Installation of Seafile Server Professional Edition with Docker¶

This manual explains how to deploy and run Seafile Server Professional Edition (Seafile PE) on a Linux server using Docker and Docker Compose. The deployment has been tested for Debian/Ubuntu and CentOS, but Seafile PE should also work on other Linux distributions.

System requirements¶

Please refer here for system requirements about Seafile PE. In general, we recommend that you have at least 4G RAM and a 4-core CPU (> 2GHz).

About license

Seafile PE can be used without a paid license with up to three users. Licenses for more user can be purchased in the Seafile Customer Center or contact Seafile Sales at sales@seafile.com. For futher details, please refer the license page of Seafile PE.

Setup¶

The following assumptions and conventions are used in the rest of this document:

/opt/seafile is the directory of Seafile for storing Seafile docker files. If you decide to put Seafile in a different directory, adjust all paths accordingly.
Seafile uses two Docker volumes for persisting data generated in its database and Seafile Docker container. The volumes' host paths are /opt/seafile-mysql and /opt/seafile-data, respectively. It is not recommended to change these paths. If you do, account for it when following these instructions.
All configuration and log files for Seafile and the webserver Nginx are stored in the volume of the Seafile container.

Installing Docker¶

Use the official installation guide for your OS to install Docker.

Downloading the Seafile Image¶

Success

Since v12.0, Seafile PE versions are hosted on DockerHub and does not require username and password to download. For older Seafile PE versions are available private docker repository (back to Seafile 7.0). You can get the username and password on the download page in the Customer Center.

docker pull seafileltd/seafile-pro-mc:12.0-latest

Downloading and Modifying `.env`¶

From Seafile Docker 12.0, we use .env, seafile-server.yml and caddy.yml files for configuration.

mkdir /opt/seafile
cd /opt/seafile

wget -O .env https://manual.seafile.com/13.0/repo/docker/pro/env
wget https://manual.seafile.com/13.0/repo/docker/pro/seafile-server.yml
wget https://manual.seafile.com/13.0/repo/docker/pro/elasticsearch.yml
wget https://manual.seafile.com/13.0/repo/docker/seadoc.yml
wget https://manual.seafile.com/13.0/repo/docker/caddy.yml

nano .env

The following fields merit particular attention:

Variable	Description	Default Value
`SEAFILE_VOLUME`	The volume directory of Seafile data	`/opt/seafile-data`
`SEAFILE_MYSQL_VOLUME`	The volume directory of MySQL data	`/opt/seafile-mysql/db`
`SEAFILE_CADDY_VOLUME`	The volume directory of Caddy data used to store certificates obtained from Let's Encrypt's	`/opt/seafile-caddy`
`SEAFILE_ELASTICSEARCH_VOLUME`	The volume directory of Elasticsearch data	`/opt/seafile-elasticsearch/data`
`INIT_SEAFILE_MYSQL_ROOT_PASSWORD`	The `root` password of MySQL	(Only required on first deployment)
`SEAFILE_MYSQL_DB_USER`	The user of MySQL (`database` - `user` can be found in `conf/seafile.conf`)	`seafile`
`SEAFILE_MYSQL_DB_PASSWORD`	The user `seafile` password of MySQL	(required)
`SEAFILE_MYSQL_DB_CCNET_DB_NAME`	The database name of ccnet	`ccnet_db`
`SEAFILE_MYSQL_DB_SEAFILE_DB_NAME`	The database name of seafile	`seafile_db`
`SEAFILE_MYSQL_DB_SEAHUB_DB_NAME`	The database name of seahub	`seahub_db`
`JWT_PRIVATE_KEY`	JWT_PRIVATE_KEY, A random string with a length of no less than 32 characters is required for Seafile, which can be generated by using `pwgen -s 40 1`	(required)
`SEAFILE_SERVER_HOSTNAME`	Seafile server hostname or domain	(required)
`SEAFILE_SERVER_PROTOCOL`	Seafile server protocol (http or https)	`http`
`CACHE_PROVIDER`	The type of cache server used for Seafile. The available options are `redis` and `memcached`. Since Seafile 13, it is recommended to use `redis` as the cache service to support new features, and `memcached` will no longer be integrated into Seafile Docker by default.	`redis`
`REDIS_HOST`	Redis server host	`redis`
`REDIS_PORT`	Redis server port	`6379`
`REDIS_PASSWORD`	Redis server password	(none)
`MEMCACHED_HOST`	Memcached server host	`memcached`
`MEMCACHED_PORT`	Memcached server port	`11211`
`TIME_ZONE`	Time zone	`UTC`
`INIT_SEAFILE_ADMIN_EMAIL`	Synchronously set admin username during initialization	me@example.com
`INIT_SEAFILE_ADMIN_PASSWORD`	Synchronously set admin password during initialization	asecret
`USE_S3_STORAGE`	Use S3 backend storage in Seafile server	`false`
`S3_COMMIT_BUCKET`	S3 storage backend commit objects bucket	(required when `USE_S3_STORAGE=true`)
`S3_FS_BUCKET`	S3 storage backend fs objects bucket	(required when you would like to initialize with S3)
`S3_BLOCK_BUCKET`	S3 storage backend block objects bucket	(required when `USE_S3_STORAGE=true`)
`S3_KEY_ID`	S3 storage backend key ID	(required when `USE_S3_STORAGE=true`)
`S3_SECRET_KEY`	S3 storage backend secret key	(required when `USE_S3_STORAGE=true`)
`S3_AWS_REGION`	Region of your buckets	`us-east-1`
`S3_HOST`	Host of your buckets	`s3.us-east-1.amazonaws.com`
`S3_USE_HTTPS`	Use HTTPS connections to S3 if enabled	`true`
`S3_USE_V4_SIGNATURE`	Use the v4 protocol of S3 if enabled	`true`
`S3_PATH_STYLE_REQUEST`	This option asks Seafile to use URLs like `https://192.168.1.123:8080/bucketname/object` to access objects. In Amazon S3, the default URL format is in virtual host style, such as `https://bucketname.s3.amazonaws.com/object`. But this style relies on advanced DNS server setup. So most self-hosted storage systems only implement the path style format.	`false`
`S3_SSE_C_KEY`	A string of 32 characters can be generated by openssl rand -base64 24. It can be any 32-character long random string. It's required to use V4 authentication protocol and https if you enable SSE-C.	(none)

Easier to configure S3 for Seafile and its components

Since Seafile Pro 13.0, in order to facilitate users to deploy Seafile's related extension components and other services in the future, a section will be provided in .env to store the S3 authorization Configurations. You can locate it with the following title bar:

###################################
# S3 authorization Configurations #
#    (This configurations will    #
#     apply to all components)    #
###################################

The S3 authorization configuration part (i.e., without buckets name) in Seafile initialization and some extension components (such as SeaSearch, Metadata server) configuration will be read from this configuration by default.

However, please note that Seafile currently still reads S3 configurations through seafile.conf, and the configuration in .env is only used for initialization of Seafile services. But you have to make sure they are consistent.

To conclude, set the directory permissions of the Elasticsearch volumne:

mkdir -p /opt/seafile-elasticsearch/data
chmod 777 -R /opt/seafile-elasticsearch/data

Starting the Docker Containers¶

Run docker compose in detached mode:

docker compose up -d

ERROR: Named volume "xxx" is used in service "xxx" but no declaration was found in the volumes section

You may encounter this problem when your Docker (or docker-compose) version is out of date. You can upgrade or reinstall the Docker service to solve this problem according to the Docker official documentation.

Note

You must run the above command in the directory with the .env. If .env file is elsewhere, please run

docker compose -f /path/to/.env up -d

Success

After starting the services, you can see the initialization progress by tracing the logs of container seafile (i.e., docker logs seafile -f)

---------------------------------
This is your configuration
---------------------------------

    server name:            seafile
    server ip/domain:       seafile.example.com

    seafile data dir:       /opt/seafile/seafile-data
    fileserver port:        8082

    database:               create new
    ccnet database:         ccnet_db
    seafile database:       seafile_db
    seahub database:        seahub_db
    database user:          seafile


Generating seafile configuration ...

done
Generating seahub configuration ...

----------------------------------------
Now creating seafevents database tables ...

----------------------------------------
----------------------------------------
Now creating ccnet database tables ...

----------------------------------------
----------------------------------------
Now creating seafile database tables ...

----------------------------------------
----------------------------------------
Now creating seahub database tables ...

----------------------------------------

creating seafile-server-latest symbolic link ...  done

-----------------------------------------------------------------
Your seafile server configuration has been finished successfully.
-----------------------------------------------------------------

And then you can see the following messages which the Seafile server starts successfully:

Starting seafile server, please wait ...
Seafile server started

Done.

Starting seahub at port 8000 ...

----------------------------------------
Successfully created seafile admin
----------------------------------------

Seahub is started

Done.

Finially, you can go to http://seafile.example.com to use Seafile.

A 502 Bad Gateway error means that the system has not yet completed the initialization

Find logs¶

To view Seafile docker logs, please use the following command

docker compose logs -f

The Seafile logs are under /shared/logs/seafile in the docker, or /opt/seafile-data/logs/seafile in the server that run the docker.

The system logs are under /shared/logs/var-log, or /opt/seafile-data/logs/var-log in the server that run the docker.

Activating the Seafile License¶

If you have a seafile-license.txt license file, simply put it in the volume of the Seafile container. The volumne's default path in the Compose file is /opt/seafile-data. If you have modified the path, save the license file under your custom path.

If the license file has a different name or cannot be read, Seafile server will start with in trailer mode with most THREE users

Then restart Seafile:

docker compose down

docker compose up -d

Seafile directory structure¶

Path `/opt/seafile-data`¶

Placeholder spot for shared volumes. You may elect to store certain persistent information outside of a container, in our case we keep various log files and upload directory outside. This allows you to rebuild containers easily without losing important information.

/opt/seafile-data/seafile: This is the directory for seafile server configuration, logs and data.
/opt/seafile-data/seafile/logs: This is the directory that would contain the log files of seafile server processes. For example, you can find seaf-server logs in /opt/seafile-data/seafile/logs/seafile.log.
/opt/seafile-data/logs: This is the directory for operating system and Nginx logs.
/opt/seafile-data/logs/var-log: This is the directory that would be mounted as /var/log inside the container. For example, you can find the nginx logs in /opt/seafile-data/logs/var-log/nginx/.

Reviewing the Deployment¶

The command docker container list should list the containers specified in the .env.

The directory layout of the Seafile container's volume should look as follows:

$ tree /opt/seafile-data -L 2
/opt/seafile-data
├── logs
│   └── var-log
├── nginx
│   └── conf
└── seafile
    ├── ccnet
    ├── conf
    ├── logs
    ├── pro-data
    ├── seafile-data
    └── seahub-data

All Seafile config files are stored in /opt/seafile-data/seafile/conf. The nginx config file is in /opt/seafile-data/nginx/conf.

Any modification of a configuration file requires a restart of Seafile to take effect:

docker compose restart

All Seafile log files are stored in /opt/seafile-data/seafile/logs whereas all other log files are in /opt/seafile-data/logs/var-log.

Backup and Recovery¶

Follow the instructions in Backup and restore for Seafile Docker

Garbage Collection¶

When files are deleted, the blocks comprising those files are not immediately removed as there may be other files that reference those blocks (due to the magic of deduplication). To remove them, Seafile requires a 'garbage collection' process to be run, which detects which blocks no longer used and purges them.

FAQ¶

Seafile service and container maintenance¶

Q: If I want enter into the Docker container, which command I can use?

A: You can enter into the docker container using the command:

docker exec -it seafile /bin/bash

Q: I forgot the Seafile admin email address/password, how do I create a new admin account?

A: You can create a new admin account by running

docker exec -it seafile /opt/seafile/seafile-server-latest/reset-admin.sh

The Seafile service must be up when running the superuser command.

Q: If, for whatever reason, the installation fails, how do I to start from a clean slate again?

A: Remove the directories /opt/seafile, /opt/seafile-data and /opt/seafile-mysql and start again.

Q: Something goes wrong during the start of the containers. How can I find out more?

A: You can view the docker logs using this command: docker compose logs -f.

About cache¶

Q: How Seafile use cache?

A: Seafile uses cache to improve performance in many situations. The content includes but is not limited to user session information, avatars, profiles, records from database, etc. From Seafile Docker 13, the Redis takes the default cache server for supporting the new features (please refer the upgradte notes), which has integrated in Seafile Docker 13 and can be configured directly in environment variables in .env (no additional settings are required by default)

Q: Is the Redis integrated in Seafile Docker safe? Does it have an access password?

A: Although the Redis integrated by Seafile Docker does not have a password set by default, it can only be accessed through the Docker private network and will not expose the service port externally. Of course, you can also set a password for it if necessary. You can set REDIS_PASSWORD in .env and remove the following comment markers in seafile-server.yml to set the integrated Redis' password:

services:
    ...
    redis:
    image: ${SEAFILE_REDIS_IMAGE:-redis}
    container_name: seafile-redis
    # remove the following comment markers
    command:
        - /bin/sh
        - -c
        - redis-server --requirepass "$${REDIS_PASSWORD:?Variable is not set or empty}"
    networks:
    - seafile-net
    ...

Q: For some reason, I still have to use Memcached as my cache server. How can I do this?

A: If you still want to use the Memcached (is not provided from Seafile Docker 13), just follow the steps below:

Set CACHE_PROVIDER to memcached and modify MEMCACHED_xxx in .env
Remove the redis part and and the redis dependency in seafile service section in seafile-server.yml.

By the way, you can make changes to the cache server after the service is started (by setting environment variables in .env), but the corresponding configuration files will not be updated directly (e.g., seahub_settings.py, seafile.conf and seafevents.conf). To avoid ambiguity, we recommend that you also update these configuration files.