
- reverse proxy that forwards paths to the correct endpoints: *seafile-server*, *seahub* or *seahub-media*
- is the single external entrypoint to the deployment
Volumes:
- *seafile-data*
- shared data volume of *seafile-server* and *seahub*
- also contains configuration and log files
- *seafile-mariadb*
- volume of the *db* service
- stores the database
- *seahub-custom*
- contains custom logos
- stored by *seahub* and served by *seahub-media*
- *seahub-avatars*
- contains user avatars
- stored by *seahub* and served by *seahub-media*
*Note: In the official docker deployment custom and avatars are served by nginx. Seahub alone is not able to serve them for some reason, hence the separate volumes.*
Networks:
- *seafile-net*
- isolated local network used by the services to communicate with each other
2021-01-23 18:31:33 +00:00
## Getting Started
2021-01-23 18:51:59 +00:00
2021-01-23 19:05:24 +00:00
1. ***Prerequisites***
2021-01-23 18:51:59 +00:00
2021-01-23 18:31:33 +00:00
Requires Docker and docker-compose to be installed.
2021-01-23 19:05:24 +00:00
2. ***Get the compose file***
2021-01-23 18:31:33 +00:00
2021-01-25 00:29:00 +00:00
#### Docker Compose
Use this compose file as a starting point.
2021-01-23 18:31:33 +00:00
```
wget https://raw.githubusercontent.com/ggogel/seafile-containerized/master/compose/docker-compose.yml
2021-01-23 18:31:33 +00:00
```
_Note:_ We expect certain services names. Do not rename services except `db`.
2021-01-25 00:29:00 +00:00
#### Docker Swarm
2021-01-23 18:31:33 +00:00
2021-01-25 00:29:00 +00:00
If you run a single node swarm and don't want to run multiple replicas, you can use the same compose file. Otherwise refer to [Additional Information / Docker Swarm](#Docker-Swarm-1).
2021-01-23 18:31:33 +00:00
2021-01-23 19:05:24 +00:00
3. ***Set environment variables***
2021-01-23 18:31:33 +00:00
**Important:** The environment variables are only relevant for the first deployment. Existing configuration in the volumes is **not** overwritten.
On a first deployment you need to carefully set those values. Changing them later can be tricky. Refer to the Seafile documentation on how to change configuration values.
2021-01-23 19:21:09 +00:00
### *seafile-server*
The name of the mariadb service, which is automatically the docker-internal hostname.
```
2021-01-23 18:31:33 +00:00
- DB_HOST=db
2021-01-23 19:21:09 +00:00
```
Password of the mariadb root user. This must equal MYSQL_ROOT_PASSWORD.
```
2021-01-23 18:31:33 +00:00
- DB_ROOT_PASSWD=db_dev
2021-01-23 19:21:09 +00:00
```
Time zone used by Seafile.
```
2021-01-23 18:31:33 +00:00
- TIME_ZONE=Europe/Berlin
2021-01-23 19:21:09 +00:00
```
2021-01-27 23:43:13 +00:00
2021-01-23 19:21:09 +00:00
This will be used for the SERVICE_URL and FILE_SERVER_ROOT.
Important: Changing those values in the config files later won't have any effect because they are written to the database. Those values have priority over the config files. To change them enter the "System Admin" section on the web-ui. If you encounter issues with file upload, it's likely that those are configured incorrectly.
```
2021-01-23 18:31:33 +00:00
- SEAFILE_SERVER_HOSTNAME=seafile.mydomain.com
2021-01-23 19:21:09 +00:00
```
If you plan to use a reverse proxy with https, set this to true. This will replace http with https in the SERVICE_URL and FILE_SERVER_ROOT.
```
2021-01-23 18:31:33 +00:00
- HTTPS=false
2021-01-23 19:21:09 +00:00
```
2021-01-23 19:21:54 +00:00
2021-01-27 23:43:13 +00:00
### *seahub*
Username / E-Mail of the first admin user.
```
- SEAFILE_ADMIN_EMAIL=me@example.com
```
Password of the first admin user.
```
- SEAFILE_ADMIN_PASSWORD=asecret
```
2021-01-23 19:21:09 +00:00
### *db*
Password of the mariadb root user. Must match DB_ROOT_PASSWD.
```
2021-01-23 18:31:33 +00:00
- MYSQL_ROOT_PASSWORD=db_dev
2021-01-23 19:21:09 +00:00
```
Enable logging console.
```
2021-01-23 18:31:33 +00:00
- MYSQL_LOG_CONSOLE=true
```
2021-01-23 19:05:24 +00:00
4. ***(Optional) Migrating volumes from official Docker deployment or native install***
2021-01-23 18:31:33 +00:00
**If you set up Seafile from scratch you can skip this part.**
2022-11-29 12:55:32 +00:00
The [official Docker deployment](https://manual.seafile.com/docker/deploy%20seafile%20with%20docker/) uses [bind mounts](https://docs.docker.com/storage/bind-mounts/) to the host path instead of actual docker volumes. This was probably chosen to create compatibility between a native install and the docker deployment. This deployment uses [named volumes](https://docs.docker.com/storage/volumes/), which come with several advantages over bind mounts and are the recommended mechanism for persisted storage on Docker. The default path for named volumes on Docker is `/var/lib/docker/volumes/PROJECT-NAME_VOLUME-NAME/_data`. Of course you could also use the old paths but it is not best practice according to the Docker documentation.
2021-01-23 18:31:33 +00:00
To migrate storage from the official Docker deployment run:
```
2021-02-03 16:30:49 +00:00
mkdir -p /var/lib/docker/volumes/seafile_seafile-data/_data
mkdir -p /var/lib/docker/volumes/seafile_seafile-mariadb/_data
mkdir -p /var/lib/docker/volumes/seafile_seahub-custom/_data
mkdir -p /var/lib/docker/volumes/seafile_seahub-avatars/_data
2021-01-23 18:31:33 +00:00
2021-02-03 16:30:49 +00:00
cp -r /opt/seafile-data /var/lib/docker/volumes/seafile_seafile-data/_data
cp -r /opt/seafile-mysql/db /var/lib/docker/volumes/seafile_seafile-mariadb/_data
mv /var/lib/docker/volumes/seafile_seafile-data/_data/seafile/seahub-data/custom /var/lib/docker/volumes/seafile_seahub-custom/_data
mv /var/lib/docker/volumes/seafile_seafile-data/_data/seafile/seahub-data/avatars /var/lib/docker/volumes/seafile_seahub-avatars/_data
2021-01-23 18:31:33 +00:00
```
2022-11-29 12:55:32 +00:00
2021-01-23 18:31:33 +00:00
2021-01-25 01:03:49 +00:00
*Tip:* If you want to use a different path, like a separate drive, to store your Docker volumes, simply create a symbolic link like this:
2021-01-25 00:33:13 +00:00
```
2021-02-03 16:36:53 +00:00
service docker stop
2021-01-25 00:33:13 +00:00
mv /var/lib/docker/volumes /var/lib/docker/volumes-bak
mkdir -p /mnt/external/volumes
ln -sf /mnt/external/volumes /var/lib/docker
2021-02-03 16:36:53 +00:00
service docker start
2021-01-25 00:33:13 +00:00
```
2021-01-23 19:05:24 +00:00
5. ***(Optional) Reverse Proxy***
2021-01-23 18:59:54 +00:00
2022-11-29 12:55:32 +00:00
The caddy reverse proxy integrated with the deployment exposes **port 80**. Point your existing reverse proxy to that port.
2021-01-23 18:31:33 +00:00
2022-11-29 12:55:32 +00:00
This deployment does by design **not** include a reverse proxy capable of HTTPS and Let's Encrypt, unlike the official deployment, because usually Docker users already have some docker-based reverse proxy solution deployed, which does exactly that.
2021-01-23 18:31:33 +00:00
2021-01-23 19:05:24 +00:00
6. ***Deployment***
2021-01-23 18:31:33 +00:00
#### Docker Compose
After you followed the above steps and you have configured everything correctly run:
```
2021-02-03 16:30:49 +00:00
docker-compose -p seafile up -d
2021-01-23 18:31:33 +00:00
```
#### Docker Swarm
After you followed the above steps and you have configured everything correctly run:
```
docker stack deploy -c docker-compose.yml seafile
```
2022-11-29 12:55:32 +00:00
## Advanced Configuration and Troubleshooting
2022-11-29 12:55:32 +00:00
For advanced configuration and troubleshooting see the [Wiki](https://github.com/ggogel/seafile-containerized/wiki).