We're going to install it into /opt/seafile directory.
If you don't have MySQL Server already installed, go ahead and install it (answer Yes and set a root password when prompted):
For Seafile user it is best to set a password without any special characters.
At this point you can start and use the Seafile server (please check the official wiki on how to start it, if you don't want to continue with the next steps), but our purpose is to continue with Apache deployment and HTTPS configuration. If you started the server, stop it before proceeding to next step.
(seahub.fcgi is just a placeholder, you don't need to actually have this file in the system)
Create a Certificate Signing Request (CSR):
(Fill the required values, extra attributes can be ignored)
Protect the key and signed certificate:
cd /optYou should have now the following directory structure:
mkdir seafile
cd seafile
wget http://seafile.googlecode.com/files/seafile-server_2.0.1_x86-64.tar.gz
tar -xzf seafile-server_2.0.1_x86-64.tar.gz
mkdir installed
mv seafile-server_2.0.1_x86-64.tar.gz installed
If you don't have MySQL Server already installed, go ahead and install it (answer Yes and set a root password when prompted):
apt-get install mysql-serverInstall the python required packages:
apt-get updateAnd let the setup-seafile-mysql.sh script to create the databases (you will be prompted for various configurations):
apt-get install python2.7 python-setuptools python-simplejson
apt-get install python-imaging python-mysqldb
For Seafile user it is best to set a password without any special characters.
cd /opt/seafile/seafile-server-2.0.1If everything went fine you should have the following directory structure:
./setup-seafile-mysql.sh
At this point you can start and use the Seafile server (please check the official wiki on how to start it, if you don't want to continue with the next steps), but our purpose is to continue with Apache deployment and HTTPS configuration. If you started the server, stop it before proceeding to next step.
Deploy Seafile with apache
If you don't have Apache Server already installed, install it first:apt-get install apache2Next, install some required packages and enable mod_rewrite and apache proxy:
apt-get install python-flupIn this article we assume you are running Seahub using domain cloud.mydomain.com. Edit apache2.conf:
apt-get install libapache2-mod-fastcgi
a2enmod rewrite
a2enmod proxy_http
nano /etc/apache2/apache2.confAdd this line at the end of the file:
(seahub.fcgi is just a placeholder, you don't need to actually have this file in the system)
FastCGIExternalServer /var/www/seahub.fcgi -host 127.0.0.1:8000Modify default Apache config file:
nano /etc/apache2/sites-enabled/000-defaultAnd make it look similar to this:
<VirtualHost *:80>Update the SERVICE_URL in ccnet.conf:
ServerName cloud.mydomain.com
DocumentRoot /var/www
Alias /media /opt/seafile/seafile-server-2.0.1/seahub/media
RewriteEngine On
#
# seafile httpserver
#
ProxyPass /seafhttp http://127.0.0.1:8082
ProxyPassReverse /seafhttp http://127.0.0.1:8082
RewriteRule ^/seafhttp - [QSA,L]
#
# seahub
#
RewriteRule ^/(media.*)$ /$1 [QSA,L,PT]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /seahub.fcgi$1 [QSA,L,E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</VirtualHost>
nano /opt/seafile/ccnet/ccnet.confChange:
SERVICE_URL = http://cloud.mydomain.comModify seahub_settings.py:
nano /opt/seafile/seahub_settings.pyAdd line:
HTTP_SERVER_ROOT = 'http://cloud.mydomain.com/seafhttp'And restart Apache:
service apache2 restartAt this point you can start and use Seafile server with apache without a secure connection (please check the official wiki on how to start it, if you don't want to continue with the next steps), but let's go ahead and enable SSL.
Enable Https on Seafile web with Apache
In our days, when you can get a SSL certificate for like $9 / year, it really doesn't worth to have the annoying browser warning of a self-signed certificate, so here are the steps to use a Commercial SSL Certificate:Create a Certificate Signing Request (CSR):
(Fill the required values, extra attributes can be ignored)
mkdir /etc/apache2/sslFiles will be created in /etc/apache2/ssl. Now take your cloud.mydomain.com.csr and submit to a commercial SSL provider for signing. You will receive a .crt certificate. Save it in the same directory as cloud.mydomain.com.crt. Along with the certificate you may get also the root certificate, save it to the same directory.
cd /etc/apache2/ssl
openssl req -new -newkey rsa:2048 -nodes -keyout cloud.mydomain.com.key -out cloud.mydomain.com.csr
Protect the key and signed certificate:
chmod 400 /etc/apache2/ssl/cloud.mydomain.com.keyEnable mod_ssl:
chmod 400 /etc/apache2/ssl/cloud.mydomain.com.crt
a2enmod sslAnd modify your Apache configuration file:
nano /etc/apache2/sites-enabled/000-defaultTo look like:
<VirtualHost *:80>Update the SERVICE_URL in ccnet.conf:
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>
<VirtualHost *:443>
ServerName cloud.mydomain.com
DocumentRoot /var/www
Alias /media /opt/seafile/seafile-server-2.0.1/seahub/media
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/cloud.mydomain.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/cloud.mydomain.com.key
SSLCACertificateFile /etc/apache2/ssl/your-root-certificate.crt
RewriteEngine On
#
# seafile httpserver
#
ProxyPass /seafhttp http://127.0.0.1:8082
ProxyPassReverse /seafhttp http://127.0.0.1:8082
RewriteRule ^/seafhttp - [QSA,L]
#
# seahub
#
RewriteRule ^/(media.*)$ /$1 [QSA,L,PT]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /seahub.fcgi$1 [QSA,L,E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</VirtualHost>
nano /opt/seafile/ccnet/ccnet.confChange:
SERVICE_URL = https://cloud.mydomain.comModify seahub_settings.py:
nano /opt/seafile/seahub_settings.pyChange:
HTTP_SERVER_ROOT = 'https://cloud.mydomain.com/seafhttp'And restart Apache:
service apache2 restartStart Seafile server also:
cd /opt/seafile/seafile-server-2.0.1
./seafile.sh start
./seahub.sh start-fastcgi
0 comments:
Post a Comment