Skip to content

Commit

Permalink
Merge pull request #426 from haiwen/update_12.0_ce_binary
Browse files Browse the repository at this point in the history 
update 12.0 ce from binary
  • Loading branch information
@freeplant
freeplant authored Dec 20, 2024
2 parents d889a78 + e3dffbb commit a0b7f78
Show file tree
Hide file tree
Showing 12 changed files with 285 additions and 464 deletions.
2 changes: 1 addition & 1 deletion manual/config/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

The config files used in Seafile include:

* [environment variables](.env.md): contains environment variables, the items here are shared between different components. Newly introduced components, like sdoc-server and notificaiton server, read configuraitons from environment variables and have no config files.
* [environment variables](env.md): contains environment variables, the items here are shared between different components. Newly introduced components, like sdoc-server and notificaiton server, read configuraitons from environment variables and have no config files.
* [seafile.conf](seafile-conf.md): contains settings for seafile daemon and fileserver.
* [seahub_settings.py](seahub_settings_py.md): contains settings for Seahub
* [seafevents.conf](seafevents-conf.md): contains settings for background tasks and file search.
Expand Down
1 change: 0 additions & 1 deletion manual/config/seafile-conf.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -290,7 +290,6 @@ You may configure Seafile to use various kinds of object storage backends.

- [S3 or S3-compatible object storage](../setup/setup_with_s3.md)
- [Ceph RADOS](../setup/setup_with_ceph.md)
- [Alibaba Cloud OSS](../setup/setup_with_oss.md)
- [OpenStack Swift](../setup/setup_with_swift.md)

You may also configure Seafile to use [multiple storage backends](../setup/setup_with_multiple_storage_backends.md) at the same time.
Expand Down
4 changes: 1 addition & 3 deletions manual/extension/libreoffice_online.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,8 @@

=== "Deploy from binary packages"

Please follow the links to enable https:
Please follow the links to enable https by [Nginx](../setup_binary/https_with_nginx.md)

- [Nginx](../setup_binary/https_with_nginx.md)
- [Apache](../setup_binary/https_with_apache.md)

Download the `collabora.yml`

Expand Down
5 changes: 1 addition & 4 deletions manual/setup_binary/deploy_in_a_cluster.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,10 +198,7 @@ You also need to add the settings for backend cloud storage systems to the confi

Nginx/Apache with HTTP need to set it up on each machine running Seafile server. This is make sure only port 80 need to be exposed to load balancer. (HTTPS should be setup at the load balancer)

Please check the following documents on how to setup HTTP with Nginx/Apache. (HTTPS is not needed)

* [Nginx](./https_with_nginx.md)
* [Apache](./https_with_apache.md)
Please check the following documents on how to setup HTTP with [Nginx](./https_with_nginx.md). (HTTPS is not needed)


### Run and Test the Single Node
Expand Down
197 changes: 0 additions & 197 deletions manual/setup_binary/https_with_apache.md
View file

This file was deleted.

87 changes: 35 additions & 52 deletions manual/setup_binary/https_with_nginx.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,6 @@ HTTPS requires a SSL certificate from a Certificate Authority (CA). Unless you a

A second requirement is a reverse proxy supporting SSL. [Nginx](http://nginx.org/), a popular and resource-friendly web server and reverse proxy, is a good option. Nginx's documentation is available at http://nginx.org/en/docs/.

If you prefer Apache, you find instructions for [enabling HTTPS with Apache here](./https_with_apache.md).

## Setup

The setup of Seafile using Nginx as a reverse proxy with HTTPS is demonstrated using the sample host name `seafile.example.com`.
Expand All @@ -25,14 +23,9 @@ The setup proceeds in two steps: First, Nginx is installed. Second, a SSL certif

Install Nginx using the package repositories:

=== "Debian/Ubuntu"
```sh
sudo apt install nginx -y
```
=== "CentOS"
```bash
sudo yum install nginx -y
```
```sh
sudo apt install nginx -y
```

After the installation, start the server and enable it so that Nginx starts at system boot:

Expand All @@ -43,45 +36,28 @@ sudo systemctl enable nginx

### Preparing Nginx

The configuration of a proxy server in Nginx differs slightly between CentOS and Debian/Ubuntu. Additionally, the restrictive default settings of SELinux's configuration on CentOS require a modification.

=== "Debian/Ubuntu"
Create a configuration file for seafile in `/etc/nginx/sites-available/`:

```bash
touch /etc/nginx/sites-available/seafile.conf
```
Create a configuration file for seafile in `/etc/nginx/sites-available/`:

Delete the default files in `/etc/nginx/sites-enabled/` and `/etc/nginx/sites-available`:

````bash
rm /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-available/default
````

Create a symbolic link:
```bash
touch /etc/nginx/sites-available/seafile.conf
```

````bash
ln -s /etc/nginx/sites-available/seafile.conf /etc/nginx/sites-enabled/seafile.conf
````
=== "CentOS"
Delete the default files in `/etc/nginx/sites-enabled/` and `/etc/nginx/sites-available`:

Switch SELinux into permissive mode and perpetuate the setting:
````bash
rm /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-available/default
````

``` bash
sudo setenforce permissive
sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config
```
Create a symbolic link:

Create a configuration file for seafile in `/etc/nginx/conf.d`:

```bash
touch /etc/nginx/conf.d/seafile.conf
```
````bash
ln -s /etc/nginx/sites-available/seafile.conf /etc/nginx/sites-enabled/seafile.conf
````

### Configuring Nginx

Copy the following sample Nginx config file into the just created `seafile.conf` and modify the content to fit your needs:
Copy the following sample Nginx config file into the just created `seafile.conf` (i.e., `nano /etc/nginx/sites-available/seafile.conf`) and modify the content to fit your needs:

```nginx
log_format seafileformat '$http_x_forwarded_for $remote_addr [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $upstream_response_time';
Expand Down Expand Up @@ -176,7 +152,7 @@ Upon successful verification, Certbot saves the certificate files in a directory
### Modifying Nginx configuration file

!!! tip
Normally, your nginx configuration can be automatically managed by a certificate manager (e.g., CertBot) after you install the certificate. If you find that your nginx is already listening on port 443 through the certificate manager after installing the certificate, you can skip this step.
Normally, your nginx configuration can be automatically managed by a certificate manager (e.g., ***CertBot***) after you install the certificate. If you find that your nginx is already listening on port 443 through the certificate manager after installing the certificate, you can skip this step.

Add an server block for port 443 and a http-to-https redirect to the `seafile.conf` configuration file in `/etc/nginx`.

Expand Down Expand Up @@ -242,24 +218,31 @@ If you have WebDAV enabled it is recommended to add the same:
}
```

### Modify .env

Modify the following field to `https`

```sh
SEAFILE_SERVER_PROTOCOL=https
```

### Modifying seahub_settings.py

The `SERVICE_URL` in [seahub_settings.py](../config/seahub_settings_py.md) informs Seafile about the chosen domain, protocol and port. Change the `SERVICE_URL`so as to account for the switch from HTTP to HTTPS and to correspond to your host name (the `http://` must not be removed):
!!! tip "More convenient"
The `SERVICE_URL` and `FILE_SERVER_ROOT` can also be modified in Seahub via **System Admininstration** > **Settings**. If they are configured via System Admin and in seahub_settings.py, the value in System Admin will take precedence.

- The `SERVICE_URL` in [seahub_settings.py](../config/seahub_settings_py.md) informs Seafile about the chosen domain, protocol and port. Change the `SERVICE_URL`so as to account for the switch from HTTP to HTTPS and to correspond to your host name (the `http://` must not be removed):

```python
SERVICE_URL = 'https://seafile.example.com'
```

The `FILE_SERVER_ROOT` in [seahub_settings.py](../config/seahub_settings_py.md) informs Seafile about the location of and the protocol used by the file server. Change the `FILE_SERVER_ROOT` so as to account for the switch from HTTP to HTTPS and to correspond to your host name (the trailing `/seafhttp` must not be removed):
```python
SERVICE_URL = 'https://seafile.example.com'
```

```python
FILE_SERVER_ROOT = 'https://seafile.example.com/seafhttp'
```
- The `FILE_SERVER_ROOT` in [seahub_settings.py](../config/seahub_settings_py.md) informs Seafile about the location of and the protocol used by the file server. Change the `FILE_SERVER_ROOT` so as to account for the switch from HTTP to HTTPS and to correspond to your host name (the trailing `/seafhttp` must not be removed):

!!! tip "More convenient"
The `SERVICE_URL` and `FILE_SERVER_ROOT` can also be modified in Seahub via **System Admininstration** > **Settings**. If they are configured via System Admin and in seahub_settings.py, the value in System Admin will take precedence.
```python
FILE_SERVER_ROOT = 'https://seafile.example.com/seafhttp'
```

### Modifying seafile.conf (optional)

Expand Down
Loading

0 comments on commit a0b7f78

Please sign in to comment.