Seafile For CentOS nginx服务端部署,并启用ssl

seafile  

一、环境

二、部署说明

  • 下载
wget http://download-cn.seafile.com/seafile-server_6.0.7_x86-64.tar.gz  
  • 部署和目录设计
useradd -d /data/leoiceo leoiceo  
su - leoiceo  
mkdir seafile/installed  
tar zxf seafile-server_6.0.7_x86-64.tar.g -C ~/seafile/installed  
  • 使用easy_install和 pip 安装模块
yum install python-setuptools mysql-devel zlib-devel gcc python-devel gcc libffi-devel python-devel openssl-devel readline-devel patch  
easy_install pip  
pip install MySQL-python PIL  
pip install http://effbot.org/downloads/Imaging-1.1.6.tar.gz  
  • 如果出现 exceptions.IOError: decoder jpeg not available
find / -name "libjpeg.so"  
find / -name "libz.so"  
cp /usr/lib64/libjpeg.so /usr/lib64/libz.so /usr/local/lib  
  • 再次检查:
cd Imaging-1.1.7 && python setup.py build_ext -i  
running build_ext  
--------------------------------------------------------------------
PIL 1.1.7 SETUP SUMMARY  
--------------------------------------------------------------------
version       1.1.7  
platform      linux2 2.7.13 (default, Dec 23 2016, 16:02:15)  
              [GCC 4.4.7 20120313 (Red Hat 4.4.7-17)]
--------------------------------------------------------------------
*** TKINTER support not available
--- JPEG support available
--- ZLIB (PNG/ZIP) support available
--- FREETYPE2 support available
*** LITTLECMS support not available
--------------------------------------------------------------------
To add a missing option, make sure you have the required  
library, and set the corresponding ROOT variable in the  
setup.py script.

To check the build, run the selftest.py script.  
  • 开始安装seafile,运行安装脚本并回答预设问题
cd seafile-server-*  
./setup-seafile-mysql.sh  
参数 作用 说明

seafile server name

+

seafile 服务器的名字,目前该配置已经不再使用

+

3 ~ 15 个字符,可以用英文字母,数字,下划线

+

seafile server ip or domain

+

seafile 服务器的 IP 地址或者域名

+

客户端将通过这个 IP 或者地址来访问你的 Seafile 服务

+

seafile data dir

+

seafile 数据存放的目录,用上面的例子,默认将是 /data/haiwen/seafile-data

+

seafile 数据将随着使用而逐渐增加,请把它放在一个有足够大空闲空间的分区上

+

seafile fileserver port

+

seafile fileserver 使用的 TCP 端口

+

该端口用于文件同步,请使用默认的 8082,不能更改。

+

三、启动 Seafile 服务器

  • 启动 Seafile
./seafile.sh start
注: 第一次启动会提示创建管理员用户和密码
  • 启动 Seahub
./seahub.sh start 

四、配置nginx SSL访问

  • 申请域名证书
  • 配置nginx
server  
{
 listen       80;
 server_name  pan.imdst.com;
 rewrite ^ https://$http_host$request_uri? permanent;
}
server  
{
 listen       443;
 ssl on;
 ssl_certificate ssl/pan.imdst.com.crt;
 ssl_certificate_key ssl/pan.imdst.com.key;
 server_name pan.imdst.com;
 proxy_set_header X-Forwarded-For $remote_addr;

location / {  
        fastcgi_pass    127.0.0.1:8000;
        fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
        fastcgi_param   PATH_INFO           $fastcgi_script_name;

        fastcgi_param    SERVER_PROTOCOL        $server_protocol;
        fastcgi_param   QUERY_STRING        $query_string;
        fastcgi_param   REQUEST_METHOD      $request_method;
        fastcgi_param   CONTENT_TYPE        $content_type;
        fastcgi_param   CONTENT_LENGTH      $content_length;
        fastcgi_param    SERVER_ADDR         $server_addr;
        fastcgi_param    SERVER_PORT         $server_port;
        fastcgi_param    SERVER_NAME         $server_name;
        fastcgi_param   REMOTE_ADDR         $remote_addr;
    fastcgi_param   HTTPS               on;
        fastcgi_param   HTTP_SCHEME         https;
        access_log      /data/logs/seahub.access.log;
        error_log       /data/logs/seahub.error.log;
   }

    location /seafhttp {
        rewrite ^/seafhttp(.*)$ $1 break;
        proxy_pass http://127.0.0.1:8082;
        client_max_body_size 0;
        proxy_connect_timeout  36000s;
        proxy_read_timeout  36000s;
    }

    location /media {
        root /data/leoiceo/leoiceo/seafile-server-latest/seahub;
    }
}
  • 启动nginx
    service nginx start
  • 修改 ccnet.conf
SERVICE_URL = https://pan.imdst.com  
  • 修改 seahub_settings.py (增加一行,这是一个 python 文件,注意引号)
FILE_SERVER_ROOT = 'https://pan.imdst.com/seafhttp'`  
  • 重新启动seafile
./seafile.sh restart
./seahub.sh stop
./seahub.sh start-fastcgi