Go to file
2024-05-06 15:50:08 +00:00
.github Update actions/checkout digest to 0ad4b8f 2024-04-25 16:04:15 +00:00
compose Update ggogel/seahub-media Docker tag to v11.0.8 2024-04-25 19:40:05 +00:00
k8s Update ggogel/seahub-media Docker tag to v11.0.8 2024-04-25 19:40:05 +00:00
seafile-caddy seafile-caddy: improved lifecycle management 2024-02-14 10:56:35 +01:00
seafile-server Update ubuntu:jammy Docker digest to 6d7b5d3 2024-04-25 22:56:17 +00:00
seahub Update dependency djangosaml2 to v1.9.3 2024-05-06 15:50:08 +00:00
seahub-media Update Seafile to v11.0.8 2024-04-20 05:26:18 +00:00
.dockerignore update .dockerignore 2021-01-18 16:09:59 +01:00
.gitattributes add .gitattributes 2023-10-19 10:14:16 +02:00
.gitignore edit .gitignore 2021-01-23 15:28:37 +01:00
README.md Update README.md 2024-02-16 09:04:25 +01:00

Docker Cloud Automated build Docker Cloud Build Status Docker Image Version (tag latest semver) Docker Pulls

Docker Cloud Automated build Docker Cloud Build Status Docker Image Version (tag latest semver) Docker Pulls

Docker Cloud Automated build Docker Cloud Build Status Docker Image Version (tag latest semver) Docker Pulls

Docker Cloud Automated build Docker Cloud Build Status Docker Image Version (tag latest semver) Docker Pulls

Containerized Seafile Deployment

A fully containerized deployment of Seafile for Docker, Docker Swarm and Kubernetes.

Table of Contents

  1. Features
  2. Structure
  3. Getting Started
  4. Additional Information

Features

  • Complete redesign of the official Docker deployment with containerization best-practices in mind.
  • Runs seahub (frontend) and seafile server (backend) in separate containers, which commuicate with each other over TCP.
  • Cluster without pro edition.
  • Separate Caddy container as reverse proxy
  • Increased Security:
    • The caddy reverse proxy serves as a single entry point to the stack. Everything else runs in an isolated network.
    • Using Alpine Linux based images for the frontend, which is designed with security in mind and comes with proactive security features.
    • Official Seafile Docker deployment uses entirely outdated base images and dependencies. Here base images and dependencies are updated regularly.
  • Reworked Dockerfiles featuring multi-stage builds, allowing for smaller images and faster builds.
  • Schedule offline garbage collection with cron job.
  • Runs upgrade scripts automatically when a new image version is deployed.
  • All features of Seafile Community Edition are included.

Structure

Services:

  • seafile-server
    • contains the backend component called seafile-server
    • handles storage, some direct client access and seafdav
  • seahub
    • dynamic frontend component called seahub
    • serves the web-ui
    • communicates with seafile-server
  • seahub-media
    • serves static website content as well as avatars and custom logos
  • db
    • the database used by seafile-server and seahub
  • memcached
    • database cache for seahub
  • seafile-caddy
    • reverse proxy that forwards paths to the correct endpoints: seafile-server, seahub or seahub-media
    • is the single external entry point to the deployment

Volumes:

  • seafile-data
    • shared data volume of seafile-server and seahub
    • also contains configuration and log files
  • seafile-mariadb
    • volume of the db service
    • stores the database
  • seahub-custom
    • contains custom logos
    • stored by seahub and served by seahub-media
  • seahub-avatars
    • contains user avatars
    • stored by seahub and served by seahub-media

Note: In the official docker deployment custom and avatars are served by nginx. Seahub alone cannot serve them for some reason, hence the separate volumes.

Networks:

  • seafile-net
    • isolated local network used by the services to communicate with each other

Getting Started

  1. Prerequisites

    Requires Docker and docker-compose to be installed.

    For deployment on Kubernetes see Wiki / Kubernetes.

    For additional considerations when using Docker in Swarm Mode see Wiki / Docker Swarm.

  2. Get the compose file

    Use this compose file as a starting point.

    wget https://raw.githubusercontent.com/ggogel/seafile-containerized/master/compose/docker-compose.yml
    
  3. Set environment variables

    Important: The environment variables are only relevant for the first deployment. The existing configuration in the volumes is not overwritten.

    On a first deployment, you need to carefully set those values. Changing them later can be tricky. Please take a look at the Seafile documentation on how to change configuration values.

    seafile-server

    The name of the mariadb service, which is automatically the docker-internal hostname.

    - DB_HOST=db 
    

    Password of the mariadb root user. This must equal MYSQL_ROOT_PASSWORD.

    - DB_ROOT_PASSWD=db_dev
    

    Time zone used by Seafile.

    - TIME_ZONE=Europe/Berlin
    

    This will be used for the SERVICE_URL and FILE_SERVER_ROOT. Important: Changing those values in the config files later won't have any effect because they are written to the database. Those values have priority over the config files. To change them enter the "System Admin" section on the web-ui. If you encounter issues with file upload, those are likely misconfigured.

    - SEAFILE_URL=seafile.mydomain.com 
    

    If you plan to use a reverse proxy with https, set this to true. This will replace http with https in the SERVICE_URL and FILE_SERVER_ROOT.

    - HTTPS=false
    

    seahub

    Username / E-Mail of the first admin user.

    - SEAFILE_ADMIN_EMAIL=me@example.com
    

    Password of the first admin user.

    - SEAFILE_ADMIN_PASSWORD=asecret
    

    db

    Password of the mariadb root user. Must match DB_ROOT_PASSWD.

    - MYSQL_ROOT_PASSWORD=db_dev
    

    Enable logging console.

    - MYSQL_LOG_CONSOLE=true
    
  4. (Optional) Reverse Proxy

    The caddy reverse proxy integrated with the deployment exposes port 80. Point your existing reverse proxy to that port.

    This deployment does by design not include a reverse proxy capable of HTTPS and Let's Encrypt, unlike the official deployment, because usually Docker users already have some docker-based reverse proxy solution deployed, which does exactly that.

  5. Deployment

    Docker Compose

    After you followed the above steps and have configured everything correctly run:

    docker-compose -p seafile up -d
    

    Docker Swarm

    After you followed the above steps and have configured everything correctly run:

    docker stack deploy -c docker-compose.yml seafile
    

Advanced Configuration and Troubleshooting

For advanced configuration and troubleshooting see the Wiki.