vikarti.anatra/seafile-containerized
1
0
Fork 0
mirror of https://github.com/ggogel/seafile-containerized.git synced 2024-11-16 17:05:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

cp -r image/seafile_7.1 image/seafile_8.0

Browse source
This commit is contained in:
Gerrit Gogel 2021-01-18 00:29:51 +01:00
parent 26098139d6
commit 013b6f99c6
5 changed files with 193 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
image/seafile_8.0/Dockerfile Normal file
View file

@ -0,0 +1,59 @@
# See https://hub.docker.com/r/phusion/baseimage/tags/
FROM phusion/baseimage:0.11
ENV SEAFILE_SERVER=seafile-server SEAFILE_VERSION=
RUN apt-get update --fix-missing
# Utility tools
RUN apt-get install -y vim htop net-tools psmisc wget curl git
# For suport set local time zone.
RUN export DEBIAN_FRONTEND=noninteractive && apt-get install tzdata -y
# Nginx
RUN apt-get install -y nginx
# Python3
RUN apt-get install -y python3 python3-pip python3-setuptools
RUN python3.6 -m pip install --upgrade pip && rm -r /root/.cache/pip
RUN pip3 install --timeout=3600 click termcolor colorlog pymysql \
django==1.11.29 && rm -r /root/.cache/pip
RUN pip3 install --timeout=3600 Pillow pylibmc captcha jinja2 \
sqlalchemy django-pylibmc django-simple-captcha && \
rm -r /root/.cache/pip
# Scripts
COPY scripts_7.1 /scripts
COPY templates /templates
COPY services /services
RUN chmod u+x /scripts/*
RUN mkdir -p /etc/my_init.d && \
rm -f /etc/my_init.d/* && \
cp /scripts/create_data_links.sh /etc/my_init.d/01_create_data_links.sh
RUN mkdir -p /etc/service/nginx && \
rm -f /etc/nginx/sites-enabled/* /etc/nginx/conf.d/* && \
mv /services/nginx.conf /etc/nginx/nginx.conf && \
mv /services/nginx.sh /etc/service/nginx/run
# Seafile
WORKDIR /opt/seafile
RUN mkdir -p /opt/seafile/ && cd /opt/seafile/ && \
wget https://download.seadrive.org/seafile-server_${SEAFILE_VERSION}_x86-64.tar.gz && \
tar -zxvf seafile-server_${SEAFILE_VERSION}_x86-64.tar.gz && \
rm -f seafile-server_${SEAFILE_VERSION}_x86-64.tar.gz
# For using TLS connection to LDAP/AD server with docker-ce.
RUN find /opt/seafile/ \( -name "liblber-*" -o -name "libldap-*" -o -name "libldap_r*" -o -name "libsasl2.so*" \) -delete
EXPOSE 80
CMD ["/sbin/my_init", "--", "/scripts/start.py"]

34
image/seafile_8.0/services/nginx.conf Normal file
View file

@ -0,0 +1,34 @@
daemon off;
user www-data;
worker_processes auto;
events {
worker_connections 768;
}
http {
include /etc/nginx/mime.types;
server_names_hash_bucket_size 256;
server_names_hash_max_size 1024;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
log_format seafileformat '$http_x_forwarded_for $remote_addr [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $upstream_response_time';
access_log /var/log/nginx/access.log seafileformat;
error_log /var/log/nginx/error.log info;
gzip on;
gzip_types text/plain text/css application/javascript application/json text/javascript;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 80;
location / {
return 444;
}
}
}

3
image/seafile_8.0/services/nginx.sh Normal file
View file

@ -0,0 +1,3 @@
#!/bin/bash
exec 2>&1
exec /usr/sbin/nginx

3
image/seafile_8.0/templates/letsencrypt.cron.template Normal file
View file

@ -0,0 +1,3 @@
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# min hour dayofmonth month dayofweek command
0 0 1 * * root /scripts/ssl.sh {{ ssl_dir }} {{ domain }}

94
image/seafile_8.0/templates/seafile.nginx.conf.template Normal file
View file

@ -0,0 +1,94 @@
# -*- mode: nginx -*-
# Auto generated at {{ current_timestr }}
{% if https -%}
server {
listen 80;
server_name _ default_server;
# allow certbot to connect to challenge location via HTTP Port 80
# otherwise renewal request will fail
location /.well-known/acme-challenge/ {
alias /var/www/challenges/;
try_files $uri =404;
}
location / {
rewrite ^ https://{{ domain }}$request_uri? permanent;
}
}
{% endif -%}
server {
{% if https -%}
listen 443;
ssl on;
ssl_certificate /shared/ssl/{{ domain }}.crt;
ssl_certificate_key /shared/ssl/{{ domain }}.key;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
# TODO: More SSL security hardening: ssl_session_tickets & ssl_dhparam
# ssl_session_tickets on;
# ssl_session_ticket_key /etc/nginx/sessionticket.key;
# ssl_session_cache shared:SSL:10m;
# ssl_session_timeout 10m;
{% else -%}
listen 80;
{% endif -%}
server_name {{ domain }};
client_max_body_size 10m;
location / {
proxy_pass http://127.0.0.1:8000/;
proxy_read_timeout 310s;
proxy_set_header Host $host;
proxy_set_header Forwarded "for=$remote_addr;proto=$scheme";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection "";
proxy_http_version 1.1;
client_max_body_size 0;
access_log /var/log/nginx/seahub.access.log seafileformat;
error_log /var/log/nginx/seahub.error.log;
}
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://127.0.0.1:8082;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 0;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_request_buffering off;
access_log /var/log/nginx/seafhttp.access.log seafileformat;
error_log /var/log/nginx/seafhttp.error.log;
}
location /seafdav {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 1200s;
client_max_body_size 0;
access_log /var/log/nginx/seafdav.access.log seafileformat;
error_log /var/log/nginx/seafdav.error.log;
}
location /media {
root /opt/seafile/seafile-server-latest/seahub;
}
# For letsencrypt
location /.well-known/acme-challenge/ {
alias /var/www/challenges/;
try_files $uri =404;
}
}