platu/seafile-on-lxd.md

## seafile-on-lxd.md

      
        

                Raw

        
        
          
            
          
          
            
              seafile-on-lxd.md
            
          
        
      
      
    Seafile + sqlite instance on LXD lab
This lab assumes that we have a running LXD setup based on this gist : UNprivileged lxd containers on top of Open vSwitch
Let's start with a container named seafile.
$ lxc ls
+---------+---------+-------------------+-----------------------------------+------------+-----------+
|  NAME   |  STATE  |       IPV4        |               IPV6                |    TYPE    | SNAPSHOTS |
+---------+---------+-------------------+-----------------------------------+------------+-----------+
| seafile | RUNNING | 192.0.2.78 (eth0) | fdc0:2::216:3eff:fef5:eccf (eth0) | PERSISTENT | 0         |
+---------+---------+-------------------+-----------------------------------+------------+-----------+

Seafile server with sqlite installation instructions are there : Deploying Seafile with SQLite
Seafile server install
First, we open a session within the seafile container.
$ lxc exec seafile -- /bin/bash
root@seafile:~# apt install wget

Start by downloading the server tarball, and then extract in /var/lib directory for instance.
wget -q https://download.seadrive.org/seafile-server_7.0.5_x86-64.tar.gz
mkdir /var/lib/seafile
cd /var/lib/seafile
tar xf ~/seafile-server_7.0.5_x86-64.tar.gz
ln -s seafile-server-7.0.5 seafile-server
mkdir installed
mv ~/seafile-server_7.0.5_x86-64.tar.gz installed

Now we have the following tree layout which is almost identical to the one proposed in the official documentation.
root@seafile:/var/lib/seafile# tree . -L 2
.
├── installed
│   └── seafile-server_7.0.5_x86-64.tar.gz
├── seafile-server -> seafile-server-7.0.5
└── seafile-server-7.0.5
    ├── check_init_admin.py
    ├── reset-admin.sh
    ├── runtime
    ├── seaf-fsck.sh
    ├── seaf-fuse.sh
    ├── seaf-gc.sh
    ├── seafile
    ├── seafile.sh
    ├── seahub
    ├── seahub.sh
    ├── setup-seafile-mysql.py
    ├── setup-seafile-mysql.sh
    ├── setup-seafile.sh
    ├── sql
    └── upgrade

Install package dependencies
According to the official documentation
apt install python2.7 libpython2.7 python-setuptools python-ldap python-urllib3 sqlite3 python-requests

Server initial setup
We run the setup script provided by the server tarball.
cd seafile-server
./setup-seafile.sh
-----------------------------------------------------------------
This script will guide you to config and setup your seafile server.

Make sure you have read seafile server manual at

	https://github.com/haiwen/seafile/wiki

Note: This script will guide your to setup seafile server using sqlite3,
which may have problems if your disk is on a NFS/CIFS/USB.
In these cases, we suggest you setup seafile server using MySQL.

Press [ENTER] to continue
-----------------------------------------------------------------

After having answered the few questions we get the following setup.
This is your config information:

server name:        localCloud-SF
server ip/domain:   seafile.localcloud
seafile data dir:   /var/lib/seafile/seafile-data
fileserver port:    8082

Manually starting services
First, we start seafile service.
# ./seafile.sh start

[11/04/19 14:31:07] ../common/session.c(132): using config file /var/lib/seafile/conf/ccnet.conf
Starting seafile server, please wait ...
** Message: seafile-controller.c(718): No seafevents.

Seafile server started

Done.

Then, we start the seahub service and we are asked to define the admin account authentication parameters.
# ./seahub.sh start

LC_ALL is not set in ENV, set to en_US.UTF-8
Starting seahub at port 8000 ...

----------------------------------------
It's the first time you start the seafile server. Now let's create the admin account
----------------------------------------

What is the email for the admin account?
[ admin email ] etu@seafile.localcloud

What is the password for the admin account?
[ admin password ]

Enter the password again:
[ admin password again ]

----------------------------------------
Successfully created seafile admin
----------------------------------------

Seahub is started

Done.

Hmm, while checking open ports we find that the seahub service is not properly configured in our container context. The service is waiting for connection on the loopback interface address only.
ss -atn
State          Recv-Q          Send-Q              Local Address:Port         Peer Address:Port
LISTEN         0               128                     127.0.0.1:8000              0.0.0.0:*

So, we have to stop the service and edit the gunicorn.conf file in order to make it listen on any IP address. Here is a copy of the /var/lib/seafile/conf/gunicorn.conf file.
import os

daemon = True
workers = 5

# default localhost:8000
bind = "[::]:8000"

# Pid
pids_dir = '/var/lib/seafile/pids'
pidfile = os.path.join(pids_dir, 'seahub.pid')

# for file upload, we need a longer timeout value (default is only 30s, too short)
timeout = 1200

limit_request_line = 8190

After a new start of the service we get the following list of network listening processes.
ss -atn
State        Recv-Q         Send-Q       Local Address:Port          Peer Address:Port
LISTEN       0              128                0.0.0.0:5355               0.0.0.0:*
LISTEN       0              128                0.0.0.0:8082               0.0.0.0:*
LISTEN       0              128          127.0.0.53%lo:53                 0.0.0.0:*
LISTEN       0              128                      *:8000                     *:*
LISTEN       0              128                   [::]:5355                  [::]:*

Check web access within the container
wget -O /dev/null http://localhost:8000
--2019-11-04 15:01:45--  http://localhost:8000/
Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:8000... connected.
HTTP request sent, awaiting response... 302 Found
Location: /accounts/login/?next=/ [following]
--2019-11-04 15:01:45--  http://localhost:8000/accounts/login/?next=/
Connecting to localhost (localhost)|::1|:8000... connected.
HTTP request sent, awaiting response... 200 OK
Length: 12260 (12K) [text/html]
Saving to: ‘/dev/null’

/dev/null                                  100%[========================================================================================>]  11.97K  --.-KB/s    in 0s

2019-11-04 15:01:45 (285 MB/s) - ‘/dev/null’ saved [12260/12260]

After getting the 200 HTTP code, we know that the service is functionnal.
Host proxy to the seafile service
In our container context, only the host system is accessible from the Internet. In order make our new seafile service visible, we have to setup a proxy on the host.
We choose to use apache and the official documentation available here : Config Seahub with Apache.
Following the preparation section, we run the following commands.
sudo apt install apache2
sudo a2enmod rewrite
sudo a2enmod proxy_http
sudo systemctl restart apache2

Then we edit the default site definition file : /etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
	#ServerName www.example.com

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	#
	# seafile fileserver
	#
	ProxyPass /seafhttp http://seafile.localcloud:8082
	ProxyPassReverse /seafhttp http://seafile.localcloud:8082
	RewriteRule ^/seafhttp - [QSA,L]
	#
	# seahub
	#
	SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
	ProxyPreserveHost On
	ProxyPass / http://seafile.localcloud:8000/
	ProxyPassReverse / http://seafile.localcloud:8000/
</VirtualHost>

After reloading the apache2 service, we can check the seafile website availability through a brower.
As a proof sample, here is an excerpt of the apache2 access log file : /var/log/apache2/access.log
2001:678:3fc:d6::5 - - [04/Nov/2019:16:27:35 +0100] "GET /accounts/login/?next=/ HTTP/1.1" 200 4399 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36"