Skip to content

Seafile Pro

Seafile file syncing service is installed on the [[smarthome]] VM. The professional version is used which offers more features and is free for up to 3 users.

Installation

The installation follows the official guide. 4 cores and 4 GB RAM are the minimum requirements.

OS preparation

Elastic search requirements

sudo sysctl -w vm.max_map_count=262144

Docker compose setup

Pull the docker image with the credentials seafile / zjkmid6rQibdZ=uJMuWS (taken from the official site):

mkdir seafile && cd seafile
docker login docker.seadrive.org
docker pull docker.seadrive.org/seafileltd/seafile-pro-mc:latest

Download the latest docker-compose.yaml (URL might change with newer versions):

wget -O "docker-compose.yaml" "https://manual.seafile.com/11.0/docker/docker-compose/pro/11.0/docker-compose.yml"

Update the compose file as needed: move secrets into an .env file, update the directory paths, switch the main port to 3333.

Prepare the elasticsearch permissions:

mkdir -p $PWD/elasticsearch-data
chmod 777 -R $PWD/elasticsearch-data

Start up the container and watch for error messages:

docker compose up

The initial startup creates the necessary files and database tables. However, since not everything is ready from the get-go, some post installation steps are necessary.

Enabling non-root process

Source: https://manual.seafile.com/latest/docker/pro-edition/deploy_seafile_pro_with_docker/#run-seafile-as-non-root-user-inside-docker

Prepare non-root permissions: uncomment or add the environment flag - NON_ROOT=true in docker-compose.yaml.

Then update the permissions:

sudo chmod -R a+rwx $PWD/seafile-data/seafile/

Recreate the container:

docker compose down
docker compose up -d

Adding ClamAV antivirus scanning

Source: https://manual.seafile.com/latest/deploy_pro/deploy_clamav_with_seafile/#deploy-clamav-with-seafile

Add the following service to docker-compose.yaml:

services:
  ...

  av:
    image: clamav/clamav:latest
    container_name: seafile-clamav
    networks:
      - seafile-net

Optionally, add the av service to the depends_on section of the seafile service:

depends_on:
    - db
    - memcached
    - elasticsearch
    - av

Add the following to $PWD/seafile-data/seafile/conf/seafile.conf (using sudo):

[fileserver]
...
check_virus_on_web_upload = true

[virus_scan]
scan_command = clamdscan
virus_code = 1
nonvirus_code = 0
scan_interval = 5
scan_size_limit = 20
threads = 2

Restart the server:

docker compose restart

Enable notifications

Source: https://manual.seafile.com/latest/deploy/notification-server/

This helps with improving the performance.

Generate a jwt token with the following command:

openssl rand -base64 32

Add it into $PWD/seafile-data/seafile/conf/seafile.conf and make sure notifications are enabled:

[notification]
enabled = true
...
jwt_private_key = LSaCwxnHt+t3u/QhgFD3JouvEv0T1iBjOtqHheWL16Y=

Restart the server:

docker compose restart

Enable caching

Source: https://manual.seafile.com/latest/config/seafile-conf/#cache-pro-edition-only

Add the following configuration into $PWD/seafile-data/seafile/conf/seafile.conf 

[memcached]
memcached_options = --SERVER=127.0.0.1 --POOL-MIN=10 --POOL-MAX=100

Restart the server:

docker compose restart

Enable e-mail sending

Source: https://manual.seafile.com/latest/config/sending_email/

Add the following lines to seahub_settings.py to enable email sending.

EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.eu.mailgun.org'        # smtp server
EMAIL_HOST_USER = 'seafile@mail.davosian.net'    # username and domain
EMAIL_HOST_PASSWORD = 'password'    # password
EMAIL_PORT = 587
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
SERVER_EMAIL = EMAIL_HOST_USER

Add external access

Follow the setup from Tailscale to expose the service through Caddy running on Hetzner by adding a configuration block to the Caddyfile:

- friendly_name: sf
    fqdn: sf.davosian.ch
    upstream: "smarthome:3333"
    tls_insecure: false
    tls_provider: cloudflare

Deploy the changes and wait a bit for the SSL certificate to be created:

just run caddy

Connect to the server directly through tailscale and go to the settings: http://smarthome:3333/sys/web-settings/

Make sure SERVICE_URL and FILE_SERVER_ROOT are using the correct URL (with https). Change and save if necessary.

Also, update SERVICE_URL and FILE_SERVER_ROOT in `$PWD/seafile-data/seafile/conf/seahub_settings.py to use https.

Reboot the server:

docker compose restart