Собственный dropbox на базе seafile

4.2.0 (2015/05/07)

• Support overlay icons for files based on the sync status

• Use http syncing only

• Auto detect existing folders and prompt «syncing with existing folder» in first time syncing

• Open desktop icon popup the main window if Seafile is already running

• Respect umask on Linux

• Fix main window stay outside screens problem

• Fix a few small syncing issues.

• Allow sharing root directory from finder extension

• Auto login from the client when click the server URL (need v4.2 server)

• Auto logout when the authorization is expired (require server supports)

• Auto detect existing folders in first time syncing

• Save server info persistently

• More miscellaneous fixes

更多配置选项

自定义管理员用户名和密码

默认的管理员账号以及密码分别为，.你可以通过设置容器的环境变量来改变初始化时生成的管理员的账号和密码.

例如:

docker run -d --name seafile \  -e SEAFILE_SERVER_HOSTNAME=seafile.example.com \  -e SEAFILE_ADMIN_EMAIL=me@example.com \  -e SEAFILE_ADMIN_PASSWORD=a_very_secret_password \  -v /opt/seafile-data:/shared \  -p 80:80 \  seafileltd/seafile:latest

如果您忘记了管理员密码，你可以添加一个新的管理员账号，然后通过这个新的管理员账号重置之前的管理员密码.

向Let’s encrypt申请SSL证书

如果您设置为, 那么容器会自动根据设置的主机名向Let’s encrypt申请SSL证书

例如:

docker run -d --name seafile \  -e SEAFILE_SERVER_LETSENCRYPT=true \  -e SEAFILE_SERVER_HOSTNAME=seafile.example.com \  -e SEAFILE_ADMIN_EMAIL=me@example.com \  -e SEAFILE_ADMIN_PASSWORD=a_very_secret_password \  -v /opt/seafile-data:/shared \  -p 80:80 \  -p 443:443 \  seafileltd/seafile:latest

如果你想使用已经拥有的SSL证书:

• 创建目录, 并将你的证书以及私钥放入这个目录中.

• 假设您的网站名称为, 那么您的证书名称必须为，而且您的私钥名称必须为

Seafile 服务的配置会存放在目录下，你可以根据 Seafile 手册修改配置

修改之后需要重启容器.

docker restart seafile

Seafile 服务的日志会存放在目录下, 由于是将挂载到，所以同样可以在宿主机上的目录下找到.

系统日志会存放在目录下.

添加新的管理员

确保您的容器正在运行，然后输入以下命令:

docker exec -it seafile /opt/seafile/seafile-server-latest/reset-admin.sh

然后根据提示输入用户名以及密码即可

SSL

Generating self-signed certificate

To generate a self-signed certificat using OpenSSL use
this command:

openssl req -x509 -newkey rsa:4096 -keyout privkey.pem -out cert.pem -nodes -days 365

An unprotected private key will be generated using the command
line option . Omit it to generate a password protected
private key file. Mount these two files into the container
to the folder using the default SSL locations.

Using Let’s Encrypt

Mount your letsencrypt folder to . Adapt certificate
and private key filenames using the and
environment variables. It’s important that the cert file path points
to in order to allow the Seafile client to correctly
verify the certificate.

For example add the following parameters to your command:

4.2.4 (2015/06/11)

• add workarounds with auto update bugs in cloud browser

• add the missing support for ipv6 (curl)

• add new tab to searching files

• fix the regularly disappearance tray icon (Qt5.4.2)

• fix broken network connection sometimes after resume (Qt5.4.2)

• add an option to syncing with an existing folder with a different name

• avoid race condition when quiting

• fix a bug with opening password-protected repo in cloud browser

• ui: tweak paddings in the event activities

• filebrowser: show file type correctly along with icons

• ui: improve repo item category

• ui: show download link in share link dialog

• ui: enhance event details

Test network config

You need to have nginx installed for this test to work properly.
If you want to run these tests now you can simply install nginx with

Debian / Ubuntu / Rasphian

CentOS

Testing with curl:

Or test using nmap:

Open a web browser: . If you see the default nginx page, it works.

IPv6

If your server has a global IPv6 address, you can test it with a web browser on a computer in local LAN having IPv6 enabled as well: .
This works because the Nginx ‘default’ server comes with IPv6 enabled.

You can test with curl as well:

Or test using nmap:

Note that port 80 is open because of the default server, port 443 is not (for now)!

Test it using nmap:

Open a web browser: . If you see the default nginx page, it works.

• CentOS Reference Manual: Interface Configuration Files

Backup

Steps:

1. Backup the databases;

2. Backup the seafile data directory;

​​

• backing up Database:

  cd /backup/databasesdocker exec -it seafile mysqldump  -uroot --opt ccnet_db > ccnet_db.sqldocker exec -it seafile mysqldump  -uroot --opt seafile_db > seafile_db.sqldocker exec -it seafile mysqldump  -uroot --opt seahub_db > seahub_db.sql

• Backing up Seafile library data:

  • To directly copy the whole data directory

    cp -R /shared/seafile /backup/data/cd /backup/data &&rm -rf ccnet

  • Use rsync to do incremental backup

    rsync -az /shared/seafile /backup/data/cd /backup/data &&rm -rf ccnet

Recovery

• Restore the databases:

  cp /backup/data/ccnet_db.sql /shared/ccnet_db.sqlcp /backup/data/seafile_db.sql /shared/seafile_db.sqlcp /backup/data/seahub_db.sql /shared/seahub_db.sqldocker exec -it seafile /bin/sh -c "mysql -uroot ccnet_db < /shared/ccnet_db.sql"docker exec -it seafile /bin/sh -c "mysql -uroot seafile_db < /shared/seafile_db.sql"docker exec -it seafile /bin/sh -c "mysql -uroot seahub_db < /shared/seahub_db.sql"

• Restore the seafile data:

  cp -R /backup/data/* /shared/seafile/

Garbage Collection

When files are deleted, the blocks comprising those files are not immediately removed as there may be other files that reference those blocks (due to the magic of deduplication). To remove them, Seafile requires a ‘garbage collection’ process to be run, which detects which blocks no longer used and purges them. (NOTE: for technical reasons, the GC process does not guarantee that every single orphan block will be deleted.)

The required scripts can be found in the folder of the docker container. To perform garbage collection, simply run . For the community edition, this process will stop the seafile server, but it is a relatively quick process and the seafile server will start automatically once the process has finished. The Professional supports an online garbage collection.

Troubleshooting

You can run docker commands like «docker logs» or «docker exec» to find errors.

docker logs -f seafiledocker exec -it seafile bash

Contribution

You are welcome to contribute to this manual. Please submit your code on Github.
If you found an issue please report it on Github .

You can contact us via the forum, but it takes usually longer to get the changes into the manual this way.
It is faster if you submit the suggested changes via Github.

Languages / Translation

At a later point we might provide this manual in other languages if we find at least two persons to maintain each language. Currently this is not the case.
The English version has priority as the focus is to have a working manual and not many languages.

Please contact us via Seafile Forum if you would like to contribute.

About Seafile

Seafile is an open source enterprise file sync and share platform with high reliability and performance. Seafile provides similar feature set to Dropbox, Google Drive and Office 365, while it allows users to host the server on their own hardware. The core feature of Seafile is file sync and share. It provides client apps for most operating systems like Windows, Mac OS, Linux, iOS and Android. It also provides a user-friendly web interface for accessing files in a web browser.

Technology and innovation are always the driving force for the development of Seafile.

Back to October 2012, Seafile was at first released as an efficient and reliable alternative to cloud storage services such as Dropbox. With its amazingly fast and reliable file syncing capability, Seafile attracted an active user base in the next few years. It quickly became one of the most popular on-premises file sync&share solutions.

In 2016, we realized that, given the ever faster network and still limited disk space on desktop computers, it will be very useful to allow users to access files on the cloud without syncing them to local disk. With this insight, we developed and released the Drive client for Seafile. It maps Seafile cloud storage as a virtual drive on Windows, Mac and Linux computers. Similar features were then released by leading cloud storage services including Dropbox, Google Drive and OneDrive, in 2017. Up to the year of 2019, Seafile is the only on-premises file sync&share solution that provides this capability.

Since 2017, Seafile extended its feature set to online document collaboration. It integrated with Microsoft Office Online Server, OnlyOffice and Collabora Office. It allows users to work on the same document together directly in the web browser.

In June 2019, Seafile 7.0 version added knowledge management capability. Users can save Wiki documents in Markdown format directly inside a library. Other types of files can be saved alongside Wiki documents in a library. Such organic combination of Wiki and Cloud Storage removes the limitation on attachment size in traditional Wiki systems. Wiki documents can be conveniently edited in web browser with a WYSIWYG Markdown editor. Full-text search, file tagging, related documents, document review features are included to make knowledge management very efficient.

Up to 2019, Seafile has over 2,000,000 users worldwide. It is also used in large organizations and commercial companies like University of Mainz and Kaspersky Lab.

Настройка почтовых уведомлений уведомлений.

Настройка уведомлений происходит в файле seahub_settings.py

Все современные почтовики работают только с шифрованием, поэтому расскажу о проблемах, с которыми я столкнулся в результате настройки с разными почтовиками.

После произведения настроек необходимо перезагрузить службы и :

Настройка с использованием SSL шифрования.

Здесь почему то все не однозначно. Заверено что должно поддерживаться но по факту мне не удалось  заставить работать уведомления с использованием ящика от Яндекс почты. Выходом из ситуации стал .

Настройка Postfix

Создаем файл с логином и паролем от ящика:

В нем прописываем следующее:

Далее обрабатываем файл командой :

Редактируем файл :

Добавляем и редактируем следующие строки:

Редактируем файл

Меняем на 

Редактируем :

Добавляем в файл:

Редактируем :

Добавляем в файл:

Перезапускаем и :

Редактируем файл :

Добавляем:

Настройка с использованием корпоративного сервера Exchange.

На Exchange создаем новый соеденитель получения и настраиваем согласно приложенным картинкам

View the embedded image gallery online at:

Редактируем файл :

更多配置选项

自定义管理员用户名和密码

默认的管理员账号以及密码分别为，. 你可以通过设置容器的环境变量来改变初始化时生成的管理员的账号和密码.

比如:

docker run -d --name seafile \  -e SEAFILE_SERVER_HOSTNAME=seafile.example.com \  -e SEAFILE_ADMIN_EMAIL=me@example.com \  -e SEAFILE_ADMIN_PASSWORD=a_very_secret_password \  -v /opt/seafile-data:/shared \  -p 80:80 \  docker.seafile.top/seafileltd/seafile-pro:latest

如果您忘记了管理员密码，你可以添加一个新的管理员账号，然后通过这个新的管理员账号重置之前的管理员密码.

向Let’s encrypt申请SSL证书

如果您设置为, 那么容器会自动根据设置的主机名向Let’s encrypt申请SSL证书

比如:

docker run -d --name seafile \  -e SEAFILE_SERVER_LETSENCRYPT=true \  -e SEAFILE_SERVER_HOSTNAME=seafile.example.com \  -e SEAFILE_ADMIN_EMAIL=me@example.com \  -e SEAFILE_ADMIN_PASSWORD=a_very_secret_password \  -v /opt/seafile-data:/shared \  -p 80:80 \  -p 443:443 \  docker.seafile.top/seafileltd/seafile-pro:latest

如果你想使用已经拥有的SSL证书:

• 创建目录, 并将你的证书以及私钥放入这个目录中.

• 假设您的网站名称为, 那么您的证书名称必须为，而且您的私钥名称必须为

Seafile 服务的配置会存放在目录下，你可以根据 Seafile手册 修改配置

修改之后需要重启容器.

docker restart seafile

Seafile 服务的日志会存放在目录下, 由于是将挂载到，所以同样可以在宿主机上的目录下找到.

系统日志会存放在目录下.

添加新的管理员

确保您的容器正在运行，然后输入以下命令:

docker exec -it seafile /opt/seafile/seafile-server-latest/reset-admin.sh

然后根据提示输入用户名以及密码即可

6.1.4 (2017/12/20)

cloud file browser

• Don’t use resumable upload feature when updating a file

• Show an icon to indicate that a file is cached

• Show a warning icon when a file failed to upload to the server after changing

• User can re-upload a local modified file that failed to upload

• Add a command to open local cache folder

• Improve error messages when uploading a file or a folder

• Fix a bug that a doc/xls file uploaded automatically after downloading

• Some ui fixes and improvements

others

• Don’t show the connection status of 127.0.0.1

• Disable editing of local syncing path, users can only choose a path

• Some ui fixes and improvements

示例配置 2: With Nginx/Apache

你的WebDAV客户端将在地址访问WebDAV服务器。

​enabled = trueport = 8080fastcgi = trueshare_name = /seafdav

在上面的配置中，»’share_name»’的值被改为»’/seafdav»’, 它是你指定给seafdav服务器的地址后缀。

Nginx 无 HTTPS

相应的Nginx配置如下 (无 https):

​     location /seafdav {        fastcgi_pass    127.0.0.1:8080;        fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;        fastcgi_param   PATH_INFO           $fastcgi_script_name;​        fastcgi_param   SERVER_PROTOCOL     $server_protocol;        fastcgi_param   QUERY_STRING        $query_string;        fastcgi_param   REQUEST_METHOD      $request_method;        fastcgi_param   CONTENT_TYPE        $content_type;        fastcgi_param   CONTENT_LENGTH      $content_length;        fastcgi_param   SERVER_ADDR         $server_addr;        fastcgi_param   SERVER_PORT         $server_port;        fastcgi_param   SERVER_NAME         $server_name;​        client_max_body_size 0;​        access_log      /var/log/nginx/seafdav.access.log;        error_log       /var/log/nginx/seafdav.error.log;    }

Nginx 有 HTTPS

Nginx配置为https:

​     location /seafdav {        fastcgi_pass    127.0.0.1:8080;        fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;        fastcgi_param   PATH_INFO           $fastcgi_script_name;​        fastcgi_param   SERVER_PROTOCOL     $server_protocol;        fastcgi_param   QUERY_STRING        $query_string;        fastcgi_param   REQUEST_METHOD      $request_method;        fastcgi_param   CONTENT_TYPE        $content_type;        fastcgi_param   CONTENT_LENGTH      $content_length;        fastcgi_param   SERVER_ADDR         $server_addr;        fastcgi_param   SERVER_PORT         $server_port;        fastcgi_param   SERVER_NAME         $server_name;​        client_max_body_size 0;​        fastcgi_param   HTTPS               on;​        access_log      /var/log/nginx/seafdav.access.log;        error_log       /var/log/nginx/seafdav.error.log;    }

Apache

首先编辑 文件, 添加如下这行到文件结尾(或者根据你的Linux发行版将其添加到 ):

​FastCGIExternalServer /var/www/seafdav.fcgi -host 127.0.0.1:8080

注意, 仅仅只是一个占位符, 实际在你的系统并不需要有此文件。

第二, 修改Apache配置文件 (site-enabled/000-default):

Apache 无 HTTPS

根据你的Apache配置当你, 加入Seafdav的相关配置:

​​​ServerName www.myseafile.com  DocumentRoot /var/www  Alias /media  /home/user/haiwen/seafile-server/seahub/media​  RewriteEngine On​  #  # seafile fileserver  #  ProxyPass /seafhttp http://127.0.0.1:8082  ProxyPassReverse /seafhttp http://127.0.0.1:8082  RewriteRule ^/seafhttp - ​  #  # seafile webdav  #  RewriteCond %{HTTP:Authorization} (.+)  RewriteRule ^(/seafdav.*)$ /seafdav.fcgi$1   RewriteRule ^(/seafdav.*)$ /seafdav.fcgi$1 ​  #  # seahub  #  RewriteRule ^/(media.*)$ /$1   RewriteCond %{REQUEST_FILENAME} !-f  RewriteRule ^(.*)$ /seahub.fcgi$1 ​​

Apache 有 HTTPS

根据你的apache配置当你配置Seafile网站和Apache并启用Https, 加入seafdav的相关配置:

​​​ServerName www.myseafile.com  DocumentRoot /var/www  Alias /media  /home/user/haiwen/seafile-server/seahub/media​  SSLEngine On  SSLCertificateFile /etc/ssl/cacert.pem  SSLCertificateKeyFile /etc/ssl/privkey.pem​  RewriteEngine On​  #  # seafile fileserver  #  ProxyPass /seafhttp http://127.0.0.1:8082  ProxyPassReverse /seafhttp http://127.0.0.1:8082  RewriteRule ^/seafhttp - ​  #  # seafile webdav  #  RewriteCond %{HTTP:Authorization} (.+)  RewriteRule ^(/seafdav.*)$ /seafdav.fcgi$1   RewriteRule ^(/seafdav.*)$ /seafdav.fcgi$1 ​  #  # seahub  #  RewriteRule ^/(media.*)$ /$1   RewriteCond %{REQUEST_FILENAME} !-f  RewriteRule ^(.*)$ /seahub.fcgi$1 ​​

Debian / Ubuntu / Rasphian

Static IPv4 address

After installing the operating system it often gets its IPv4 adress via DHCP. To avoid trouble in the future this address should be static in most cases.

The line tells us is the default gateway, is the network device in our case. We need to remember that.

The interresting part is the inet line in our network device (). It tells us is the current IPv4 address, is the network
mask in CIDR notation, which is as subnet mask (see https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
and is the broadcast address.

We need to pick an unused IPv4 address, which is not within the DHCP range. Mostly the DHCP server is in the router.
You will find the description there. ist the gateway in this case as we have seen. DHCP range starts normaly at
or above. is normally free, but you should be sure about that to prevent annoying network problems.
I choose as static IPv4 address.

We take the dns-server (= nameserver) from here. In this case the DHCP server put this computer in the domain while I put it into the domain .
PROS and CONS regarding this settings are not scope of this how-to. We will leave it as it is for now.

Now it is better to have a backup of the configuration. We can put it in our home directory:

This is the actual network configuration:

Change the network configuration to your actual values:

Reboot. Test your network configuration to assure it’s working. should show your static IPv4 address,
still the gateway and so on. If something does not work, you have a file named «interfaces» in the home directory of user root, that is your backup.
You can copy it back to and start all over.

Static IPv6 address

If you don’t want to use or cannot use IPv6 you may skip this step and anything related to IPv6 in the following chapters.

If you find an inet6 address with scope and not and not , it’s an IPv6 address you may use to access your server.

Add the IPv6 block to your network configuration

Environment variables

• — default: comes from
• — default comes from corresponding variable from linked machine
• — default comes from corresponding variable from linked machine
• — default comes from corresponding variable from linked machine, if it is not set no databases or roles will be created
• — default comes from corresponding variable from linked machine
• — Admin email (login) for all services (the default is — change it!)
• — Admin password (the default is — change it!)
• — default: — user quota in GB, integer only
• — days to keep history
• — maximum upload file size
• — maximum download directory size
• — enable memcache at this host for cache (just )
• — default:
• — default: , SMPT server for email sending
• — default:
• — default: — use TLS for SMPT
• — login to with this user
• — enable email sending, use this password to login to
• — default: — enable cloud mode and hide tab
• — deafult: — enable registration on web
• — default:
• — default: — set this to seahub website’s URL. This URL is contained in email notifications
• — default: — set this to your website’s name. This is contained in email notifications
• — default: — set seahub website’s title
• — default: — if you don’t want to run seahub website on your site’s root path, set this option to your preferred path, e.g. setting it to would run seahub on
• — default:
• — default: if is not set, otherwise
• — default: — activate user when registration complete. Default is , if set to , new users need to be activated by admin in admin panel.
• — default: not set — serve FastCGI for Seahub on for reverse proxy
• — default: if is not set, otherwise — serve FastCGI for webdav on port for reverse proxy
• — default: if equals or is not set, otherwise