From e282a0920b79082e2de5963ca14461d409048f5a Mon Sep 17 00:00:00 2001 From: Huang Junxiang Date: Fri, 25 Apr 2025 11:16:31 +0800 Subject: [PATCH] update configuring for S3 and notification server (#509) * update configuring for S3 and notification server * update configuring for S3 and notification server --- manual/config/env.md | 27 +++++---- manual/extension/metadata-server.md | 2 +- manual/extension/notification-server.md | 22 +++---- manual/repo/docker/ce/env | 3 + manual/repo/docker/ce/seafile-server.yml | 1 + manual/repo/docker/cluster/env | 21 +++---- manual/repo/docker/cluster/seafile-server.yml | 23 +++---- manual/repo/docker/pro/env | 8 ++- manual/repo/docker/pro/seafile-server.yml | 23 +++---- manual/repo/docker/pro/seasearch.yml | 2 +- manual/repo/k8s/ce/seafile-deployment.yaml | 5 ++ manual/repo/k8s/ce/seafile-env.yaml | 3 + .../cluster/seafile-backend-deployment.yaml | 55 +++++++++-------- manual/repo/k8s/cluster/seafile-env.yaml | 25 ++++---- .../cluster/seafile-frontend-deployment.yaml | 60 +++++++++++++++++++ manual/repo/k8s/cluster/seafile-secret.yaml | 6 +- manual/repo/k8s/pro/seafile-deployment.yaml | 59 +++++++++--------- manual/repo/k8s/pro/seafile-env.yaml | 23 +++---- manual/repo/k8s/pro/seafile-secret.yaml | 6 +- manual/setup/cluster_deploy_with_docker.md | 7 +-- manual/setup/helm_chart_cluster.md | 4 +- manual/setup/helm_chart_single_node.md | 4 +- manual/setup/migrate_ce_to_pro_with_docker.md | 2 +- manual/setup/setup_ce_by_docker.md | 3 +- manual/setup/setup_pro_by_docker.md | 7 ++- manual/setup/setup_with_s3.md | 4 +- manual/setup/use_seasearch.md | 2 +- manual/upgrade/upgrade_docker.md | 14 ++++- 28 files changed, 261 insertions(+), 160 deletions(-) diff --git a/manual/config/env.md b/manual/config/env.md index 1ce4e683..46a62b8a 100644 --- a/manual/config/env.md +++ b/manual/config/env.md @@ -69,19 +69,9 @@ This part of configurations is only valid in `CACHE_PROVIDER=memcached`: - `ENABLE_SEADOC`: Enable the SeaDoc server or not, default is `false`. - `SEADOC_SERVER_URL`: Only valid in `ENABLE_SEADOC=true`. Url of Seadoc server (e.g., http://seafile.example.com/sdoc-server). -## Cluster init configuration - -- `CLUSTER_INIT_MODE`: (only valid in pro edition at deploying first time). Cluster initialization mode, in which the necessary configuration files for the service to run will be generated (but **the service will not be started**). If the configuration file already exists, no operation will be performed. The default value is `true`. When the configuration file is generated, ***be sure to set this item to `false`***. -- `CLUSTER_INIT_ES_HOST`: (only valid in pro edition at deploying first time). Your cluster Elasticsearch server host. -- `CLUSTER_INIT_ES_PORT`: (only valid in pro edition at deploying first time). Your cluster Elasticsearch server port. Default is `9200`. -- `CLUSTER_MODE`: Seafile service node type, i.e., `frontend` (default) or `backend` - ## S3 storage backend configurations - `USE_S3_STORAGE`: Use S3 backend storage in Seafile server - -### S3 storage backend configurations in initialization - - `S3_COMMIT_BUCKET`: S3 storage backend fs objects bucket - `S3_FS_BUCKET`: S3 storage backend block objects bucket - `S3_BLOCK_BUCKET`: S3 storage backend block objects bucket @@ -89,7 +79,7 @@ This part of configurations is only valid in `CACHE_PROVIDER=memcached`: - `S3_SECRET_KEY`: S3 storage backend secret key - `S3_USE_V4_SIGNATURE`: Use the v4 protocol of S3 if enabled, default is `true` - `S3_AWS_REGION`: Region of your buckets (AWS only), default is `us-east-1`. -- `S3_HOST`: Host of your buckets, default is `s3.us-east-1.amazonaws.com`. +- `S3_HOST`: Host of your buckets (required when not use AWS). - `S3_USE_HTTPS`: Use HTTPS connections to S3 if enabled, default is `true` - `S3_PATH_STYLE_REQUEST`: This option asks Seafile to use URLs like `https://192.168.1.123:8080/bucketname/object` to access objects. In *Amazon S3*, the default URL format is in virtual host style, such as `https://bucketname.s3.amazonaws.com/object`. But this style relies on advanced DNS server setup. So most self-hosted storage systems only implement the path style format. Default `false`. - `S3_SSE_C_KEY`: A string of 32 characters can be generated by openssl rand -base64 24. It can be any 32-character long random string. It's required to use V4 authentication protocol and https if you enable SSE-C. @@ -105,9 +95,9 @@ This part of configurations is only valid in `CACHE_PROVIDER=memcached`: ################################### ``` - The S3 authorization configuration part (i.e., ***without buckets name***) in Seafile initialization and some extension components (such as *SeaSearch*, *Metadata server*) configuration will be read from this configuration by default. + The S3 authorization configuration part (i.e., ***without buckets name***) in Seafile and some extension components (such as *SeaSearch*, *Metadata server*) configuration will be read from this configuration by default. - However, please note that **Seafile currently still reads S3 configurations [through `seafile.conf`](../setup/setup_with_s3.md), and the configuration in `.env` is only used for initialization of Seafile services**. But you have to **make sure they are consistent**. + However, please note that Seafile only support configuring S3 in `.env` for **single storage backend mode** (i.e., when `USE_S3_STORAGE=true`), if you would like to use multiple backends, please set `USE_S3_STORAGE=false` in `.env` and refer [here](../setup/setup_with_multiple_storage_backends.md) for the details. ## SeaSearch @@ -116,3 +106,14 @@ For configurations about SeaSearch in `.env`, please refer [here](https://seasea ## Metadata server For configurations about Metadata server in `.env`, please refer [here](../extension/metadata-server.md#list-of-environment-variables-of-metadata-server) for the details. + +## Notification server + +- `NOTIFICATION_SERVER_URL`: The [notification server](../extension/notification-server.md) url, leave blank to disable it (default). + +## Cluster init configuration + +- `CLUSTER_INIT_MODE`: (only valid in pro edition at deploying first time). Cluster initialization mode, in which the necessary configuration files for the service to run will be generated (but **the service will not be started**). If the configuration file already exists, no operation will be performed. The default value is `true`. When the configuration file is generated, ***be sure to set this item to `false`***. +- `CLUSTER_INIT_ES_HOST`: (only valid in pro edition at deploying first time). Your cluster Elasticsearch server host. +- `CLUSTER_INIT_ES_PORT`: (only valid in pro edition at deploying first time). Your cluster Elasticsearch server port. Default is `9200`. +- `CLUSTER_MODE`: Seafile service node type, i.e., `frontend` (default) or `backend`. diff --git a/manual/extension/metadata-server.md b/manual/extension/metadata-server.md index 728a6c77..39005ad9 100644 --- a/manual/extension/metadata-server.md +++ b/manual/extension/metadata-server.md @@ -68,7 +68,7 @@ First you need to create a bucket for Metadata on your S3 storage backend provid ################################### ``` - The S3 authorization configuration part (i.e., ***without buckets name***) in Seafile initialization and some extension components (such as *SeaSearch*, *Metadata server*) configuration will be read from this configuration by default. + The S3 authorization configuration part (i.e., ***without buckets name***) in Seafile and some extension components (such as *SeaSearch*, *Metadata server*) configuration will be read from this configuration by default. In other words, if you deploy SeaSearch and Seafile together, and if you have deployed Seafile Pro following [here](../setup/setup_pro_by_docker.md#downloading-and-modifying-env) (and using the latest `.env`), you only need to specify the following variables in `.env` to make it work: diff --git a/manual/extension/notification-server.md b/manual/extension/notification-server.md index cf67e974..6d800b92 100644 --- a/manual/extension/notification-server.md +++ b/manual/extension/notification-server.md @@ -26,18 +26,20 @@ Modify `.env`, and insert `notification-server.yml` into `COMPOSE_FILE`: COMPOSE_FILE='seafile-server.yml,caddy.yml,notification-server.yml' ``` -And you need to add the following configurations under seafile.conf: +then add or modify `NOTIFICATION_SERVER_URL`: -```conf -[notification] -enabled = true -# the ip of notification server. (default is `notification-server` in Docker) -host = notification-server -# the port of notification server -port = 8083 -``` +=== "Deploy with Seafile" + + ```sh + NOTIFICATION_SERVER_URL=http://notification-server + ``` +=== "Standalone deployment" + + ```sh + NOTIFICATION_SERVER_URL= + ``` -You can run notification server with the following command: +Finally, You can run notification server with the following command: ```sh docker compose down diff --git a/manual/repo/docker/ce/env b/manual/repo/docker/ce/env index 752fa805..c2e24535 100644 --- a/manual/repo/docker/ce/env +++ b/manual/repo/docker/ce/env @@ -71,3 +71,6 @@ INIT_SEAFILE_ADMIN_PASSWORD=asecret ## SeaDoc service ENABLE_SEADOC=true + +## Notification +NOTIFICATION_SERVER_URL= diff --git a/manual/repo/docker/ce/seafile-server.yml b/manual/repo/docker/ce/seafile-server.yml index c6179fd9..c540df34 100644 --- a/manual/repo/docker/ce/seafile-server.yml +++ b/manual/repo/docker/ce/seafile-server.yml @@ -67,6 +67,7 @@ services: - REDIS_PASSWORD=${REDIS_PASSWORD:-} - MEMCACHED_HOST=${MEMCACHED_HOST:-memcached} - MEMCACHED_PORT=${MEMCACHED_PORT:-11211} + - NOTIFICATION_SERVER_URL=${NOTIFICATION_SERVER_URL:-} labels: caddy: ${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty} caddy.reverse_proxy: "{{upstreams 80}}" diff --git a/manual/repo/docker/cluster/env b/manual/repo/docker/cluster/env index 58937f62..2fa63ccb 100644 --- a/manual/repo/docker/cluster/env +++ b/manual/repo/docker/cluster/env @@ -33,6 +33,17 @@ MEMCACHED_PORT=11211 ## S3 USE_S3_STORAGE=false +S3_KEY_ID= +S3_SECRET_KEY= +S3_USE_V4_SIGNATURE=true +S3_PATH_STYLE_REQUEST=false +S3_AWS_REGION=us-east-1 +S3_HOST= +S3_USE_HTTPS=true +S3_SSE_C_KEY= + +## Notification +NOTIFICATION_SERVER_URL= ###################################### # Initial variables # @@ -50,13 +61,3 @@ INIT_SEAFILE_MYSQL_ROOT_PASSWORD=ROOT_PASSWORD ## Seafile admin user INIT_SEAFILE_ADMIN_EMAIL=me@example.com INIT_SEAFILE_ADMIN_PASSWORD=asecret - -## Init S3 configurations -INIT_S3_KEY_ID= -INIT_S3_SECRET_KEY= -INIT_S3_USE_V4_SIGNATURE=true -INIT_S3_PATH_STYLE_REQUEST=false -INIT_S3_AWS_REGION=us-east-1 -INIT_S3_HOST=s3.us-east-1.amazonaws.com -INIT_S3_USE_HTTPS=true -INIT_S3_SSE_C_KEY= diff --git a/manual/repo/docker/cluster/seafile-server.yml b/manual/repo/docker/cluster/seafile-server.yml index d0ec23e4..7827750c 100644 --- a/manual/repo/docker/cluster/seafile-server.yml +++ b/manual/repo/docker/cluster/seafile-server.yml @@ -29,19 +29,20 @@ services: - INIT_SEAFILE_ADMIN_EMAIL=${INIT_SEAFILE_ADMIN_EMAIL:-me@example.com} - INIT_SEAFILE_ADMIN_PASSWORD=${INIT_SEAFILE_ADMIN_PASSWORD:-asecret} - USE_S3_STORAGE=${USE_S3_STORAGE:-false} - - INIT_S3_COMMIT_BUCKET=${INIT_S3_COMMIT_BUCKET:-} - - INIT_S3_FS_BUCKET=${INIT_S3_FS_BUCKET:-} - - INIT_S3_BLOCK_BUCKET=${INIT_S3_BLOCK_BUCKET:-} - - INIT_S3_KEY_ID=${INIT_S3_KEY_ID:-} - - INIT_S3_SECRET_KEY=${INIT_S3_SECRET_KEY:-} - - INIT_S3_USE_V4_SIGNATURE=${INIT_S3_USE_V4_SIGNATURE:-true} - - INIT_S3_AWS_REGION=${INIT_S3_AWS_REGION:-us-east-1} - - INIT_S3_HOST=${INIT_S3_HOST:-s3.us-east-1.amazonaws.com} - - INIT_S3_USE_HTTPS=${INIT_S3_USE_HTTPS:-true} - - INIT_S3_PATH_STYLE_REQUEST=${INIT_S3_PATH_STYLE_REQUEST:-false} - - INIT_S3_SSE_C_KEY=${INIT_S3_SSE_C_KEY:-} + - S3_COMMIT_BUCKET=${S3_COMMIT_BUCKET:-} + - S3_FS_BUCKET=${S3_FS_BUCKET:-} + - S3_BLOCK_BUCKET=${S3_BLOCK_BUCKET:-} + - S3_KEY_ID=${S3_KEY_ID:-} + - S3_SECRET_KEY=${S3_SECRET_KEY:-} + - S3_USE_V4_SIGNATURE=${S3_USE_V4_SIGNATURE:-true} + - S3_AWS_REGION=${S3_AWS_REGION:-us-east-1} + - S3_HOST=${S3_HOST:-} + - S3_USE_HTTPS=${S3_USE_HTTPS:-true} + - S3_PATH_STYLE_REQUEST=${S3_PATH_STYLE_REQUEST:-false} + - S3_SSE_C_KEY=${S3_SSE_C_KEY:-} - JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty} - SEAFILE_LOG_TO_STDOUT=${SEAFILE_LOG_TO_STDOUT:-false} - SITE_ROOT=${SITE_ROOT:-/} - ENABLE_SEADOC=${ENABLE_SEADOC:-false} - SEADOC_SERVER_URL=${SEADOC_SERVER_URL:-http://seafile.example.com/sdoc-server} + - NOTIFICATION_SERVER_URL=${NOTIFICATION_SERVER_URL:-} diff --git a/manual/repo/docker/pro/env b/manual/repo/docker/pro/env index 3809459b..84ddec56 100644 --- a/manual/repo/docker/pro/env +++ b/manual/repo/docker/pro/env @@ -58,12 +58,13 @@ REDIS_PASSWORD= MEMCACHED_HOST=memcached MEMCACHED_PORT=11211 -### S3 +## S3 USE_S3_STORAGE=false S3_COMMIT_BUCKET= S3_FS_BUCKET= S3_BLOCK_BUCKET= + ###################################### # Initial variables # # (Only valid in first-time startup) # @@ -110,6 +111,9 @@ MD_STORAGE_TYPE=file # options: file (local disk), s3, oss ### S3 S3_MD_BUCKET= +## Notification +NOTIFICATION_SERVER_URL= + ################################### # S3 authorization Configurations # # (This configurations will # @@ -121,6 +125,6 @@ S3_SECRET_KEY= S3_USE_V4_SIGNATURE=true S3_PATH_STYLE_REQUEST=false S3_AWS_REGION=us-east-1 -S3_HOST=s3.us-east-1.amazonaws.com +S3_HOST= S3_USE_HTTPS=true S3_SSE_C_KEY= diff --git a/manual/repo/docker/pro/seafile-server.yml b/manual/repo/docker/pro/seafile-server.yml index 65f8a5aa..86f92f57 100644 --- a/manual/repo/docker/pro/seafile-server.yml +++ b/manual/repo/docker/pro/seafile-server.yml @@ -70,17 +70,18 @@ services: - MEMCACHED_HOST=${MEMCACHED_HOST:-memcached} - MEMCACHED_PORT=${MEMCACHED_PORT:-11211} - USE_S3_STORAGE=${USE_S3_STORAGE:-false} - - INIT_S3_COMMIT_BUCKET=${S3_COMMIT_BUCKET:-} - - INIT_S3_FS_BUCKET=${S3_FS_BUCKET:-} - - INIT_S3_BLOCK_BUCKET=${S3_BLOCK_BUCKET:-} - - INIT_S3_KEY_ID=${S3_KEY_ID:-} - - INIT_S3_SECRET_KEY=${S3_SECRET_KEY:-} - - INIT_S3_USE_V4_SIGNATURE=${S3_USE_V4_SIGNATURE:-true} - - INIT_S3_AWS_REGION=${S3_AWS_REGION:-us-east-1} - - INIT_S3_HOST=${S3_HOST:-s3.us-east-1.amazonaws.com} - - INIT_S3_USE_HTTPS=${S3_USE_HTTPS:-true} - - INIT_S3_PATH_STYLE_REQUEST=${S3_PATH_STYLE_REQUEST:-false} - - INIT_S3_SSE_C_KEY=${S3_SSE_C_KEY:-} + - S3_COMMIT_BUCKET=${S3_COMMIT_BUCKET:-} + - S3_FS_BUCKET=${S3_FS_BUCKET:-} + - S3_BLOCK_BUCKET=${S3_BLOCK_BUCKET:-} + - S3_KEY_ID=${S3_KEY_ID:-} + - S3_SECRET_KEY=${S3_SECRET_KEY:-} + - S3_USE_V4_SIGNATURE=${S3_USE_V4_SIGNATURE:-true} + - S3_AWS_REGION=${S3_AWS_REGION:-us-east-1} + - S3_HOST=${S3_HOST:-} + - S3_USE_HTTPS=${S3_USE_HTTPS:-true} + - S3_PATH_STYLE_REQUEST=${S3_PATH_STYLE_REQUEST:-false} + - S3_SSE_C_KEY=${S3_SSE_C_KEY:-} + - NOTIFICATION_SERVER_URL=${NOTIFICATION_SERVER_URL:-} labels: caddy: ${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty} caddy.reverse_proxy: "{{upstreams 80}}" diff --git a/manual/repo/docker/pro/seasearch.yml b/manual/repo/docker/pro/seasearch.yml index 288190a8..e1e1345f 100644 --- a/manual/repo/docker/pro/seasearch.yml +++ b/manual/repo/docker/pro/seasearch.yml @@ -13,7 +13,7 @@ services: - SS_S3_ACCESS_ID=${S3_KEY_ID:-} - SS_S3_USE_V4_SIGNATURE=${S3_USE_V4_SIGNATURE:-true} - SS_S3_ACCESS_SECRET=${S3_SECRET_KEY:-} - - SS_S3_ENDPOINT=${S3_HOST:-s3.us-east-1.amazonaws.com`} + - SS_S3_ENDPOINT=${S3_HOST:-} - SS_S3_USE_HTTPS=${S3_USE_HTTPS:-true} - SS_S3_PATH_STYLE_REQUEST=${S3_PATH_STYLE_REQUEST:-true} - SS_S3_AWS_REGION=${S3_AWS_REGION:-us-east-1} diff --git a/manual/repo/k8s/ce/seafile-deployment.yaml b/manual/repo/k8s/ce/seafile-deployment.yaml index 6ed30d6e..38b410da 100644 --- a/manual/repo/k8s/ce/seafile-deployment.yaml +++ b/manual/repo/k8s/ce/seafile-deployment.yaml @@ -111,6 +111,11 @@ spec: configMapKeyRef: name: seafile-env key: MEMCACHED_PORT + - name: NOTIFICATION_SERVER_URL + valueFrom: + configMapKeyRef: + name: seafile-env + key: NOTIFICATION_SERVER_URL - name: JWT_PRIVATE_KEY valueFrom: secretKeyRef: diff --git a/manual/repo/k8s/ce/seafile-env.yaml b/manual/repo/k8s/ce/seafile-env.yaml index bbd3fab9..c4a807ba 100644 --- a/manual/repo/k8s/ce/seafile-env.yaml +++ b/manual/repo/k8s/ce/seafile-env.yaml @@ -32,6 +32,9 @@ data: MEMCACHED_HOST: "" MEMCACHED_PORT: "11211" + # for notification + NOTIFICATION_SERVER_URL: "" + # Init ## for Seafile admin INIT_SEAFILE_ADMIN_EMAIL: "" \ No newline at end of file diff --git a/manual/repo/k8s/cluster/seafile-backend-deployment.yaml b/manual/repo/k8s/cluster/seafile-backend-deployment.yaml index 9ecfb9e4..f059f86c 100644 --- a/manual/repo/k8s/cluster/seafile-backend-deployment.yaml +++ b/manual/repo/k8s/cluster/seafile-backend-deployment.yaml @@ -124,51 +124,56 @@ spec: configMapKeyRef: name: seafile-env key: USE_S3_STORAGE - - name: INIT_S3_COMMIT_BUCKET + - name: S3_COMMIT_BUCKET valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_COMMIT_BUCKET - - name: INIT_S3_FS_BUCKET + key: S3_COMMIT_BUCKET + - name: S3_FS_BUCKET valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_FS_BUCKET - - name: INIT_S3_BLOCK_BUCKET + key: S3_FS_BUCKET + - name: S3_BLOCK_BUCKET valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_BLOCK_BUCKET - - name: INIT_S3_KEY_ID + key: S3_BLOCK_BUCKET + - name: S3_KEY_ID valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_KEY_ID - - name: INIT_S3_USE_V4_SIGNATURE + key: S3_KEY_ID + - name: S3_USE_V4_SIGNATURE valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_USE_V4_SIGNATURE - - name: INIT_S3_AWS_REGION + key: S3_USE_V4_SIGNATURE + - name: S3_AWS_REGION valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_AWS_REGION - - name: INIT_S3_HOST + key: S3_AWS_REGION + - name: S3_HOST valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_HOST - - name: INIT_S3_USE_HTTPS + key: S3_HOST + - name: S3_USE_HTTPS valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_USE_HTTPS - - name: INIT_S3_PATH_STYLE_REQUEST + key: S3_USE_HTTPS + - name: S3_PATH_STYLE_REQUEST valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_PATH_STYLE_REQUEST + key: S3_PATH_STYLE_REQUEST + - name: NOTIFICATION_SERVER_URL + valueFrom: + configMapKeyRef: + name: seafile-env + key: NOTIFICATION_SERVER_URL - name: INIT_SEAFILE_ADMIN_EMAIL valueFrom: configMapKeyRef: @@ -189,21 +194,21 @@ spec: secretKeyRef: name: seafile-secret key: INIT_SEAFILE_MYSQL_ROOT_PASSWORD - - name: INIT_S3_SECRET_KEY - valueFrom: - secretKeyRef: - name: seafile-secret - key: INIT_S3_SECRET_KEY - name: INIT_SEAFILE_ADMIN_PASSWORD valueFrom: secretKeyRef: name: seafile-secret key: INIT_SEAFILE_ADMIN_PASSWORD - - name: INIT_S3_SSE_C_KEY + - name: S3_SECRET_KEY valueFrom: secretKeyRef: name: seafile-secret - key: INIT_S3_SSE_C_KEY + key: S3_SECRET_KEY + - name: S3_SSE_C_KEY + valueFrom: + secretKeyRef: + name: seafile-secret + key: S3_SSE_C_KEY volumeMounts: - name: seafile-data mountPath: /shared diff --git a/manual/repo/k8s/cluster/seafile-env.yaml b/manual/repo/k8s/cluster/seafile-env.yaml index 0b8d9e99..a2ae33d9 100644 --- a/manual/repo/k8s/cluster/seafile-env.yaml +++ b/manual/repo/k8s/cluster/seafile-env.yaml @@ -26,6 +26,19 @@ data: # for s3 USE_S3_STORAGE: "false" + S3_STORAGE_BACKEND_CONFIG: "false" + S3_COMMIT_BUCKET: "" + S3_FS_BUCKET: "" + S3_BLOCK_BUCKET: "" + S3_KEY_ID: "" + S3_USE_V4_SIGNATURE: "true" + S3_AWS_REGION: "us-east-1" + S3_HOST: "" + S3_USE_HTTPS: "true" + S3_PATH_STYLE_REQUEST: "false" + + # for notification + NOTIFICATION_SERVER_URL: "" # initialization (only valid in first-time deployment and CLUSTER_INIT_MODE = true) CLUSTER_INIT_MODE: "true" @@ -36,15 +49,3 @@ data: ## for cluster basic service CLUSTER_INIT_ES_HOST: "" CLUSTER_INIT_ES_PORT: "9200" - - ## For S3 storage backend (only valid in INIT_S3_STORAGE_BACKEND_CONFIG = true) - INIT_S3_STORAGE_BACKEND_CONFIG: "false" - INIT_S3_COMMIT_BUCKET: "" - INIT_S3_FS_BUCKET: "" - INIT_S3_BLOCK_BUCKET: "" - INIT_S3_KEY_ID: "" - INIT_S3_USE_V4_SIGNATURE: "true" - INIT_S3_AWS_REGION: "us-east-1" - INIT_S3_HOST: "s3.us-east-1.amazonaws.com" - INIT_S3_USE_HTTPS: "true" - INIT_S3_PATH_STYLE_REQUEST: "false" diff --git a/manual/repo/k8s/cluster/seafile-frontend-deployment.yaml b/manual/repo/k8s/cluster/seafile-frontend-deployment.yaml index bcb90b21..c98f078e 100644 --- a/manual/repo/k8s/cluster/seafile-frontend-deployment.yaml +++ b/manual/repo/k8s/cluster/seafile-frontend-deployment.yaml @@ -109,6 +109,56 @@ spec: configMapKeyRef: name: seafile-env key: USE_S3_STORAGE + - name: S3_COMMIT_BUCKET + valueFrom: + configMapKeyRef: + name: seafile-env + key: S3_COMMIT_BUCKET + - name: S3_FS_BUCKET + valueFrom: + configMapKeyRef: + name: seafile-env + key: S3_FS_BUCKET + - name: S3_BLOCK_BUCKET + valueFrom: + configMapKeyRef: + name: seafile-env + key: S3_BLOCK_BUCKET + - name: S3_KEY_ID + valueFrom: + configMapKeyRef: + name: seafile-env + key: S3_KEY_ID + - name: S3_USE_V4_SIGNATURE + valueFrom: + configMapKeyRef: + name: seafile-env + key: S3_USE_V4_SIGNATURE + - name: S3_AWS_REGION + valueFrom: + configMapKeyRef: + name: seafile-env + key: S3_AWS_REGION + - name: S3_HOST + valueFrom: + configMapKeyRef: + name: seafile-env + key: S3_HOST + - name: S3_USE_HTTPS + valueFrom: + configMapKeyRef: + name: seafile-env + key: S3_USE_HTTPS + - name: S3_PATH_STYLE_REQUEST + valueFrom: + configMapKeyRef: + name: seafile-env + key: S3_PATH_STYLE_REQUEST + - name: NOTIFICATION_SERVER_URL + valueFrom: + configMapKeyRef: + name: seafile-env + key: NOTIFICATION_SERVER_URL - name: JWT_PRIVATE_KEY valueFrom: secretKeyRef: @@ -119,6 +169,16 @@ spec: secretKeyRef: name: seafile-secret key: SEAFILE_MYSQL_DB_PASSWORD + - name: S3_SECRET_KEY + valueFrom: + secretKeyRef: + name: seafile-secret + key: S3_SECRET_KEY + - name: S3_SSE_C_KEY + valueFrom: + secretKeyRef: + name: seafile-secret + key: S3_SSE_C_KEY ports: - containerPort: 80 volumeMounts: diff --git a/manual/repo/k8s/cluster/seafile-secret.yaml b/manual/repo/k8s/cluster/seafile-secret.yaml index 8a3587c0..c8079b40 100644 --- a/manual/repo/k8s/cluster/seafile-secret.yaml +++ b/manual/repo/k8s/cluster/seafile-secret.yaml @@ -17,6 +17,6 @@ data: ## for db INIT_SEAFILE_MYSQL_ROOT_PASSWORD: "" - ## For S3 storage backend (only valid in INIT_S3_STORAGE_BACKEND_CONFIG = true) - INIT_S3_SECRET_KEY: "" - INIT_S3_SSE_C_KEY: "" \ No newline at end of file + # For S3 storage backend (only valid in USE_S3_STORAGE = true) + S3_SECRET_KEY: "" + S3_SSE_C_KEY: "" diff --git a/manual/repo/k8s/pro/seafile-deployment.yaml b/manual/repo/k8s/pro/seafile-deployment.yaml index 19157405..c85c1852 100644 --- a/manual/repo/k8s/pro/seafile-deployment.yaml +++ b/manual/repo/k8s/pro/seafile-deployment.yaml @@ -86,56 +86,56 @@ spec: configMapKeyRef: name: seafile-env key: USE_S3_STORAGE - - name: INIT_S3_STORAGE_BACKEND_CONFIG + - name: S3_STORAGE_BACKEND_CONFIG valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_STORAGE_BACKEND_CONFIG - - name: INIT_S3_COMMIT_BUCKET + key: S3_STORAGE_BACKEND_CONFIG + - name: S3_COMMIT_BUCKET valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_COMMIT_BUCKET - - name: INIT_S3_FS_BUCKET + key: S3_COMMIT_BUCKET + - name: S3_FS_BUCKET valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_FS_BUCKET - - name: INIT_S3_BLOCK_BUCKET + key: S3_FS_BUCKET + - name: S3_BLOCK_BUCKET valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_BLOCK_BUCKET - - name: INIT_S3_KEY_ID + key: S3_BLOCK_BUCKET + - name: S3_KEY_ID valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_KEY_ID - - name: INIT_S3_USE_V4_SIGNATURE + key: S3_KEY_ID + - name: S3_USE_V4_SIGNATURE valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_USE_V4_SIGNATURE - - name: INIT_S3_AWS_REGION + key: S3_USE_V4_SIGNATURE + - name: S3_AWS_REGION valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_AWS_REGION - - name: INIT_S3_HOST + key: S3_AWS_REGION + - name: S3_HOST valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_HOST - - name: INIT_S3_USE_HTTPS + key: S3_HOST + - name: S3_USE_HTTPS valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_USE_HTTPS - - name: INIT_S3_PATH_STYLE_REQUEST + key: S3_USE_HTTPS + - name: S3_PATH_STYLE_REQUEST valueFrom: configMapKeyRef: name: seafile-env - key: INIT_S3_PATH_STYLE_REQUEST + key: S3_PATH_STYLE_REQUEST - name: INIT_SEAFILE_ADMIN_EMAIL valueFrom: configMapKeyRef: @@ -166,6 +166,11 @@ spec: configMapKeyRef: name: seafile-env key: MEMCACHED_PORT + - name: NOTIFICATION_SERVER_URL + valueFrom: + configMapKeyRef: + name: seafile-env + key: NOTIFICATION_SERVER_URL - name: JWT_PRIVATE_KEY valueFrom: secretKeyRef: @@ -181,11 +186,6 @@ spec: secretKeyRef: name: seafile-secret key: INIT_SEAFILE_MYSQL_ROOT_PASSWORD - - name: INIT_S3_SECRET_KEY - valueFrom: - secretKeyRef: - name: seafile-secret - key: INIT_S3_SECRET_KEY - name: INIT_SEAFILE_ADMIN_PASSWORD valueFrom: secretKeyRef: @@ -196,11 +196,16 @@ spec: secretKeyRef: name: seafile-secret key: REDIS_PASSWORD - - name: INIT_S3_SSE_C_KEY + - name: S3_SECRET_KEY valueFrom: secretKeyRef: name: seafile-secret - key: INIT_S3_SSE_C_KEY + key: S3_SECRET_KEY + - name: S3_SSE_C_KEY + valueFrom: + secretKeyRef: + name: seafile-secret + key: S3_SSE_C_KEY volumeMounts: - name: seafile-data mountPath: /shared diff --git a/manual/repo/k8s/pro/seafile-env.yaml b/manual/repo/k8s/pro/seafile-env.yaml index 7b35cae6..c54d7c29 100644 --- a/manual/repo/k8s/pro/seafile-env.yaml +++ b/manual/repo/k8s/pro/seafile-env.yaml @@ -34,18 +34,19 @@ data: # for S3 USE_S3_STORAGE: "false" + S3_COMMIT_BUCKET: "" + S3_FS_BUCKET: "" + S3_BLOCK_BUCKET: "" + S3_KEY_ID: "" + S3_USE_V4_SIGNATURE: "true" + S3_AWS_REGION: "us-east-1" + S3_HOST: "" + S3_USE_HTTPS: "true" + S3_PATH_STYLE_REQUEST: "false" + + # for notification + NOTIFICATION_SERVER_URL: "" # Init ## for Seafile admin INIT_SEAFILE_ADMIN_EMAIL: "" - - ## For S3 storage backend - INIT_S3_COMMIT_BUCKET: "" - INIT_S3_FS_BUCKET: "" - INIT_S3_BLOCK_BUCKET: "" - INIT_S3_KEY_ID: "" - INIT_S3_USE_V4_SIGNATURE: "true" - INIT_S3_AWS_REGION: "us-east-1" - INIT_S3_HOST: "s3.us-east-1.amazonaws.com" - INIT_S3_USE_HTTPS: "true" - INIT_S3_PATH_STYLE_REQUEST: "false" diff --git a/manual/repo/k8s/pro/seafile-secret.yaml b/manual/repo/k8s/pro/seafile-secret.yaml index af2589eb..db0f2941 100644 --- a/manual/repo/k8s/pro/seafile-secret.yaml +++ b/manual/repo/k8s/pro/seafile-secret.yaml @@ -17,9 +17,9 @@ data: ## for db INIT_SEAFILE_MYSQL_ROOT_PASSWORD: "" - ## For S3 storage backend (only valid in INIT_S3_STORAGE_BACKEND_CONFIG = true) - INIT_S3_SECRET_KEY: "" - INIT_S3_SSE_C_KEY: "" + # For S3 storage backend (only valid in USE_S3_STORAGE = true) + S3_SECRET_KEY: "" + S3_SSE_C_KEY: "" # for redis REDIS_PASSWORD: "" \ No newline at end of file diff --git a/manual/setup/cluster_deploy_with_docker.md b/manual/setup/cluster_deploy_with_docker.md index 13a57602..9be7ed4e 100644 --- a/manual/setup/cluster_deploy_with_docker.md +++ b/manual/setup/cluster_deploy_with_docker.md @@ -131,12 +131,7 @@ Please refer [here](./system_requirements.md#seafile-cluster) for the details ab - `CLUSTER_INIT_MODE`, must be removed from .env file - `CLUSTER_INIT_ES_HOST` - `CLUSTER_INIT_ES_PORT` - - `INIT_S3_COMMIT_BUCKET` - - `INIT_S3_FS_BUCKET` - - `INIT_S3_BLOCK_BUCKET` - - `INIT_S3_KEY_ID` - - `INIT_S3_SECRET_KEY` - + !!! tip We recommend that you check that the relevant configuration files are correct and copy the `SEAFILE_VOLUME` directory before the service is officially started, because only the configuration files are generated after initialization. You can directly migrate the entire copied `SEAFILE_VOLUME` to other nodes later: diff --git a/manual/setup/helm_chart_cluster.md b/manual/setup/helm_chart_cluster.md index 0b5a4077..bfa9e1fd 100644 --- a/manual/setup/helm_chart_cluster.md +++ b/manual/setup/helm_chart_cluster.md @@ -36,8 +36,8 @@ After installation, you need to start the k8s control plane service on each node --from-literal=SEAFILE_MYSQL_DB_PASSWORD='' \ --from-literal=INIT_SEAFILE_ADMIN_PASSWORD='' \ --from-literal=INIT_SEAFILE_MYSQL_ROOT_PASSWORD='' \ - --from-literal=INIT_S3_SECRET_KEY='' \ - --from-literal=INIT_S3_SSE_C_KEY='' + --from-literal=S3_SECRET_KEY='' \ + --from-literal=S3_SSE_C_KEY='' ``` where the `JWT_PRIVATE_KEY` can be generate by `pwgen -s 40 1` diff --git a/manual/setup/helm_chart_single_node.md b/manual/setup/helm_chart_single_node.md index 9cbc6731..c947f49f 100644 --- a/manual/setup/helm_chart_single_node.md +++ b/manual/setup/helm_chart_single_node.md @@ -33,8 +33,8 @@ Please refer [here](./system_requirements.md) for the details of system requirem --from-literal=INIT_SEAFILE_ADMIN_PASSWORD='' \ --from-literal=INIT_SEAFILE_MYSQL_ROOT_PASSWORD='' \ --from-literal=REDIS_PASSWORD='' \ - --from-literal=INIT_S3_SECRET_KEY='' \ - --from-literal=INIT_S3_SSE_C_KEY='' + --from-literal=S3_SECRET_KEY='' \ + --from-literal=S3_SSE_C_KEY='' ``` === "Seafile CE" diff --git a/manual/setup/migrate_ce_to_pro_with_docker.md b/manual/setup/migrate_ce_to_pro_with_docker.md index b02cf740..f81a3d6f 100644 --- a/manual/setup/migrate_ce_to_pro_with_docker.md +++ b/manual/setup/migrate_ce_to_pro_with_docker.md @@ -40,7 +40,7 @@ Modify `.env` based on the old configurations from the old `.env` file. The foll For other fileds (e.g., `SEAFILE_VOLUME`, `SEAFILE_MYSQL_VOLUME`, `SEAFILE_MYSQL_DB_USER`, `SEAFILE_MYSQL_DB_PASSWORD`), **must be consistent** with the old configurations. !!! tip - For the configurations using to do the initializations (e.g, `INIT_SEAFILE_ADMIN_EMAIL`, `INIT_SEAFILE_MYSQL_ROOT_PASSWORD`, `INIT_S3_STORAGE_BACKEND_CONFIG`), you can remove it from `.env` as well + For the configurations using to do the initializations (e.g, `INIT_SEAFILE_ADMIN_EMAIL`, `INIT_SEAFILE_MYSQL_ROOT_PASSWORD`), you can remove it from `.env` as well ### Replace `seafile-server.yml` and `.env` diff --git a/manual/setup/setup_ce_by_docker.md b/manual/setup/setup_ce_by_docker.md index c04c27e6..84ba9f46 100644 --- a/manual/setup/setup_ce_by_docker.md +++ b/manual/setup/setup_ce_by_docker.md @@ -54,7 +54,8 @@ The following fields merit particular attention: | `REDIS_PASSWORD` | Redis server password | (none) | | `MEMCACHED_HOST` | Memcached server host | `memcached` | | `MEMCACHED_PORT` | Memcached server port | `11211` | -| `TIME_ZONE` | Time zone | `UTC` | +| `TIME_ZONE` | Time zone | `UTC` | +| `NOTIFICATION_SERVER_URL` | The [notification server](../extension/notification-server.md) url, leave blank to disable it | (none) | | `INIT_SEAFILE_ADMIN_EMAIL` | Admin username | `me@example.com` (Recommend modifications) | | `INIT_SEAFILE_ADMIN_PASSWORD` | Admin password | `asecret` (Recommend modifications) | diff --git a/manual/setup/setup_pro_by_docker.md b/manual/setup/setup_pro_by_docker.md index 03c65197..268a427e 100644 --- a/manual/setup/setup_pro_by_docker.md +++ b/manual/setup/setup_pro_by_docker.md @@ -80,11 +80,12 @@ The following fields merit particular attention: | `S3_KEY_ID` | S3 storage backend key ID | (required when `USE_S3_STORAGE=true`) | | `S3_SECRET_KEY` | S3 storage backend secret key | (required when `USE_S3_STORAGE=true`) | | `S3_AWS_REGION` | Region of your buckets | `us-east-1` | -| `S3_HOST` | Host of your buckets | `s3.us-east-1.amazonaws.com` | +| `S3_HOST` | Host of your buckets | (required when not use AWS) | | `S3_USE_HTTPS` | Use HTTPS connections to S3 if enabled | `true` | | `S3_USE_V4_SIGNATURE` | Use the v4 protocol of S3 if enabled | `true` | | `S3_PATH_STYLE_REQUEST` | This option asks Seafile to use URLs like `https://192.168.1.123:8080/bucketname/object` to access objects. In *Amazon S3*, the default URL format is in virtual host style, such as `https://bucketname.s3.amazonaws.com/object`. But this style relies on advanced DNS server setup. So most self-hosted storage systems only implement the path style format. | `false` | | `S3_SSE_C_KEY` | A string of 32 characters can be generated by openssl rand -base64 24. It can be any 32-character long random string. It's required to use V4 authentication protocol and https if you enable SSE-C. | (none) | +| `NOTIFICATION_SERVER_URL` | The [notification server](../extension/notification-server.md) url, leave blank to disable it | (none) | !!! success "Easier to configure S3 for Seafile and its components" Since Seafile Pro 13.0, in order to facilitate users to deploy Seafile's related extension components and other services in the future, a section will be provided in `.env` to store the **S3 authorization Configurations**. You can locate it with the following title bar: @@ -97,9 +98,9 @@ The following fields merit particular attention: ################################### ``` - The S3 authorization configuration part (i.e., ***without buckets name***) in Seafile initialization and some extension components (such as *SeaSearch*, *Metadata server*) configuration will be read from this configuration by default. + The S3 authorization configuration part (i.e., ***without buckets name***) in Seafile and some extension components (such as *SeaSearch*, *Metadata server*) configuration will be read from this configuration by default. - However, please note that **Seafile currently still reads S3 configurations [through `seafile.conf`](../setup/setup_with_s3.md), and the configuration in `.env` is only used for initialization of Seafile services**. But you have to **make sure they are consistent**. + However, please note that Seafile only support configuring S3 in `.env` for **single storage backend mode** (i.e., when `USE_S3_STORAGE=true`), if you would like to use multiple backends, please set `USE_S3_STORAGE=false` in `.env` and refer [here](../setup/setup_with_multiple_storage_backends.md) for the details. To conclude, set the directory permissions of the Elasticsearch volumne: diff --git a/manual/setup/setup_with_s3.md b/manual/setup/setup_with_s3.md index 255be6a4..af13698f 100644 --- a/manual/setup/setup_with_s3.md +++ b/manual/setup/setup_with_s3.md @@ -18,7 +18,9 @@ !!! tip "New feature from 13.0 pro edition" - If your will deploy Seafile server in Docker, you can specify your S3 configurations in `S3 authorization Configurations` title bar in `.env` **before starting the services** to deploy with S3 together. This operation will generate the same configuration file as this manual and will take effect when the service is started for the first time. + If your will deploy Seafile server in Docker, you can specify your S3 configurations in `S3 authorization Configurations` title bar in `.env` to deploy with S3 together. This operation will generate the same configuration file as this manual. + + However, please note that Seafile only support configuring S3 in `.env` for **single storage backend mode** (i.e., when `USE_S3_STORAGE=true`), if you would like to use multiple backends, please set `USE_S3_STORAGE=false` in `.env` and refer [here](../setup/setup_with_multiple_storage_backends.md) for the details. ## How to configure S3 in Seafile Seafile configures S3 storage by adding or modifying the following section in `seafile.conf`: diff --git a/manual/setup/use_seasearch.md b/manual/setup/use_seasearch.md index 889ff362..d6bd9c5c 100644 --- a/manual/setup/use_seasearch.md +++ b/manual/setup/use_seasearch.md @@ -51,7 +51,7 @@ INIT_SS_ADMIN_PASSWORD= ################################### ``` - The S3 authorization configuration part (i.e., ***without buckets name***) in Seafile initialization and some extension components (such as *SeaSearch*, *Metadata server*) configuration will be read from this configuration by default. + The S3 authorization configuration part (i.e., ***without buckets name***) in Seafile and some extension components (such as *SeaSearch*, *Metadata server*) configuration will be read from this configuration by default. In other words, if you deploy SeaSearch and Seafile together, and if you have deployed Seafile Pro following [here](../setup/setup_pro_by_docker.md#downloading-and-modifying-env) (and using the latest `.env`), you only need to specify the following variables in `.env` to make it work: diff --git a/manual/upgrade/upgrade_docker.md b/manual/upgrade/upgrade_docker.md index d078b537..1c112829 100644 --- a/manual/upgrade/upgrade_docker.md +++ b/manual/upgrade/upgrade_docker.md @@ -42,10 +42,12 @@ From Seafile Docker 13.0, the `elasticsearch.yml` has separated from `seafile-se 5. Modify `.env`, update image version and add cache configurations: - !!! note "Variables change logs for `.env`" - 1. From Seafile docker 13, the configurations of database and cache can get from environment variables directly (you can define it in the `.env`). What's more, the Redis will be recommended as the primary cache server for supporting some new features (please refer the ***upgradte notes***, you can also refer to more details about Redis in Seafile Docker [here](../setup/setup_pro_by_docker.md#about-redis)) and is the default type of cache provided in Seafile 13. + !!! note "Variables change logs for `.env` in Seafile 13" + 1. The configurations of database and cache can get from environment variables directly (you can define it in the `.env`). What's more, the Redis will be recommended as the primary cache server for supporting some new features (please refer the ***upgradte notes***, you can also refer to more details about Redis in Seafile Docker [here](../setup/setup_pro_by_docker.md#about-redis)) and is the default type of cache provided in Seafile 13. - 2. Starting from Seafile 13, When initializing Seafile, the configuration of S3, the SeaSearch component, and the newly supported Metadata server component all use unified variables (i.e., `S3_xxx`) for the authorization information of S3 in the new deployment. Please refer to the end of [the table in Seafile Pro deployment](../setup/setup_pro_by_docker.md#downloading-and-modifying-env) for details. If you plan to deploy or redeploy these components in the future, **please pay attention to changes in variable names**. + 2. The configuration of S3 (including Seafile server, SeaSearch, and the newly supported Metadata server) will use unified variables (i.e., `S3_xxx`) for the authorization information of S3 in the new deployment. Please refer to the end of [the table in Seafile Pro deployment](../setup/setup_pro_by_docker.md#downloading-and-modifying-env) for details. If you plan to deploy or redeploy these components in the future, **please pay attention to changes in variable names**. + + 3. The configuration of notification server will no longer read from `seafile.conf`, rather than the variable `NOTIFICATION_SERVER_URL` in the `.env` and leave blank to disable this feature. - Update image version to Seafile 13 @@ -77,6 +79,12 @@ From Seafile Docker 13.0, the `elasticsearch.yml` has separated from `seafile-se MEMCACHED_HOST=memcached MEMCACHED_PORT=11211 ``` + + - Add configuration for notification server (if is enabled in Seafile 12): + + ```sh + NOTIFICATION_SERVER_URL= + ``` !!! tip "Optional but recommended modifications for further configuration files" Although the configurations in environment (i.e., `.env`) have higher priority than the configurations in config files, we recommend that you remove or modify the cache configuration in the following files to avoid ambiguity::