From 10cb24b7e5a032830feefdeafd0cb461f0f9faee Mon Sep 17 00:00:00 2001 From: Alvis Date: Sun, 8 Mar 2026 15:11:08 +0000 Subject: [PATCH] Add Seafile service and update Caddyfile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - seafile/: docker compose setup (seafile-mc 13, mariadb, redis, seadoc, caddy-proxy) - Expose seafile on 127.0.0.1:8078, proxied via Caddy at docs.alogins.net - Fix: SEAFILE_SERVER_PROTOCOL=https to avoid CSRF errors - Fix: TIME_ZONE=Asia/Dubai (Etc/UTC+4 was invalid) - Caddyfile: add docs.alogins.net → localhost:8078 - .gitignore: exclude seafile/.env (credentials stored in Vaultwarden) Co-Authored-By: Claude Sonnet 4.6 --- .gitignore | 1 + Caddyfile | 4 ++ seafile/caddy.yml | 26 ++++++++++ seafile/seadoc.yml | 40 ++++++++++++++ seafile/seafile-server.yml | 103 +++++++++++++++++++++++++++++++++++++ 5 files changed, 174 insertions(+) create mode 100644 seafile/caddy.yml create mode 100644 seafile/seadoc.yml create mode 100644 seafile/seafile-server.yml diff --git a/.gitignore b/.gitignore index 3573721..e7632d5 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ adolf/.env +seafile/.env diff --git a/Caddyfile b/Caddyfile index 917c874..0add350 100644 --- a/Caddyfile +++ b/Caddyfile @@ -77,6 +77,10 @@ ntfy.alogins.net { reverse_proxy localhost:8840 } +docs.alogins.net { + reverse_proxy localhost:8078 +} + vw.alogins.net { reverse_proxy localhost:8041 } diff --git a/seafile/caddy.yml b/seafile/caddy.yml new file mode 100644 index 0000000..999baae --- /dev/null +++ b/seafile/caddy.yml @@ -0,0 +1,26 @@ +services: + + caddy: + image: ${SEAFILE_CADDY_IMAGE:-lucaslorentz/caddy-docker-proxy:2.9-alpine} + restart: unless-stopped + container_name: seafile-caddy + ports: + - 8077:80 + - 4433:443 + environment: + - CADDY_INGRESS_NETWORKS=seafile-net + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ${SEAFILE_CADDY_VOLUME:-/opt/seafile-caddy}:/data/caddy + networks: + - seafile-net + healthcheck: + test: ["CMD-SHELL", "curl --fail http://localhost:2019/metrics || exit 1"] + start_period: 20s + interval: 20s + timeout: 5s + retries: 3 + +networks: + seafile-net: + name: seafile-net diff --git a/seafile/seadoc.yml b/seafile/seadoc.yml new file mode 100644 index 0000000..c261cf8 --- /dev/null +++ b/seafile/seadoc.yml @@ -0,0 +1,40 @@ +services: + + seadoc: + image: ${SEADOC_IMAGE:-seafileltd/sdoc-server:2.0-latest} + container_name: seadoc + restart: unless-stopped + volumes: + - ${SEADOC_VOLUME:-/opt/seadoc-data/}:/shared + # ports: + # - "80:80" + environment: + - DB_HOST=${SEAFILE_MYSQL_DB_HOST:-db} + - DB_PORT=${SEAFILE_MYSQL_DB_PORT:-3306} + - DB_USER=${SEAFILE_MYSQL_DB_USER:-seafile} + - DB_PASSWORD=${SEAFILE_MYSQL_DB_PASSWORD:?Variable is not set or empty} + - DB_NAME=${SEADOC_MYSQL_DB_NAME:-${SEAFILE_MYSQL_DB_SEAHUB_DB_NAME:-seahub_db}} + - TIME_ZONE=${TIME_ZONE:-Etc/UTC} + - JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty} + - NON_ROOT=${NON_ROOT:-false} + - SEAHUB_SERVICE_URL=${SEAFILE_SERVICE_URL:-http://seafile} + labels: + caddy: ${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty} + caddy.@ws.0_header: "Connection *Upgrade*" + caddy.@ws.1_header: "Upgrade websocket" + caddy.0_reverse_proxy: "@ws {{upstreams 80}}" + caddy.1_handle_path: "/socket.io/*" + caddy.1_handle_path.0_rewrite: "* /socket.io{uri}" + caddy.1_handle_path.1_reverse_proxy: "{{upstreams 80}}" + caddy.2_handle_path: "/sdoc-server/*" + caddy.2_handle_path.0_rewrite: "* {uri}" + caddy.2_handle_path.1_reverse_proxy: "{{upstreams 80}}" + depends_on: + db: + condition: service_healthy + networks: + - seafile-net + +networks: + seafile-net: + name: seafile-net diff --git a/seafile/seafile-server.yml b/seafile/seafile-server.yml new file mode 100644 index 0000000..4bfd94b --- /dev/null +++ b/seafile/seafile-server.yml @@ -0,0 +1,103 @@ +services: + db: + image: ${SEAFILE_DB_IMAGE:-mariadb:10.11} + container_name: seafile-mysql + restart: unless-stopped + environment: + - MYSQL_ROOT_PASSWORD=${INIT_SEAFILE_MYSQL_ROOT_PASSWORD:-} + - MYSQL_LOG_CONSOLE=true + - MARIADB_AUTO_UPGRADE=1 + volumes: + - "${SEAFILE_MYSQL_VOLUME:-/opt/seafile-mysql/db}:/var/lib/mysql" + networks: + - seafile-net + healthcheck: + test: + [ + "CMD", + "/usr/local/bin/healthcheck.sh", + "--connect", + "--mariadbupgrade", + "--innodb_initialized", + ] + interval: 20s + start_period: 30s + timeout: 5s + retries: 10 + + redis: + image: ${SEAFILE_REDIS_IMAGE:-redis} + container_name: seafile-redis + restart: unless-stopped + command: + - /bin/sh + - -c + - redis-server --requirepass "$$REDIS_PASSWORD" + environment: + - REDIS_PASSWORD=${REDIS_PASSWORD:-} + networks: + - seafile-net + + seafile: + image: ${SEAFILE_IMAGE:-seafileltd/seafile-mc:13.0-latest} + container_name: seafile + restart: unless-stopped + ports: + - "127.0.0.1:8078:80" + volumes: + - ${SEAFILE_VOLUME:-/opt/seafile-data}:/shared + environment: + - SEAFILE_MYSQL_DB_HOST=${SEAFILE_MYSQL_DB_HOST:-db} + - SEAFILE_MYSQL_DB_PORT=${SEAFILE_MYSQL_DB_PORT:-3306} + - SEAFILE_MYSQL_DB_USER=${SEAFILE_MYSQL_DB_USER:-seafile} + - SEAFILE_MYSQL_DB_PASSWORD=${SEAFILE_MYSQL_DB_PASSWORD:?Variable is not set or empty} + - INIT_SEAFILE_MYSQL_ROOT_PASSWORD=${INIT_SEAFILE_MYSQL_ROOT_PASSWORD:-} + - SEAFILE_MYSQL_DB_CCNET_DB_NAME=${SEAFILE_MYSQL_DB_CCNET_DB_NAME:-ccnet_db} + - SEAFILE_MYSQL_DB_SEAFILE_DB_NAME=${SEAFILE_MYSQL_DB_SEAFILE_DB_NAME:-seafile_db} + - SEAFILE_MYSQL_DB_SEAHUB_DB_NAME=${SEAFILE_MYSQL_DB_SEAHUB_DB_NAME:-seahub_db} + - TIME_ZONE=${TIME_ZONE:-Etc/UTC} + - INIT_SEAFILE_ADMIN_EMAIL=${INIT_SEAFILE_ADMIN_EMAIL:-me@example.com} + - INIT_SEAFILE_ADMIN_PASSWORD=${INIT_SEAFILE_ADMIN_PASSWORD:-asecret} + - SEAFILE_SERVER_HOSTNAME=${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty} + - SEAFILE_SERVER_PROTOCOL=${SEAFILE_SERVER_PROTOCOL:-http} + - SITE_ROOT=${SITE_ROOT:-/} + - NON_ROOT=${NON_ROOT:-false} + - JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty} + - SEAFILE_LOG_TO_STDOUT=${SEAFILE_LOG_TO_STDOUT:-false} + - ENABLE_GO_FILESERVER=${ENABLE_GO_FILESERVER:-true} + - ENABLE_SEADOC=${ENABLE_SEADOC:-true} + - SEADOC_SERVER_URL=${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}/sdoc-server + - CACHE_PROVIDER=${CACHE_PROVIDER:-redis} + - REDIS_HOST=${REDIS_HOST:-redis} + - REDIS_PORT=${REDIS_PORT:-6379} + - REDIS_PASSWORD=${REDIS_PASSWORD:-} + - MEMCACHED_HOST=${MEMCACHED_HOST:-memcached} + - MEMCACHED_PORT=${MEMCACHED_PORT:-11211} + - ENABLE_NOTIFICATION_SERVER=${ENABLE_NOTIFICATION_SERVER:-false} + - INNER_NOTIFICATION_SERVER_URL=${INNER_NOTIFICATION_SERVER_URL:-http://notification-server:8083} + - NOTIFICATION_SERVER_URL=${NOTIFICATION_SERVER_URL:-${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}/notification} + - ENABLE_SEAFILE_AI=${ENABLE_SEAFILE_AI:-false} + - ENABLE_FACE_RECOGNITION=${ENABLE_FACE_RECOGNITION:-false} + - SEAFILE_AI_SERVER_URL=${SEAFILE_AI_SERVER_URL:-http://seafile-ai:8888} + - SEAFILE_AI_SECRET_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty} + - MD_FILE_COUNT_LIMIT=${MD_FILE_COUNT_LIMIT:-100000} + labels: + caddy: ${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty} + caddy.reverse_proxy: "{{upstreams 80}}" + healthcheck: + test: ["CMD-SHELL", "curl -f http://localhost:80 || exit 1"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 10s + depends_on: + db: + condition: service_healthy + redis: + condition: service_started + networks: + - seafile-net + +networks: + seafile-net: + name: seafile-net