15308555518/ seafile-admin-docs
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-admin-docs.git synced 2025-12-29 22:12:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improve folder structure

This commit is contained in:
Daniel Pan 2023-08-26 11:09:02 +08:00
parent 9979213a6c
commit 445b3fa2a1
3 changed files with 41 additions and 360 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
manual/deploy/deploy_with_apache.md
View File

@ -1,100 +0,0 @@
# Config Seahub with Apache
## Important
According to the [security advisory](https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/) published by Django team, we recommend disable [GZip compression](http://httpd.apache.org/docs/2.2/mod/mod_deflate.html) to mitigate [BREACH attack](http://breachattack.com/).
This tutorial assumes you run at least Apache 2.4.
## Prepare
Install and enable apache modules
On Ubuntu you can use:
```bash
sudo a2enmod rewrite
sudo a2enmod proxy_http
```
## Deploy Seahub/FileServer With Apache
Seahub is the web interface of Seafile server. FileServer is used to handle raw file uploading/downloading through browsers. By default, it listens on port 8082 for HTTP request.
Here we deploy Seahub and FileServer with reverse proxy. We assume you are running Seahub using domain '''www.myseafile.com'''.
Modify Apache config file:
(`sites-enabled/000-default`) for ubuntu/debian, (`vhost.conf`) for centos/fedora
```apache
<VirtualHost *:80>
ServerName www.myseafile.com
# Use "DocumentRoot /var/www/html" for Centos/Fedora
# Use "DocumentRoot /var/www" for Ubuntu/Debian
DocumentRoot /var/www
Alias /media /home/user/haiwen/seafile-server-latest/seahub/media
AllowEncodedSlashes On
RewriteEngine On
<Location /media>
Require all granted
</Location>
#
# seafile fileserver
#
ProxyPass /seafhttp http://127.0.0.1:8082
ProxyPassReverse /seafhttp http://127.0.0.1:8082
RewriteRule ^/seafhttp - [QSA,L]
#
# seahub
#
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8000/
ProxyPassReverse / http://127.0.0.1:8000/
</VirtualHost>
```
## Modify seahub_setting.py
You need to modify the value of `SERVICE_URL` in [seahub_settings.py](../config/seahub_settings_py.md)
to let Seafile know the domain you choose. You can also modify SERVICE_URL via web UI in "System Admin->Settings". (**Warning**: if you set the value both via Web UI and seahub_settings.py, the setting via Web UI will take precedence.)
```python
SERVICE_URL = 'http://seafile.example.com'
```
Note: If you later change the domain assigned to seahub, you also need to change the value of `SERVICE_URL`.
You need to add a line in `seahub_settings.py` to set the value of `FILE_SERVER_ROOT`. You can also modify `FILE_SERVER_ROOT` via web UI in "System Admin->Settings". (**Warning**: if you set the value both via Web UI and seahub_settings.py, the setting via Web UI will take precedence.)
```python
FILE_SERVER_ROOT = 'http://seafile.example.com/seafhttp'
```
## Start Seafile and Seahub
```bash
sudo service apache2 restart
./seafile.sh start
./seahub.sh start
```
## Troubleshooting
### Problems with paths and files containing spaces
If there are problems with paths or files containing spaces, make sure to have at least Apache 2.4.12.
References
* https://github.com/haiwen/seafile/issues/1258#issuecomment-188866740
* https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1284641
* https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1284641/comments/5
* https://svn.apache.org/viewvc/httpd/httpd/tags/2.4.12/CHANGES?view=markup#l45

216
manual/deploy/deploy_with_nginx.md
View File

@ -1,216 +0,0 @@
# Configuration of Seahub behind Nginx
[Both components of Seafile Server](https://manual.seafile.com/overview/components/), Seahub and seaf-server, can be configured to run behind a reverse proxy. A reverse proxy increases the performance of Seafile and allows the encryption of inbound and outbound traffic.
For production use, a setup with a reverse proxy and HTTPS encryption is a MUST .
[Nginx](http://nginx.org/), a popular and resource-friendly HTTP server and reverse proxy, is a good option. Nginx's documentation is available at http://nginx.org/en/docs/.
## Setup
The configuration of Seafile behind Nginx as a reverse proxy is demonstrated using the sample host name `seafile.example.com`.
These instructions assume the following requirements:
* Seafile Server Community Edition/Professional Edition was setup according to the instructions in this manual (i.e., a dedicated user seafile exists and all Seafile files are stored in /opt/seafile)
* A host name points at the IP address of the server and the server is available on port 80
If your setup differs from thes requirements, adjust the following instructions accordingly.
### Installing Nginx
Install Nginx using the package repositories:
```bash
# CentOS
sudo yum install nginx -y
# Debian/Ubuntu
sudo apt install nginx -y
```
After the installation, start the server and enable it so that Nginx starts at system boot:
```bash
# CentOS/Debian/Ubuntu
sudo systemctl start nginx
sudo systemctl enable nginx
```
### Preparing Nginx
The configuration of a proxy server in Nginx differs slightly between CentOS and Debian/Ubuntu. Additionally, the restrictive default settings of SELinux's configuration on CentOS require a modification.
#### Preparing Nginx on CentOS
Switch SELinux into permissive mode and perpetuate the setting:
``` bash
sudo setenforce permissive
sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config
```
Create a configuration file for seafile in `/etc/nginx/conf.d`:
```bash
touch /etc/nginx/conf.d/seafile.conf
```
#### Preparing Nginx on Debian/Ubuntu
Create a configuration file for seafile in `/etc/nginx/sites-available/`:
```bash
touch /etc/nginx/sites-available/seafile.conf
```
Delete the default files in `/etc/nginx/sites-enabled/` and `/etc/nginx/sites-available`:
````bash
rm /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-available/default
````
Create a symbolic link:
````bash
ln -s /etc/nginx/sites-available/seafile.conf /etc/nginx/sites-enabled/seafile.conf
````
### Configuring Nginx
Copy the following sample Nginx config file into the just created `seafile.conf` and modify the content to fit your needs:
```nginx
log_format seafileformat '$http_x_forwarded_for $remote_addr [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $upstream_response_time';
server {
listen 80;
server_name seafile.example.com;
proxy_set_header X-Forwarded-For $remote_addr;
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_read_timeout 1200s;
# used for view/edit office file via Office Online Server
client_max_body_size 0;
access_log /var/log/nginx/seahub.access.log seafileformat;
error_log /var/log/nginx/seahub.error.log;
}
# If you are using [FastCGI](http://en.wikipedia.org/wiki/FastCGI),
# which is not recommended, you should use the following config for location `/`.
#
# location / {
# fastcgi_pass 127.0.0.1:8000;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param PATH_INFO $fastcgi_script_name;
#
# fastcgi_param SERVER_PROTOCOL $server_protocol;
# fastcgi_param QUERY_STRING $query_string;
# fastcgi_param REQUEST_METHOD $request_method;
# fastcgi_param CONTENT_TYPE $content_type;
# fastcgi_param CONTENT_LENGTH $content_length;
# fastcgi_param SERVER_ADDR $server_addr;
# fastcgi_param SERVER_PORT $server_port;
# fastcgi_param SERVER_NAME $server_name;
# fastcgi_param REMOTE_ADDR $remote_addr;
# fastcgi_read_timeout 36000;
#
# client_max_body_size 0;
#
# access_log /var/log/nginx/seahub.access.log;
# error_log /var/log/nginx/seahub.error.log;
# }
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://127.0.0.1:8082;
client_max_body_size 0;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
send_timeout 36000s;
access_log /var/log/nginx/seafhttp.access.log seafileformat;
error_log /var/log/nginx/seafhttp.error.log;
}
location /media {
root /opt/seafile/seafile-server-latest/seahub;
}
}
```
The following options must be modified in the CONF file:
* Server name (server_name)
Optional customizable options in the seafile.conf are:
* Server listening port (listen) - if Seafile server should be available on a non-standard port
* Proxy pass for location / - if Seahub is configured to start on a different port than 8000
* Proxy pass for location /seafhttp - if seaf-server is configured to start on a different port than 8082
* Maximum allowed size of the client request body (client_max_body_size)
The default value for `client_max_body_size` is 1M. Uploading larger files will result in an error message HTTP error code 413 ("Request Entity Too Large"). It is recommended to syncronize the value of client_max_body_size with the parameter `max_upload_size` in section `[fileserver]` of [seafile.conf](../config/seafile-conf.md). Optionally, the value can also be set to 0 to disable this feature. Client uploads are only partly effected by this limit. With a limit of 100 MiB they can safely upload files of any size.
Finally, make sure your seafile.conf does not contain syntax errors and restart Nginx for the configuration changes to take effect:
```bash
nginx -t
nginx -s reload
```
### Modify seahub_setting.py
You need to modify the value of `SERVICE_URL` in [seahub_settings.py](../config/seahub_settings_py.md)
to let Seafile know the domain you choose. You can also modify SERVICE_URL via web UI in "System Admin->Settings". (**Warning**: if you set the value both via Web UI and seahub_settings.py, the setting via Web UI will take precedence.)
```python
SERVICE_URL = 'http://www.myseafile.com'
```
Note: If you later change the domain assigned to seahub, you also need to change the value of `SERVICE_URL`.
You need to add a line in `seahub_settings.py` to set the value of `FILE_SERVER_ROOT`. You can also modify `FILE_SERVER_ROOT` via web UI in "System Admin->Settings". (**Warning**: if you set the value both via Web UI and seahub_settings.py, the setting via Web UI will take precedence.)
```python
FILE_SERVER_ROOT = 'http://seafile.example.com/seafhttp'
```
### Modifying seafile.conf
To improve security, the file server should only be accessible via Nginx.
Add the following line in the [fileserver] block on `seafile.conf` in `/opt/seafile/conf`:
```
host = 127.0.0.1 ## default port 0.0.0.0
```
After his change, the file server only accepts requests from Nginx.
### Starting Seafile and Seahub
Restart the seaf-server and Seahub for the config changes to take effect:
```bash
su seafile
cd /opt/seafile/seafile-server-latest
./seafile.sh restart
./seahub.sh restart # or "./seahub.sh start-fastcgi" if you're using fastcgi
```

85
mkdocs.yml
View File

@ -57,44 +57,12 @@ nav:
- Installation with MySQL: deploy/using_mysql.md
- HTTPS with Nginx: deploy/https_with_nginx.md
- HTTPS with Apache: deploy/https_with_apache.md
- LDAP/AD Integration: deploy/using_ldap.md
- Single Sign On:
- Outline: deploy/single_sign_on.md
- Shibboleth Authentication: deploy/shibboleth_config_v6.3.md
- OAuth Authentication: deploy/oauth.md
- Remote User Authentication: deploy/remote_user.md
- Auto Login to SeaDrive on Windows: deploy/auto_login_seadrive.md
- Syslog Integration: deploy/using_syslog.md
- Online File Preview and Edit:
- LibreOffice Online Integration: deploy/libreoffice_online.md
- OnlyOffice Integration: deploy/only_office.md
- Open Cloud Mesh: deploy/ocm.md
- Notification Server: deploy/notification-server.md
- Other Deployment Notes:
- Start Seafile at System Bootup: deploy/start_seafile_at_system_bootup.md
- Firewall settings: deploy/using_firewall.md
- Logrotate: deploy/using_logrotate.md
- Add Memcached: deploy/add_memcached.md
- Deploy Seafile behind NAT: deploy/deploy_seafile_behind_nat.md
- Deploy Seahub at Non-root domain: deploy/deploy_seahub_at_non-root_domain.md
- Migrate From SQLite to MySQL: deploy/migrate_from_sqlite_to_mysql.md
- Add Memcached: deploy/add_memcached.md
- Common Problems for Setting up Server: faq.md
- Seafile Professional Setup on Linux:
- Outline: deploy_pro/README.md
- Installation: deploy_pro/download_and_setup_seafile_professional_server.md
- Migration from Seafile Community: deploy_pro/migrate_from_seafile_community_server.md
- LDAP/AD Integration:
- LDAP Configuration for Seafile Pro: deploy_pro/using_ldap_pro.md
- Importing Groups from LDAP: deploy_pro/ldap_group_sync.md
- Importing Roles from LDAP: deploy_pro/ldap_role_sync.md
- Online File Preview and Edit:
- Office Documents Preview: deploy_pro/office_documents_preview.md
- Office Online Server Integration: deploy_pro/office_web_app.md
- File Search: deploy_pro/details_about_file_search.md
- Virus Scan:
- Outline: deploy_pro/virus_scan.md
- Run ClamAV as a Daemon: deploy_pro/deploy_clamav_as_daemon.md
- Virus Scan With Kav4fs: deploy_pro/virus_scan_with_kav4fs.md
- Migration from Seafile Community: deploy_pro/migrate_from_seafile_community_server.md
- Storage Backends:
- Amazon S3 Backend: deploy_pro/setup_with_amazon_s3.md
- Ceph Backend: deploy_pro/setup_with_ceph.md
@ -109,16 +77,6 @@ nav:
- Notification Server in Cluster: deploy_pro/notification-server.md
- Setup Seafile cluster with NFS: deploy_pro/setup_seafile_cluster_with_nfs.md
- Upgrade a cluster: deploy_pro/upgrade_a_cluster.md
- Advanced User Management:
- Multi-Institutions Support: deploy_pro/multi_institutions.md
- Roles and Permissions: deploy_pro/roles_permissions.md
- Administrator Roles and Permissions: deploy_pro/admin_roles_permissions.md
- Multi-Tenancy Support: deploy_pro/multi_tenancy.md
- Advanced Authentication:
- Two-factor Authentication: deploy_pro/two_factor_authentication.md
- ADFS or SAML 2.0: deploy_pro/adfs.md
- SAML 2.0 in version 10.0: deploy_pro/saml2_in_10.0.md
- CAS Authentication: deploy_pro/cas.md
- Advanced Maintenance Tools:
- Real-time Backup Server: deploy_pro/real_time_backup.md
- Import Directory To Seafile: deploy_pro/seaf_import.md
@ -134,6 +92,45 @@ nav:
- Upgrade Seafile Docker CE: docker/6.3_upgrade_to_7.0.md
- Upgrade Seafile Docker Pro: docker/pro-edition/6.3_upgrade_to_7.0.md
- Upgrade for other versions: docker/upgrade/upgrade_docker.md
- Advanced Setup Options
- Online Office
- LibreOffice Online Integration: deploy/libreoffice_online.md
- OnlyOffice Integration: deploy/only_office.md
- Office Online Server Integration (Pro): deploy_pro/office_web_app.md
- Notification Server: deploy/notification-server.md
- Two-factor Authentication: deploy_pro/two_factor_authentication.md
- LDAP/AD Integration:
- LDAP Integration: deploy/using_ldap.md
- LDAP Configuration for Seafile Pro: deploy_pro/using_ldap_pro.md
- Importing Groups from LDAP (Pro): deploy_pro/ldap_group_sync.md
- Importing Roles from LDAP (Pro): deploy_pro/ldap_role_sync.md
- Single Sign On:
- Outline: deploy/single_sign_on.md
- Shibboleth Authentication: deploy/shibboleth_config_v6.3.md
- OAuth Authentication: deploy/oauth.md
- Remote User Authentication: deploy/remote_user.md
- Auto Login to SeaDrive on Windows: deploy/auto_login_seadrive.md
- ADFS or SAML 2.0 (Pro): deploy_pro/adfs.md
- SAML 2.0 in version 10.0 (Pro): deploy_pro/saml2_in_10.0.md
- CAS Authentication (Pro): deploy_pro/cas.md
- Virus Scan (Pro):
- Outline: deploy_pro/virus_scan.md
- Run ClamAV as a Daemon: deploy_pro/deploy_clamav_as_daemon.md
- Virus Scan With Kav4fs: deploy_pro/virus_scan_with_kav4fs.md
- Advanced User Management (Pro):
- Multi-Institutions Support: deploy_pro/multi_institutions.md
- Roles and Permissions: deploy_pro/roles_permissions.md
- Administrator Roles and Permissions: deploy_pro/admin_roles_permissions.md
- Multi-Tenancy Support: deploy_pro/multi_tenancy.md
- Advanced File Search configuration (Pro): deploy_pro/details_about_file_search.md
- Migrate From SQLite to MySQL: deploy/migrate_from_sqlite_to_mysql.md
- Others Deployment Notes:
- Open Cloud Mesh: deploy/ocm.md
- Firewall settings: deploy/using_firewall.md
- Deploy Seafile behind NAT: deploy/deploy_seafile_behind_nat.md
- Deploy Seahub at Non-root domain: deploy/deploy_seahub_at_non-root_domain.md
- Start Seafile at System Bootup: deploy/start_seafile_at_system_bootup.md
- Logrotate: deploy/using_logrotate.md
- Configuration and Customization:
- Outline: config/README.md
- ccnet.conf: config/ccnet-conf.md