seafile安装教程mysql密码_阿里云服务器上搭建seafile专业版

因为官方一键安装教程在阿里云服务器上无法安装，由于水平有限，无法解决，所以选择手动安装

参考资料：

先将防火墙关闭

systemctl stop firewalld.service #停止firewall

一.部署环境

云服务器：阿里云 1vCPU 1GB ecs.xn4.small 100Mbps centos 7.4 64位

环境安装：

yum update

yum install -y tree vim

部署mysql5.7

下载mysql源安装包

wget http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm安装mysql源

yum localinstall -y mysql57-community-release-el7-8.noarch.rpm检查mysql源是否安装成功

yum repolist enabled | grep "mysql.*-community.*"安装mysql

yum install -y mysql-community-server启动mysql服务

systemctl start mysqld设置开机启动

systemctl enable mysqld

systemctl daemon-reload修改root本地登录密码

#查看root默认密码

grep 'temporary password' /var/log/mysqld.log#修改root密码

mysql -uroot -p

set password for 'root'@'localhost'=password('密码');注意：mysql5.7默认安装了密码安全检查插件(validate_password)，默认密码检查策略要求密码必须包含：大小写字母、数字和特殊符号，并且长度不能少于8位。否则会提示ERROR 1819 (HY000): Your password does not satisfy the current policy requirements错误。

重新启动mysql服务使配置生效：

systemctl restart mysqld打开远程登录和配置默认编码utf8

mysql>grant all privileges on *.* to 'root'@'%' identified by '密码' with grant option;

mysql>FLUSH PRIVILEGES;修改/etc/my.cnf配置文件，在[mysqld]下添加编码配置，如下所示：

[mysqld]

character_set_server=utf8

init_connect='SET NAMES utf8'

3.部署nginx 1.12.2

yum install -y openssl-devel pcre-devel epel-release

yum install -y nginx

启动nginx

systemctl start nginx

4.部署python关联包

按照seafile官方手册安装如下：1

2

3

4

5

6# yum -y install epel-release

# rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro

# yum -y install python-imaging MySQL-python python-memcached python-ldap python-urllib3 ffmpeg ffmpeg-devel

# pip install pillow moviepy #这步提示错误，没有pip，然后

# yum -y install python-pip 和 # pip install --upgrade pip 仍然报错，然后

# pip install setuptools==33.1.1 后再安装pillow成功。

5.部署jre

yum install jre

二.部署seafile

1.目录设计，将seafile专业版安装包下载到/opt目录下1

2

3

4

5mkdir -p /opt/seafile/installed

mv /opt/seafile-pro-server_* /opt/seafile

cd /opt/seafile

tar -xzf seafile-pro-server_*

mv seafile-pro-server_* installed

2.部署seafilecd seafile-pro-server-*

./setup-seafile-mysql.sh #运行安装脚本并回答预设问题参数

作用

说明

seafile server name

seafile 服务器的名字，目前该配置已经不再使用

3 ~ 15 个字符，可以用英文字母，数字，下划线

seafile server ip or domain

seafile 服务器的 IP 地址或者域名

客户端将通过这个 IP 或者地址来访问你的 Seafile 服务

seafile data dir

seafile 数据存放的目录，用上面的例子，默认将是/data/haiwen/seafile-data

seafile 数据将随着使用而逐渐增加，请把它放在一个有足够大空闲空间的分区上

seafile fileserver port

seafile fileserver 使用的 TCP 端口

该端口用于文件同步，请使用默认的 8082，不能更改。

在这里, 你会被要求选择一种创建 Seafile 数据库的方式:

-------------------------------------------------------

Please choose a way to initialize seafile databases:

-------------------------------------------------------

[1] Create new ccnet/seafile/seahub databases

[2] Use existing ccnet/seafile/seahub databases如果选择1, 你需要提供根密码. 脚本程序会创建数据库和用户。

如果选择2, ccnet/seafile/seahub 数据库应该已经被你(或者其他人)提前创建。

3.配置 Seafile和Seahub服务

Next, go to the systemd directory and create a seafile.service file with vim:

cd /etc/systemd/system/

vim seafile.service

Paste seafile service configuration below:1

2

3

4

5

6

7

8

9

10

11

12

13

14

15[Unit]

Description=Seafile Server

Before=seahub.service

After=network.target mariadb.service

[Service]

Type=oneshot

ExecStart=/opt/seafile/seafile-server-latest/seafile.sh start

ExecStop=/opt/seafile/seafile-server-latest/seafile.sh stop

RemainAfterExit=yes

User=root

Group=root

[Install]

WantedBy=multi-user.target

Now create new seahub.service file.

vim seahub.service

And paste configuration below.1

2

3

4

5

6

7

8

9

10

11

12

13

14[Unit]

Description=Seafile Hub

After=network.target seafile.target mariadb.service

[Service]

Type=oneshot

ExecStart=/opt/seafile/seafile-server-latest/seahub.sh start

ExecStop=/opt/seafile/seafile-server-latest/seahub.sh stop

RemainAfterExit=yes

User=root

Group=root

[Install]

WantedBy=multi-user.target

Reload the systemd service and start seafile and seahub with systemctl.

systemctl daemon-reload

systemctl start seafile

systemctl start seahub

Make sure there is no error and check that the seafile and seahub service is running on port 8082 and 8000.

netstat -plntu

Start seafile and Seahub service

4.创建ssl证书

Create the ssl directory.

mkdir -p /etc/nginx/ssl

cd /etc/nginx/ssl

Generate self signed certificate files and a dhparam file with command below:

openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048

openssl req -new -x509 -sha256 -days 365 -newkey rsa:2048 -nodes -keyout server.key -out server.crt

ps:如果没有证书，可以使用上面的命令根据步骤生成一个

5.Nginx下配置Seahub

In this step, we will configure Nginx as a reverse proxy for the seafile-server on port 8000 and 8002.

Go to the nginx configuration directory and create a new virtual host file for seafile.

cd /etc/nginx/

备份原有的配置nginx.conf为nginx.conf.backup

mv nginx.conf nginx.conf.backup

vim nginx.conf

编辑nginx.conf内容1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42user nginx nginx;

worker_processes 4;

events {

worker_connections 8096;

multi_accept on;

use epoll;

}

pid /var/run/nginx.pid;

worker_rlimit_nofile 40000;

http {

server_names_hash_bucket_size 128;

client_max_body_size 50M;

include /etc/nginx/mime.types;

default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

error_log /var/log/nginx/error.log warn;

sendfile on;

tcp_nopush on;

tcp_nodelay on;

client_body_timeout 12;

client_header_timeout 12;

keepalive_timeout 15;

send_timeout 10;

# Fully disabled gzip compression to mitigate Django BREACH attack: https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/

gzip off;

#gzip_vary on;

#gzip_proxied expired no-cache no-store private auth any;

#gzip_comp_level 9;

#gzip_min_length 10240;

#gzip_buffers 16 8k;

#gzip_http_version 1.1;

#gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript application/xml font/woff2;

#gzip_disable "MSIE [1-6].";

include /etc/nginx/conf.d/*.conf;

}

vim conf.d/seafile.conf

Paste virtual host configuration below:1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83server {

listen 80;

server_name fz419.cn;

rewrite ^ https://$http_host$request_uri? permanent; #强制将http重定向到https

server_tokens off;

}

server {

listen 443;

ssl on;

ssl_certificate /etc/nginx/ssl/@fz419.cn.pem;

ssl_certificate_key /etc/nginx/ssl/@fz419.cn.key;

server_name fz419.cn;

ssl_session_timeout 5m;

ssl_session_cache shared:SSL:5m;

# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits

ssl_dhparam /etc/nginx/ssl/dhparam.pem;

# secure settings (A+ at SSL Labs ssltest at time of writing)

# see https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS';

ssl_prefer_server_ciphers on;

proxy_set_header X-Forwarded-For $remote_addr;

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

server_tokens off;

location / {

proxy_pass http://127.0.0.1:8000;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Host $server_name;

proxy_set_header X-Forwarded-Proto https;

access_log /var/log/nginx/seahub.access.log;

error_log /var/log/nginx/seahub.error.log;

proxy_read_timeout 1200s;

client_max_body_size 0;

}

# 如果你使用 fastcgi 请使用此配置

#

# location / {

# fastcgi_pass 127.0.0.1:8000;

# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

# fastcgi_param PATH_INFO $fastcgi_script_name;

#

# fastcgi_param SERVER_PROTOCOL $server_protocol;

# fastcgi_param QUERY_STRING $query_string;

# fastcgi_param REQUEST_METHOD $request_method;

# fastcgi_param CONTENT_TYPE $content_type;

# fastcgi_param CONTENT_LENGTH $content_length;

# fastcgi_param SERVER_ADDR $server_addr;

# fastcgi_param SERVER_PORT $server_port;

# fastcgi_param SERVER_NAME $server_name;

# fastcgi_param REMOTE_ADDR $remote_addr;

# fastcgi_read_timeout 36000;

#

# client_max_body_size 0;

#

# access_log /var/log/nginx/seahub.access.log;

# error_log /var/log/nginx/seahub.error.log;

# }

location /seafhttp {

rewrite ^/seafhttp(.*)$ $1 break;

proxy_pass http://127.0.0.1:8082;

client_max_body_size 0;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_connect_timeout 36000s;

proxy_read_timeout 36000s;

proxy_send_timeout 36000s;

send_timeout 36000s;

}

location /media {

root /opt/seafile/seafile-server-latest/seahub;

}

}

Save and exit.

I will use use ‘cloud.natsume.co’ as the domain name. Please replace that with your own domain name in the config above.

Now test the Nginx configuration and make sure that there are no errors.

nginx -t

Start Nginx with the systemctl command:

systemctl start nginx

Make sure port 80 and 443 are available in the list that netstat provides:

netstat -plntu

Check that Nginx is listening on the port 80

Next, we have to add the domain name to the seafile configuration. Go to the seafile directory and edit the configuration file.

cd /opt/seafile/

vim conf/ccnet.conf

Change the service URL to your domain name.

SERVICE_URL = https://fz419.cn

Save and exit.

Edit the seahub configuration file.

vim conf/seahub_settings.py

On the second line, add configuration below:

HTTP_SERVER_ROOT = 'https://fz419.cn/seafhttp'

Replace the domain name with your domain here again. Save and exit.

Restart seafile and add all services to start at boot time:

systemctl restart seafile

systemctl restart seahub

systemctl enable nginx

systemctl enable mysqld

systemctl enable seafile

systemctl enable seahub

6.配置防火墙Start firewalld.

systemctl start firewalld

systemctl enable firewalldAdd HTTP and HTTPS port to the firewall configuration with the firewall-cmd command below:

firewall-cmd --zone=public --add-port=80/tcp --permanent

firewall-cmd --zone=public --add-port=443/tcp --permanentReload the firewall configuration and check the port list.

firewall-cmd --reload

firewall-cmd --list-all打开TCP的80和443端口即可。

三.配置office在线预览功能

1.安装 Libreoffice/UNO

sudo yum install libreoffice libreoffice-headless libreoffice-pyuno poppler-utils

2.安装字体

sudo yum install wqy-microhei-fonts wqy-zenhei-fonts wqy-unibit-fonts -y

3.开启配置项

打开 conf/seafevents.conf, 添加:

[OFFICE CONVERTER]

enabled = true

保存后 seafevents.conf 重启 Seafile 服务

./seafile.sh restart