gronis/seafile
Seafile Server Docker container based on Ubuntu originating from here
Filetree:
/seafile/
|-- ccnet
|-- conf
|-- seafile-data
`-- seahub-data
/opt/
`-- haiwen
|-- ccnet -> /seafile/ccnet
|-- conf -> /seafile/conf
|-- logs
|-- pids
|-- seafile-data -> /seafile/seafile-data
|-- seafile-server-5.1.3
|-- seafile-server-latest -> seafile-server-5.1.3
`-- seahub-data -> /seafile/seahub-data
All important data is stored under /seafile, so you should be mounting a volume there (recommended), as shown in the example configurations, or at the respective subdirectories. There are a plethora of environment variables which might be needed for your setup.
Mandatory ENV variables for auto setup
If you want to use MySQL/MariaDB, the following variables are needed:
Mandatory ENV variables for MySQL/MariaDB
Optional ENV variables for auto setup with MySQL/MariaDB
Optional ENV variables
FILE_SERVER_ROOT
variable in seahub configSERVICE_URL
variable in seahub configIf you plan on omitting /seafile as a volume and mount the subdirectories instead, you'll need to additionally specify SEAHUB_DB_DIR
which containes the subdirectory of /seafile the seahub.db file shall be put in.
There are some more variables which could be changed but have not been tested and are probably not fully functional as well. Therefore those not mentioned here. Inspect the seafile-entrypoint.sh
script if you have additional needs for customization.
Using docker-run
If you want to run with sqlite:
docker run -d -e SEAFILE_NAME=Seafile \
-e SEAFILE_ADDRESS=seafile.example.com \
-e SEAFILE_ADMIN=admin@seafile.example.com \
-e SEAFILE_ADMIN_PW=SuperSecretPassword \
-v /host/os/path:/seafile \
gronis/seafile
If you want to use MySQL:
docker run -d -e SEAFILE_NAME=Seafile \
-e SEAFILE_ADDRESS=seafile.example.com \
-e SEAFILE_ADMIN=admin@seafile.example.com \
-e SEAFILE_ADMIN_PW=SuperSecretPassword \
-e MYSQL_SERVER=seafile-db \
-e MYSQL_USER=seafile \
-e MYSQL_USER_PASSWORD=SuperSecretDatabasePassword \
-e MYSQL_ROOT_PASSWORD=EvenMoreSuperSecretDatabasePassword \
-v /host/os/path:/seafile \
gronis/seafile
Using docker-compose
With sqlite
version: '2'
services:
seafile:
image: gronis/seafile
container_name: seafile
restart: unless-stopped
volumes:
- ./seafile-container-data:/seafile:rw
ports:
- 8000:8000
- 8082:8082
environment:
- SEAFILE_NAME=Seafile
- SEAFILE_ADDRESS=seafile.example.com
- SEAFILE_ADMIN=admin@seafile.example.com
- SEAFILE_ADMIN_PW=SuperSecretPassword
With MySQL
version: '2'
services:
seafile:
image: gronis/seafile
container_name: seafile
restart: unless-stopped
depends_on:
- seafile-db
links:
- seafile-db
volumes:
- ./seafile-container-data:/seafile:rw
ports:
- 8000:8000
- 8082:8082
environment:
- SEAFILE_NAME=Seafile
- SEAFILE_ADDRESS=seafile.example.com
- SEAFILE_ADMIN=admin@seafile.example.com
- SEAFILE_ADMIN_PW=SuperSecretPassword
- MYSQL_SERVER=seafile-db
- MYSQL_USER=seafile
- MYSQL_USER_PASSWORD=SuperSecretDatabasePassword
- MYSQL_ROOT_PASSWORD=EvenMoreSuperSecretDatabasePassword
seafile-db:
image: mariadb:latest
container_name: seafile-db
restart: unless-stopped
volumes:
- ./seafile-db-data:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=EvenMoreSuperSecretDatabasePassword
This container is intended to be run behind a reverse proxy. You can read more about that in the Seafile manual: http://manual.seafile.com/deploy/
I'll recommend to use nginx reverse proxy with automated updating process with letsencrypt. This requires you to own the domain you are using. Here is a full example, using MySQL and together with nginx reverse proxy, assuming the domain name is seafile.example.com
NOTE: Use nginx.tmpl to generate the nginx config. Here, I assume the domain name seafile.example.com
but switch it out for your own domain.
version: '2'
services:
seafile:
image: gronis/seafile
container_name: seafile
restart: unless-stopped
depends_on:
- seafile-db
links:
- seafile-db
volumes:
- ./seafile-container-data:/seafile:rw
environment:
- VIRTUAL_HOST=seafile.example.com
- VIRTUAL_PORT=8000
- LETSENCRYPT_HOST=seafile.example.com
- LETSENCRYPT_EMAIL=youremail@youremailprovider.com
- SEAFILE_NAME=Seafile
- SEAFILE_ADDRESS=seafile.example.com
- SEAFILE_ADMIN=admin@seafile.example.com
- SEAFILE_ADMIN_PW=SuperSecretPassword
- SERVICE_URL=https://seafile.example.com
- FILE_SERVER_ROOT=https://seafile.example.com/seafhttp
- MYSQL_SERVER=seafile-db
- MYSQL_USER=seafile
- MYSQL_USER_PASSWORD=SuperSecretDatabasePassword
- MYSQL_ROOT_PASSWORD=EvenMoreSuperSecretDatabasePassword
seafile-db:
image: mariadb:latest
container_name: seafile-db
restart: unless-stopped
volumes:
- ./seafile-db-data:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=EvenMoreSuperSecretDatabasePassword
# Network traffic passes through nginx (as https) and then to seafile (as http)
nginx:
image: nginx:alpine
container_name: nginx
restart: always
ports:
- 80:80
- 443:443
volumes:
- ./nginx/conf.d:/etc/nginx/conf.d:ro
- ./nginx/vhost.d:/etc/nginx/vhost.d:ro
- ./nginx/html:/usr/share/nginx/html
- ./nginx/certs:/etc/nginx/certs:ro
- ./nginx/htpasswd:/etc/nginx/htpasswd:ro
# This container generate the nginx configuration
nginx-gen:
image: jwilder/docker-gen:0.7.3
container_name: nginx-gen
restart: always
depends_on:
- nginx
volumes_from:
- nginx
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro
- ./nginx/conf.d:/etc/nginx/conf.d:rw
networks:
- proxy-tier
entrypoint: /usr/local/bin/docker-gen -notify-sighup nginx -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
# This container refreshes the https certificate
letsencrypt-nginx-proxy-companion:
image: nginxproxy/acme-companion
container_name: letsencrypt-nginx-proxy-companion
restart: unless-stopped
depends_on:
- nginx
- nginx-gen
volumes_from:
- nginx
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./nginx/vhost.d:/etc/nginx/vhost.d:rw
- ./nginx/certs:/etc/nginx/certs:rw
environment:
- NGINX_DOCKER_GEN_CONTAINER=nginx-gen
Since Seafile uses port 8082 to sync files, this extra config must be added to nginx to enable passthrough over the nginx proxy using https.
This configuration file should be placed in /etc/nginx/vhost.d/seafile.example.com
on nginx-gen (./nginx/vhost.d
from the above config), to enable port 8082 to pass though the domain.
It will automatically be embedded into /etc/nginx/conf/default.conf
on the nginx server (see more here).
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://seafile:8082;
client_max_body_size 0;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
proxy_send_timeout 36000s;
send_timeout 36000s;
}
To make sure that the proxy is used to sync files instead of using port 8082, add SERVICE_URL
and FILE_SERVER_ROOT
environment variables to docker-compose.yaml
like so:
services:
seafile:
# ...
environment:
# ...
- SERVICE_URL=https://seafile.example.com
- FILE_SERVER_ROOT=https://seafile.example.com/seafhttp
docker pull gronis/seafile