15308555518/ seafile-admin-docs
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-admin-docs.git synced 2025-12-26 02:32:50 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Update document on multi-tenancy

This commit is contained in:
Daniel Pan 2024-11-12 15:29:30 +08:00
parent 5c1909e64d
commit 42637bb9ae
1 changed files with 11 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
manual/config/multi_tenancy.md
View File

@ -1,7 +1,3 @@
---
status: new
---
Multi-tenancy feature is designed for hosting providers that what to host several customers in a single Seafile instance. You can create multi-organizations. Organizations is separated from each other. Users can't share libraries between organizations.
## Seafile Config ##
@ -45,33 +41,31 @@ After creating an organization, the first user will become the admin of that org
### Preparation for ADFS/SAML
**The _system admin_ has to complete the following works.**
**Fisrt**, install xmlsec1 package:
```
$ apt update
$ apt install xmlsec1
```
**Second**, prepare SP(Seafile) certificate directory and SP certificates:
1) Prepare SP(Seafile) certificate directory and SP certificates:
Create sp certs dir
```
$ mkdir -p /opt/seafile/seahub-data/certs
$ mkdir -p /opt/seafile-data/seafile/seahub-data/certs
```
The SP certificate can be generated by the openssl command, or you can apply to the certificate manufacturer, it is up to you. For example, generate the SP certs using the following command:
```
$ cd /opt/seafile/seahub-data/certs
$ cd /opt/seafile-data/seafile/seahub-data/certs
$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout sp.key -out sp.crt
```
!!! tip "The `days` option indicates the validity period of the generated certificate. The unit is day. The system admin needs to update the certificate regularly"
**Finally**, add the following configuration to seahub_settings.py and then restart Seafile:
!!! note
If certificates are **not placed in** `/opt/seafile-data/seafile/seahub-data/certs`, you need to add the following configuration in seahub_settings.py:
```python
SAML_CERTS_DIR = '/path/to/certs'
```
2) Add the following configuration to seahub_settings.py and then restart Seafile:
```python
ENABLE_MULTI_ADFS = True
@ -83,23 +77,6 @@ SAML_ATTRIBUTE_MAPPING = {
}
```
!!! note
- If the xmlsec1 binary is **not located in** `/usr/bin/xmlsec1`, you need to add the following configuration in seahub_settings.py:
```python
SAML_XMLSEC_BINARY_PATH = '/path/to/xmlsec1'
```
View where the xmlsec1 binary is located:
```
$ which xmlsec1
```
- If certificates are **not placed in** `/opt/seafile/seahub-data/certs`, you need to add the following configuration in seahub_settings.py:
```python
SAML_CERTS_DIR = '/path/to/certs'
```
### Integration with ADFS/SAML single sign-on