Set up a seafile server on ArchLinux

Yichao Yu edited this page on 30 Mar · 13 revisions

Setup Seafile

Install the seahub package. The package is available in the ArchlinuxCN repo. As of writing, the latest version is 7.1.1.If you want to use the WebDAV function, also install the python-seafdav package. This has to be done before /usr/share/seafile-server is copied (see below). Otherwise, do an upgrade after the package is installed.
Create seafile useruseradd -m -r -d /srv/seafile -s /usr/bin/nologin seafileOne might also want to manually clean up the new home directory for the seafile user and set a permission on it so that it can be read by other user. This is mainly for convinience when setting up the server.
Create the base directory in /srv/seafile, e.g. /srv/seafile/example.com.Switch to it and switch to the seafile user.
Copy /usr/share/seafile-server/ to /srv/seafile/example.com.sudo -u seafile cp -a /usr/share/seafile-server /srv/seafile/example.comCopying (and to let seafile own the new copy) is necessary since seafile use the real path of the file to locate the database and it also writes to this direction during setup.
Run seafile-admin setup in the domain directoryAnswer all the questions. Most of the settings can be left as default.Note that as of 7.1, the seafile-admin shipped by default isn’t working. The one in archlinuxcn is patched to make it behave as close to the setup-seafile.sh script as possible.
Configure seafile
1. For using HTTPS, update the SERVICE_URL in conf/ccnet.conf and add FILE_SERVER_ROOT = 'https://example.com/seafhttp' to conf/seahub_settings.py (replace example.com with the actual domain name)
2. Set timezone and site name in conf/seahub_settings.py.Corresponding variable names are SITE_TITLE and TIME_ZONE.
3. Enable WebDAV by adding conf/seafdav.conf[WEBDAV] enabled = true port = 8083 # This is the port that'll be used in nginx config fastcgi = false # This may not matter anymore in 7.1 host = 127.0.0.1 # Assuming this is behind a proxy like nginx share_name = /seafdav # This can be customized
Start and enable the systemd unit, e.g. systemctl start seafile-server@example.com and systemctl enable seafile-server@example.com
Create admin user by running seafile-admin create-admin

Configure nginx

Config file

server {
    listen <ip>:80;
    server_name <domainname>;

    proxy_set_header X-Forwarded-For $remote_addr;

    location / {
        fastcgi_pass    127.0.0.1:8000;
        fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
        fastcgi_param   PATH_INFO           $fastcgi_script_name;

        fastcgi_param    SERVER_PROTOCOL        $server_protocol;
        fastcgi_param   QUERY_STRING        $query_string;
        fastcgi_param   REQUEST_METHOD      $request_method;
        fastcgi_param   CONTENT_TYPE        $content_type;
        fastcgi_param   CONTENT_LENGTH      $content_length;
        fastcgi_param    SERVER_ADDR         $server_addr;
        fastcgi_param    SERVER_PORT         $server_port;
        fastcgi_param    SERVER_NAME         $server_name;
        fastcgi_param   REMOTE_ADDR         $remote_addr;

        access_log      /var/log/nginx/seahub.access.log;
        error_log       /var/log/nginx/seahub.error.log;
        fastcgi_read_timeout 36000;
    }

    location /seafhttp {
        rewrite ^/seafhttp(.*)$ $1 break;
        proxy_pass http://127.0.0.1:8082;
        client_max_body_size 0;
        proxy_connect_timeout  36000s;
        proxy_read_timeout  36000s;
        proxy_send_timeout  36000s;
        send_timeout  36000s;
    }

    location /media {
        root /srv/seafile/<domainname>/seafile-server/seahub;
    }
    location /seafdav {
        proxy_pass          http://127.0.0.1:8083;
        proxy_set_header    Host $host;
        proxy_set_header    X-Real-IP $remote_addr;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Host $server_name;

        client_max_body_size 0;
        proxy_connect_timeout  36000s;
        proxy_read_timeout  36000s;
        proxy_send_timeout  36000s;
        send_timeout  36000s;

        # This option is only available for Nginx >= 1.8.0. See more details below.
        proxy_request_buffering off;

        access_log      /var/log/nginx/seafdav.access.log;
        error_log       /var/log/nginx/seafdav.error.log;
    }}

Replace <ip> and <domainname> with actual values.

Note that this config file does not use HTTPS. It’ll be done automatically by certbot.

Setup HTTPS

Install certbot and certbot-nginx
Run certbot --nginx.
Update certificates automatically
1. Create /etc/systemd/system/certbot.service[Unit] Description=Let's Encrypt renewal [Service] Type=oneshot ExecStart=/usr/bin/certbot renew --quiet --agree-tos ExecStartPost=/bin/systemctl reload nginx.service
2. Create /etc/systemd/system/certbot.timer[Unit] Description=Daily renewal of Let's Encrypt's certificates [Timer] OnCalendar=daily RandomizedDelaySec=1day Persistent=true [Install] WantedBy=timers.target
3. Enable and start certbot.timer

Upgrade

Stop the service.
Backup and remove /srv/seafile/example.com/seafile-server/.
Copy /usr/share/seafile-server over with.sudo -u seafile cp -a /usr/share/seafile-server /srv/seafile/example.com
Run the corresponding upgrade scripts in /srv/seafile/example.com/seafile-server/upgrade (including minor_upgrade.sh)

Troubleshooting

CSS not loading.
- Check if the directory for /media is set correctly in nginx.conf
- Clear /tmp/seahub_cache (Especially if seahub was reinstalled).
I still haven’t figured out how to get all the logs at the same place. If the server errors, it can be helpful to find all the .log file in the server directory. Some of the log files (that are not in logs/) may contain the actual error message from python.
If create-admin throws an error about account not exist, it is potentially caused by the database not initialized for ccnet. This is the main fix for seafile-admin. One can check the ccnet log to verify if this is the error