阿里雲服務器上搭建seafile專業版

本文轉載自查看原文 2020-02-18 18:47 461

因為官方一鍵安裝教程在阿里雲服務器上無法安裝，由於水平有限，無法解決，所以選擇手動安裝

參考資料：

1,、騰訊雲搭建seafile服務器

2、How to Install Seafile with Nginx on CentOS 7

先將防火牆關閉

systemctl stop firewalld.service #停止firewall

一.部署環境

雲服務器：阿里雲 1vCPU 1GB ecs.xn4.small 100Mbps centos 7.4 64位

環境安裝：

yum update
yum install -y tree vim

部署mysql5.7

下載mysql源安裝包

wget http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm

安裝mysql源

yum localinstall -y mysql57-community-release-el7-8.noarch.rpm

檢查mysql源是否安裝成功

yum repolist enabled | grep "mysql.*-community.*"

安裝mysql

yum install -y mysql-community-server

啟動mysql服務

systemctl start mysqld

設置開機啟動

systemctl enable mysqld
systemctl daemon-reload

修改root本地登錄密碼

#查看root默認密碼

grep 'temporary password' /var/log/mysqld.log

#修改root密碼

mysql -uroot -p
set password for 'root'@'localhost'=password('密碼');

注意：mysql5.7默認安裝了密碼安全檢查插件（validate_password），默認密碼檢查策略要求密碼必須包含：大小寫字母、數字和特殊符號，並且長度不能少於8位。否則會提示ERROR 1819 (HY000): Your password does not satisfy the current policy requirements錯誤。

重新啟動mysql服務使配置生效：

systemctl restart mysqld

打開遠程登錄和配置默認編碼utf8

mysql>grant all privileges on *.* to 'root'@'%' identified by '密碼' with grant option;
mysql>FLUSH PRIVILEGES;

修改/etc/my.cnf配置文件，在[mysqld]下添加編碼配置，如下所示：

[mysqld]
character_set_server=utf8
init_connect='SET NAMES utf8'

3.部署nginx 1.12.2

yum install -y openssl-devel pcre-devel epel-release
yum install -y nginx

啟動nginx

systemctl start nginx

4.部署python關聯包

按照seafile官方手冊安裝如下：

# yum -y install epel-release
# rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
# yum -y install python-imaging MySQL-python python-memcached python-ldap python-urllib3 ffmpeg ffmpeg-devel
# pip install pillow moviepy  #這步提示錯誤，沒有pip，然后
# yum -y install python-pip 和 # pip install --upgrade pip  仍然報錯，然后
# pip install setuptools==33.1.1 后再安裝pillow成功。

5.部署jre

yum install jre

二.部署seafile

1.目錄設計，將seafile專業版安裝包下載到/opt目錄下

mkdir -p /opt/seafile/installed
mv /opt/seafile-pro-server_* /opt/seafile
cd /opt/seafile
tar -xzf seafile-pro-server_*
mv seafile-pro-server_* installed

2.部署seafile

cd seafile-pro-server-*
./setup-seafile-mysql.sh  #運行安裝腳本並回答預設問題

參數	作用	說明
seafile server name	seafile 服務器的名字，目前該配置已經不再使用	3 ~ 15 個字符，可以用英文字母，數字，下划線
seafile server ip or domain	seafile 服務器的 IP 地址或者域名	客戶端將通過這個 IP 或者地址來訪問你的 Seafile 服務
seafile data dir	seafile 數據存放的目錄，用上面的例子，默認將是/data/haiwen/seafile-data	seafile 數據將隨着使用而逐漸增加，請把它放在一個有足夠大空閑空間的分區上
seafile fileserver port	seafile fileserver 使用的 TCP 端口	該端口用於文件同步，請使用默認的 8082，不能更改。

在這里, 你會被要求選擇一種創建 Seafile 數據庫的方式:

-------------------------------------------------------
Please choose a way to initialize seafile databases:
-------------------------------------------------------

[1] Create new ccnet/seafile/seahub databases
[2] Use existing ccnet/seafile/seahub databases

如果選擇1, 你需要提供根密碼. 腳本程序會創建數據庫和用戶。
如果選擇2, ccnet/seafile/seahub 數據庫應該已經被你（或者其他人）提前創建。

3.配置 Seafile和Seahub服務

Next, go to the systemd directory and create a seafile.service file with vim:

cd /etc/systemd/system/
vim seafile.service

Paste seafile service configuration below:

[Unit]
Description=Seafile Server
Before=seahub.service
After=network.target mariadb.service

[Service]
Type=oneshot
ExecStart=/opt/seafile/seafile-server-latest/seafile.sh start
ExecStop=/opt/seafile/seafile-server-latest/seafile.sh stop
RemainAfterExit=yes
User=root
Group=root

[Install]
WantedBy=multi-user.target

Now create new seahub.service file.

vim seahub.service

And paste configuration below.

[Unit]
Description=Seafile Hub
After=network.target seafile.target mariadb.service

[Service]
Type=oneshot
ExecStart=/opt/seafile/seafile-server-latest/seahub.sh start
ExecStop=/opt/seafile/seafile-server-latest/seahub.sh stop
RemainAfterExit=yes
User=root
Group=root

[Install]
WantedBy=multi-user.target

Reload the systemd service and start seafile and seahub with systemctl.

systemctl daemon-reload
systemctl start seafile
systemctl start seahub

Make sure there is no error and check that the seafile and seahub service is running on port 8082 and 8000.

netstat -plntu

Start seafile and Seahub service

4.創建ssl證書

Create the ssl directory.

mkdir -p /etc/nginx/ssl
cd /etc/nginx/ssl

Generate self signed certificate files and a dhparam file with command below:

openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
openssl req -new -x509 -sha256 -days 365 -newkey rsa:2048 -nodes -keyout server.key -out server.crt
ps:如果沒有證書，可以使用上面的命令根據步驟生成一個

5.Nginx下配置Seahub

In this step, we will configure Nginx as a reverse proxy for the seafile-server on port 8000 and 8002.

Go to the nginx configuration directory and create a new virtual host file for seafile.

cd /etc/nginx/

備份原有的配置nginx.conf為nginx.conf.backup

mv nginx.conf nginx.conf.backup
vim nginx.conf

編輯nginx.conf內容

user nginx nginx;
worker_processes 4;

events {
  worker_connections 8096;
  multi_accept on;
  use epoll;
}

pid /var/run/nginx.pid;
worker_rlimit_nofile 40000;

http {
  server_tok 大專欄  阿里雲服務器上搭建seafile專業版ens off;
  server_names_hash_bucket_size 128;
  client_max_body_size 50M;
  include /etc/nginx/mime.types;
  default_type application/octet-stream;
  log_format main '$remote_addr - $remote_user [$time_local] "$request" '
  '$status $body_bytes_sent "$http_referer" '
  '"$http_user_agent" "$http_x_forwarded_for"';
  access_log /var/log/nginx/access.log main;
  error_log /var/log/nginx/error.log warn;
  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  client_body_timeout 12;
  client_header_timeout 12;
  keepalive_timeout 15;
  send_timeout 10;
  # Fully disabled gzip compression to mitigate Django BREACH attack: https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/
  gzip off;
  #gzip_vary on;
  #gzip_proxied expired no-cache no-store private auth any;
  #gzip_comp_level 9;
  #gzip_min_length 10240;
  #gzip_buffers 16 8k;
  #gzip_http_version 1.1;
  #gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript application/xml font/woff2;
  #gzip_disable "MSIE [1-6].";
  include /etc/nginx/conf.d/*.conf;
}

vim conf.d/seafile.conf

Paste virtual host configuration below:

server {
    listen       80;
    server_name  fz419.cn;
    rewrite ^ https://$http_host$request_uri? permanent;    #強制將http重定向到https
    server_tokens off;
}
server {
    listen 443;
    ssl on;
    ssl_certificate 	/etc/nginx/ssl/@fz419.cn.pem;  
    ssl_certificate_key /etc/nginx/ssl/@fz419.cn.key;
    server_name fz419.cn;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:5m;

    # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
    ssl_dhparam /etc/nginx/ssl/dhparam.pem;

    # secure settings (A+ at SSL Labs ssltest at time of writing)
    # see https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS';
    ssl_prefer_server_ciphers on;

    proxy_set_header X-Forwarded-For $remote_addr;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
    server_tokens off;

    location / {
        proxy_pass         http://127.0.0.1:8000;
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_set_header   X-Forwarded-Proto https;

        access_log      /var/log/nginx/seahub.access.log;
        error_log       /var/log/nginx/seahub.error.log;

        proxy_read_timeout  1200s;

        client_max_body_size 0;
    }

# 如果你使用 fastcgi 請使用此配置
#
#    location / {
#        fastcgi_pass    127.0.0.1:8000;
#        fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
#        fastcgi_param   PATH_INFO           $fastcgi_script_name;
#
#        fastcgi_param   SERVER_PROTOCOL     $server_protocol;
#        fastcgi_param   QUERY_STRING        $query_string;
#        fastcgi_param   REQUEST_METHOD      $request_method;
#        fastcgi_param   CONTENT_TYPE        $content_type;
#        fastcgi_param   CONTENT_LENGTH      $content_length;
#        fastcgi_param   SERVER_ADDR         $server_addr;
#        fastcgi_param   SERVER_PORT         $server_port;
#        fastcgi_param   SERVER_NAME         $server_name;
#        fastcgi_param   REMOTE_ADDR         $remote_addr;
#        fastcgi_read_timeout 36000;
#
#        client_max_body_size 0;
#
#        access_log      /var/log/nginx/seahub.access.log;
#        error_log       /var/log/nginx/seahub.error.log;
#    }

    location /seafhttp {
        rewrite ^/seafhttp(.*)$ $1 break;
        proxy_pass http://127.0.0.1:8082;
        client_max_body_size 0;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_connect_timeout  36000s;
        proxy_read_timeout  36000s;
        proxy_send_timeout  36000s;
        send_timeout  36000s;
    }
    location /media {
        root /opt/seafile/seafile-server-latest/seahub;
    }
}

Save and exit.

I will use use ‘cloud.natsume.co’ as the domain name. Please replace that with your own domain name in the config above.

Now test the Nginx configuration and make sure that there are no errors.

nginx -t

Start Nginx with the systemctl command:

systemctl start nginx

Make sure port 80 and 443 are available in the list that netstat provides:

netstat -plntu

Check that Nginx is listening on the port 80

Next, we have to add the domain name to the seafile configuration. Go to the seafile directory and edit the configuration file.

cd /opt/seafile/
vim conf/ccnet.conf

Change the service URL to your domain name.

SERVICE_URL = https://fz419.cn

Save and exit.

Edit the seahub configuration file.

vim conf/seahub_settings.py

On the second line, add configuration below:

HTTP_SERVER_ROOT = 'https://fz419.cn/seafhttp'

Replace the domain name with your domain here again. Save and exit.

Restart seafile and add all services to start at boot time:

systemctl restart seafile
systemctl restart seahub

systemctl enable nginx
systemctl enable mysqld
systemctl enable seafile
systemctl enable seahub

6.配置防火牆

Start firewalld.

systemctl start firewalld
systemctl enable firewalld

Add HTTP and HTTPS port to the firewall configuration with the firewall-cmd command below:

firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent

Reload the firewall configuration and check the port list.

firewall-cmd --reload
firewall-cmd --list-all

打開TCP的80和443端口即可。

三.配置office在線預覽功能

1.安裝 Libreoffice/UNO

sudo yum install libreoffice libreoffice-headless libreoffice-pyuno poppler-utils

2.安裝字體

sudo yum install wqy-microhei-fonts wqy-zenhei-fonts wqy-unibit-fonts -y

3.開啟配置項

打開 conf/seafevents.conf, 添加:
[OFFICE CONVERTER]

enabled = true

保存后 seafevents.conf 重啟 Seafile 服務

./seafile.sh restart

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 阿里雲服務器搭建Docker版AWVS 使用Docker安裝Seafile雲盤專業版，並配置域名及SSL證書使用docker搭建seafile服務器阿里雲搭建簡單服務器阿里雲搭建git服務器 windows10 專業版的遠程服務器管理工具下載阿里雲服務器搭建SVN 阿里雲ECS服務器的搭建阿里雲搭建SVN服務器阿里雲搭建Git服務器