Debian 7 - Install Seafile Server 4.x

Seafile is an opensource file hosting and synchronization service similar to Dropbox, $harepoint, and Owncloud. I have used all of those services, and Seafile is my favourite for various reasons, which I may cover in later tutorial.

One of great things about Seafile is that they have a business plan through offering a public cloud service, as well as private server options, so the project is less likely to "die out" any time soon. The application seems to have frequent updates, and can be a bit of a pain to install/configure, so if you have cash to splash, this may be a good solution for you.

I have actually covered Seafile in the past, but I am creating another tutorial because I have only just noticed that version 4 of the server is out, and it requires some additional steps. Also, this tutorial will be showing you how to setup a Seafile server on Debian, rather than Ubuntu.

Installation

Update And Install Packages

Run the following commands:

sudo apt-get update
sudo apt-get upgrade -y

sudo apt-get install \
python2.7 \
python-imaging \
python-mysqldb \
python-setuptools \
python-simplejson \
-y

Set Up MySQL

Copy the following script into a file, and execute it with sudo privileges.

# Manually set these if you desire
DB_ROOT_PASS=`openssl rand -base64 32`
SEAFILE_DB_PASS=`openssl rand -base64 32`

# Set debconf selections so
# the user doesn't get a prompt
sudo debconf-set-selections <<< "mysql-server mysql-server/root_password password $DB_ROOT_PASS"  
sudo debconf-set-selections <<< "mysql-server mysql-server/root_password_again password $DB_ROOT_PASS"  
sudo apt-get install mysql-server -y

mysql -u root -p$DB_ROOT_PASS -e \
"CREATE DATABASE `ccnet-db` character set = 'utf8';
CREATE DATABASE `seafile-db` character set = 'utf8';
CREATE DATABASE `seahub-db` character set = 'utf8';"

mysql -u root -p$DB_ROOT_PASS -e \
"CREATE USER 'seafile'@'localhost' identified by '$SEAFILE_DB_PASS'";

mysql -u root -p$DB_ROOT_PASS -e \
"GRANT ALL PRIVILEGES ON `ccnet-db`.* to `seafile`;
GRANT ALL PRIVILEGES ON `seafile-db`.* to `seafile`;
GRANT ALL PRIVILEGES ON `seahub-db`.* to `seafile`;"

# Update Seafiles MySQL login configs
SEARCH="PASSWD=seafile"
REPLACE="PASSWD=$SEAFILE_DB_PASS"
FILEPATH="ccnet/ccnet.conf"
sed -i "s;$SEARCH;$REPLACE;" $FILEPATH

SEARCH="password=seafile"
REPLACE="password=$SEAFILE_DB_PASS"
FILEPATH="seafile-data/seafile.conf"
sed -i "s;$SEARCH;$REPLACE;" $FILEPATH

SEARCH="password=seafile"
REPLACE="password=$SEAFILE_DB_PASS"
FILEPATH="seafile-server/pro-data/seafevents.conf"
sed -i "s;$SEARCH;$REPLACE;" $FILEPATH

# Output the details to the user
# in case they ever need them again
clear
echo "Your database root password is:"
echo "$DB_ROOT_PASS"
echo ""
echo "Seafile's database details are:"
echo "User: seafile"
echo "Pass: $SEAFILE_DB_PASS"

Now run mysql_secure_installation and:

• remove annonymous users
• disallow root login remotely
• remove test database
• reload privileges

Grab Seafile And Configure

cd $HOME
wget http://seafile.com/en/download/
wget https://bitbucket.org/haiwen/seafile/downloads/seafile-server_4.0.1_x86-64.tar.gz

# extract the download
tar --extract --gzip --file seafile-server*

# remove the compressed file
rm seafile-server*.tar.gz

SSL Keys

We are going to configure Nginx with SSL for security. Please generate a pair from your provider, or follow my series of posts on generating free, certified SSL certificates.

If you're too lazy to set up certified SSL keys, then generate them on the server with the following two commands:

openssl genrsa -out privkey.pem 4096
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095

Copy the public key to /etc/ssl/cacert.pem, and the private key to /etc/ssl/privkey.pem

Configure Nginx

Run the two commands below. You may or may not want to change $HOSTNAME to your server's IP.

sudo apt-get install python-flup

echo "server {
    listen       80;
    server_name  $HOSTNAME;
    rewrite ^ https://\$http_host\$request_uri? permanent;    # force redirect http to https
}
server {
    listen 443;
    ssl on;
    ssl_certificate /etc/ssl/cacert.pem;        # path to your cacert.pem
    ssl_certificate_key /etc/ssl/privkey.pem;   # path to your privkey.pem
    server_name www.yourdoamin.com;
    location / {
        fastcgi_pass    127.0.0.1:8000;
        fastcgi_param   SCRIPT_FILENAME     \$document_root\$fastcgi_script_name;
        fastcgi_param   PATH_INFO           \$fastcgi_script_name;

        fastcgi_param   SERVER_PROTOCOL     \$server_protocol;
        fastcgi_param   QUERY_STRING        \$query_string;
        fastcgi_param   REQUEST_METHOD      \$request_method;
        fastcgi_param   CONTENT_TYPE        \$content_type;
        fastcgi_param   CONTENT_LENGTH      \$content_length;
        fastcgi_param   SERVER_ADDR         \$server_addr;
        fastcgi_param   SERVER_PORT         \$server_port;
        fastcgi_param   SERVER_NAME         \$server_name;
        fastcgi_param   HTTPS               on;
        fastcgi_param   HTTP_SCHEME         https;

        access_log      /var/log/nginx/seahub.access.log;
        error_log       /var/log/nginx/seahub.error.log;
    }
    location /seafhttp {
        rewrite ^/seafhttp(.*)\$ \$1 break;
        proxy_pass http://127.0.0.1:8082;
        client_max_body_size 0;
        proxy_connect_timeout  36000s;
        proxy_read_timeout  36000s;
    }
    location /media {
        root $HOME/seafile-server-latest/seahub;
    }
}" | sudo tee /seafile/seafile-data/seafile.conf

Startup Script

Create a file at /etc/init.d/seafile-server with the following content, making sure to fill in user=""

#!/bin/bash

# Fill this in with the name of 
# your $USER
user=""

# Change the value of "seafile_dir" to your path of seafile installation
seafile_dir=/data/haiwen
script_path=${seafile_dir}/seafile-server-latest
seafile_init_log=${seafile_dir}/logs/seafile.init.log
seahub_init_log=${seafile_dir}/logs/seahub.init.log

# Change the value of fastcgi to true if fastcgi is to be used
fastcgi=false
# Set the port of fastcgi, default is 8000. Change it if you need different.
fastcgi_port=8000

case "$1" in
        start)
                sudo -u ${user} ${script_path}/seafile.sh start >> ${seafile_init_log}
                if [  $fastcgi = true ];
                then
                        sudo -u ${user} ${script_path}/seahub.sh start-fastcgi ${fastcgi_port} >> ${seahub_init_log}
                else
                        sudo -u ${user} ${script_path}/seahub.sh start >> ${seahub_init_log}
                fi
        ;;
        restart)
                sudo -u ${user} ${script_path}/seafile.sh restart >> ${seafile_init_log}
                if [  $fastcgi = true ];
                then
                        sudo -u ${user} ${script_path}/seahub.sh restart-fastcgi ${fastcgi_port} >> ${seahub_init_log}
                else
                        sudo -u ${user} ${script_path}/seahub.sh restart >> ${seahub_init_log}
                fi
        ;;
        stop)
                sudo -u ${user} ${script_path}/seafile.sh $1 >> ${seafile_init_log}
                sudo -u ${user} ${script_path}/seahub.sh $1 >> ${seahub_init_log}
        ;;
        *)
                echo "Usage: /etc/init.d/seafile {start|stop|restart}"
                exit 1
        ;;
esac

Conclusion

Seafile is an excellent open source tool, but it seems that setting it up can be quite difficult (I didn't have this tutorial to help me). I found it much easier to setup and configure an owncloud server than Seafile this time, but I hope that will change by bringing in Docker integration. Perhaps I will do this for them if someone hasn't done it already.

References

• Seafile Docs