最新的12版本新增了seadoc并且界面美观,官方的安装教程很简洁,也许有人会使用自己申请的证书来部署网站,参考论坛分享的经验,把自己的配置文件分享给大家。
首先说一下基本网络环境,有公网ip4地址(纯ipv6对seadoc和onlyoffice支持不友好),并且有一个自己的域名,路由器具有端口转发功能,防火墙相应的端口要开放。下面把完整的配置文件贴出来,直接复制保存下来,相对比官方文件做了一些修改,所以这五个文件要全部保存下来,然后根据自己的配置修改 .env 文件中有 # 中文注释的项目。
.env文件
############################################
# Docker compose configurations #
############################################
COMPOSE_FILE='seafile-server.yml,caddy.yml,seadoc.yml,onlyoffice.yml'
COMPOSE_PATH_SEPARATOR=','
## Images
SEAFILE_IMAGE=seafileltd/seafile-pro-mc:12.0-latest
SEAFILE_DB_IMAGE=mariadb:10.11.11
SEAFILE_MEMCACHED_IMAGE=memcached:1.6.38
SEAFILE_ELASTICSEARCH_IMAGE=elasticsearch:8.18.0
SEAFILE_CADDY_IMAGE=lucaslorentz/caddy-docker-proxy:ci-alpine
SEADOC_IMAGE=seafileltd/sdoc-server:1.0-latest
NOTIFICATION_SERVER_IMAGE=seafileltd/notification-server:12.0-latest
SEASEARCH_IMAGE=seafileltd/seasearch:latest
ONLYOFFICE_IMAGE=onlyoffice/documentserver:latest
## Persistent Storage
BASIC_STORAGE_PATH=/opt/seafile-12 #此处自定义Seafile的安装目录
SEAFILE_VOLUME=$BASIC_STORAGE_PATH/seafile-data
SEAFILE_MYSQL_VOLUME=$BASIC_STORAGE_PATH/seafile-mysql/db
SEAFILE_ELASTICSEARCH_VOLUME=$BASIC_STORAGE_PATH/seafile-elasticsearch/data
SEAFILE_CADDY_VOLUME=$BASIC_STORAGE_PATH/seafile-caddy
NOTIFICATION_SERVER_VOLUME=$BASIC_STORAGE_PATH/notification-data
SS_DATA_PATH=$BASIC_STORAGE_PATH/seasearch-data
SEADOC_VOLUME=$BASIC_STORAGE_PATH/seadoc-data
ONLYOFFICE_VOLUME=$BASIC_STORAGE_PATH/onlyoffice
############################################
# Startup parameters #
############################################
SEAFILE_SERVER_PORT=7777 #此处设置Seafile服务的访问端口
SEAFILE_SERVER_PROTOCOL=https #此处设置Seafile网站使用 http 还是 https
SEAFILE_SERVER_HOSTNAME=seafile.example.com #此处设置Seafile服务的域名或IP地址
CADDY_CERT_PATH=$SEAFILE_CADDY_VOLUME/certs
CADDY_SSL_CERTIFICATE_CRT=seafile.example.com.crt #此处设置自己申请的ssl crt证书名称
CADDY_SSL_CERTIFICATE_KEY=seafile.example.com.key #此处设置自己申请的ssl key证书名称
TIME_ZONE=Asia/Shanghai
JWT_PRIVATE_KEY=密码 #此处设置JWT密码,不少于32位
## Database
SEAFILE_MYSQL_DB_HOST=db
SEAFILE_MYSQL_DB_USER=seafile
SEAFILE_MYSQL_DB_PASSWORD=密码 #此处设置数据库seafile用户密码
SEAFILE_MYSQL_DB_CCNET_DB_NAME=ccnet_db
SEAFILE_MYSQL_DB_SEAFILE_DB_NAME=seafile_db
SEAFILE_MYSQL_DB_SEAHUB_DB_NAME=seahub_db
## Database root password, Used to create Seafile users
INIT_SEAFILE_MYSQL_ROOT_PASSWORD=密码 #此处设置数据库root用户密码
## Seafile admin user
INIT_SEAFILE_ADMIN_EMAIL=seafile@example.com #此处设置Seafile网站的登录邮箱账号
INIT_SEAFILE_ADMIN_PASSWORD=密码 #此处设置Seafile网站的账号登录密码
## OnlyOffice
ONLYOFFICE_PORT=6233
ONLYOFFICE_JWT_SECRET=密码 #此处密码应与上边的JWT密码相同
############################################
# Additional configurations for extensions #
############################################
### Storage type
SS_STORAGE_TYPE=disk # options: disk (local disk), s3
### Local storage mode
SS_MAX_OBJ_CACHE_SIZE=10GB
### Log
SS_LOG_TO_STDOUT=false
SS_LOG_OUTPUT=true
SS_LOG_LEVEL=info
### S3 mode
SS_S3_USE_V4_SIGNATURE=false
SS_S3_ACCESS_ID=<your access id>
SS_S3_ACCESS_SECRET=<your access secret>
SS_S3_ENDPOINT=s3.us-east-1.amazonaws.com
SS_S3_BUCKET=<your bucket name>
SS_S3_USE_HTTPS=true
SS_S3_PATH_STYLE_REQUEST=true
SS_S3_AWS_REGION=us-east-1
SS_S3_SSE_C_KEY=<your SSE-C key>
### SeaSearch admin user
INIT_SS_ADMIN_USER=$INIT_SEAFILE_ADMIN_EMAIL
INIT_SS_ADMIN_PASSWORD=$INIT_SEAFILE_ADMIN_PASSWORD
caddy.yml
services:
caddy:
image: ${SEAFILE_CADDY_IMAGE:-lucaslorentz/caddy-docker-proxy:ci-alpine}
container_name: seafile-caddy
restart: unless-stopped
ports:
- 80:80
- 443:443
- ${SEAFILE_SERVER_PORT:-7777}:443
environment:
- CADDY_INGRESS_NETWORKS=seafile-net
labels:
caddy.auto_https: "disable_certs"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ${SEAFILE_CADDY_VOLUME:-/opt/seafile-caddy}:/data/caddy
- ${CADDY_CERT_PATH:-/opt/seafile-caddy/certs}:/etc/caddy/certs
networks:
- seafile-net
healthcheck:
test: ["CMD-SHELL", "curl --fail http://localhost:2019/metrics || exit 1"]
start_period: 20s
interval: 20s
timeout: 5s
retries: 3
networks:
seafile-net:
name: seafile-net
seadoc.yml
services:
seadoc:
image: ${SEADOC_IMAGE:-seafileltd/sdoc-server:1.0-latest}
container_name: seadoc
restart: unless-stopped
volumes:
- ${SEADOC_VOLUME:-/opt/seadoc-data/}:/shared
# ports:
# - "80:80"
environment:
- DB_HOST=${SEAFILE_MYSQL_DB_HOST:-db}
- DB_PORT=${SEAFILE_MYSQL_DB_PORT:-3306}
- DB_USER=${SEAFILE_MYSQL_DB_USER:-seafile}
- DB_PASSWORD=${SEAFILE_MYSQL_DB_PASSWORD:?Variable is not set or empty}
- DB_NAME=${SEADOC_MYSQL_DB_NAME:-seahub_db}
- TIME_ZONE=${TIME_ZONE:-Asia/Shanghai}
- JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty}
- NON_ROOT=${NON_ROOT:-false}
- SEAHUB_SERVICE_URL=${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}:${SEAFILE_SERVER_PORT:?Variable is not set or empty}
labels:
caddy: ${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}
caddy.@ws.0_header: "Connection *Upgrade*"
caddy.@ws.1_header: "Upgrade websocket"
caddy.0_reverse_proxy: "@ws {{upstreams 80}}"
caddy.1_handle_path: "/socket.io/*"
caddy.1_handle_path.0_rewrite: "* /socket.io{uri}"
caddy.1_handle_path.1_reverse_proxy: "{{upstreams 80}}"
caddy.2_handle_path: "/seadoc/*"
caddy.2_handle_path.0_rewrite: "* {uri}"
caddy.2_handle_path.1_reverse_proxy: "{{upstreams 80}}"
depends_on:
db:
condition: service_healthy
networks:
- seafile-net
networks:
seafile-net:
name: seafile-net
seafile-server.yml
services:
db:
image: ${SEAFILE_DB_IMAGE:-mariadb:10.11.11}
container_name: seafile-mysql
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=${INIT_SEAFILE_MYSQL_ROOT_PASSWORD:-}
- MYSQL_LOG_CONSOLE=true
- MARIADB_AUTO_UPGRADE=1
volumes:
- "${SEAFILE_MYSQL_VOLUME:-/opt/seafile-mysql/db}:/var/lib/mysql"
networks:
- seafile-net
healthcheck:
test:
[
"CMD",
"/usr/local/bin/healthcheck.sh",
"--connect",
"--mariadbupgrade",
"--innodb_initialized",
]
interval: 20s
start_period: 30s
timeout: 5s
retries: 10
memcached:
image: ${SEAFILE_MEMCACHED_IMAGE:-memcached:1.6.38}
container_name: seafile-memcached
restart: unless-stopped
entrypoint: memcached -m 256
networks:
- seafile-net
elasticsearch:
image: ${SEAFILE_ELASTICSEARCH_IMAGE:-elasticsearch:8.18.0}
container_name: seafile-elasticsearch
restart: unless-stopped
environment:
- discovery.type=single-node
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms2g -Xmx2g"
- "xpack.security.enabled=false"
ulimits:
memlock:
soft: -1
hard: -1
mem_limit: 4g
volumes:
- "${SEAFILE_ELASTICSEARCH_VOLUME:-/opt/seafile-elasticsearch/data}:/usr/share/elasticsearch/data"
networks:
- seafile-net
seafile:
image: ${SEAFILE_IMAGE:-seafileltd/seafile-pro-mc:12.0-latest}
container_name: seafile
restart: unless-stopped
# ports:
# - "80:80"
# - "443:443"
volumes:
- ${SEAFILE_VOLUME:-/opt/seafile-data}:/shared
environment:
- DB_HOST=${SEAFILE_MYSQL_DB_HOST:-db}
- DB_PORT=${SEAFILE_MYSQL_DB_PORT:-3306}
- DB_USER=${SEAFILE_MYSQL_DB_USER:-seafile}
- DB_ROOT_PASSWD=${INIT_SEAFILE_MYSQL_ROOT_PASSWORD:-}
- DB_PASSWORD=${SEAFILE_MYSQL_DB_PASSWORD:?Variable is not set or empty}
- SEAFILE_MYSQL_DB_CCNET_DB_NAME=${SEAFILE_MYSQL_DB_CCNET_DB_NAME:-ccnet_db}
- SEAFILE_MYSQL_DB_SEAFILE_DB_NAME=${SEAFILE_MYSQL_DB_SEAFILE_DB_NAME:-seafile_db}
- SEAFILE_MYSQL_DB_SEAHUB_DB_NAME=${SEAFILE_MYSQL_DB_SEAHUB_DB_NAME:-seahub_db}
- TIME_ZONE=${TIME_ZONE:-Asia/Shanghai}
- INIT_SEAFILE_ADMIN_EMAIL=${INIT_SEAFILE_ADMIN_EMAIL:-me@example.com}
- INIT_SEAFILE_ADMIN_PASSWORD=${INIT_SEAFILE_ADMIN_PASSWORD:-asecret}
- SEAFILE_SERVER_HOSTNAME=${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}:${SEAFILE_SERVER_PORT:?Variable is not set or empty}
- SEAFILE_SERVER_PROTOCOL=${SEAFILE_SERVER_PROTOCOL:-http}
- SITE_ROOT=${SITE_ROOT:-/}
- NON_ROOT=${NON_ROOT:-false}
- JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty}
- SEAFILE_LOG_TO_STDOUT=${SEAFILE_LOG_TO_STDOUT:-false}
- ENABLE_SEADOC=${ENABLE_SEADOC:-true}
- SEADOC_SERVER_URL=${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}:${SEAFILE_SERVER_PORT:?Variable is not set or empty}/seadoc
- INIT_S3_STORAGE_BACKEND_CONFIG=${INIT_S3_STORAGE_BACKEND_CONFIG:-false}
- INIT_S3_COMMIT_BUCKET=${INIT_S3_COMMIT_BUCKET:-}
- INIT_S3_FS_BUCKET=${INIT_S3_FS_BUCKET:-}
- INIT_S3_BLOCK_BUCKET=${INIT_S3_BLOCK_BUCKET:-}
- INIT_S3_KEY_ID=${INIT_S3_KEY_ID:-}
- INIT_S3_SECRET_KEY=${INIT_S3_SECRET_KEY:-}
- INIT_S3_USE_V4_SIGNATURE=${INIT_S3_USE_V4_SIGNATURE:-true}
- INIT_S3_AWS_REGION=${INIT_S3_AWS_REGION:-us-east-1}
- INIT_S3_HOST=${INIT_S3_HOST:-us-east-1}
- INIT_S3_USE_HTTPS=${INIT_S3_USE_HTTPS:-true}
labels:
caddy: ${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}
caddy.tls: /etc/caddy/certs/${CADDY_SSL_CERTIFICATE_CRT} /etc/caddy/certs/${CADDY_SSL_CERTIFICATE_KEY}
caddy.reverse_proxy: "{{upstreams 80}}"
depends_on:
db:
condition: service_healthy
memcached:
condition: service_started
elasticsearch:
condition: service_started
networks:
- seafile-net
networks:
seafile-net:
name: seafile-net
onlyoffice.yml
services:
onlyoffice:
image: ${ONLYOFFICE_IMAGE:-onlyoffice/documentserver:latest}
container_name: onlyoffice
restart: unless-stopped
environment:
# - DB_TYPE=${DB_TYPE:-mariadb}
# - DB_HOST=${SEAFILE_MYSQL_DB_HOST:-db}
# - DB_USER=${SEAFILE_MYSQL_DB_USER:-seafile}
# - DB_PWD=${SEAFILE_MYSQL_DB_PASSWORD:?Variable is not set or empty}
- TIME_ZONE=${TIME_ZONE:-Asia/Shanghai}
- JWT_ENABLED=true
- JWT_SECRET=${ONLYOFFICE_JWT_SECRET:?Variable is not set or empty}
ports:
- ${ONLYOFFICE_PORT:-6233}:443
volumes:
- ${ONLYOFFICE_VOLUME:-/opt/onlyoffice}/logs:/var/log/onlyoffice
- ${ONLYOFFICE_VOLUME:-/opt/onlyoffice}/data:/var/www/onlyoffice/Data
- ${ONLYOFFICE_VOLUME:-/opt/onlyoffice}/lib:/var/lib/onlyoffice
- ${ONLYOFFICE_VOLUME:-/opt/onlyoffice}/db:/var/lib/postgresql
networks:
- seafile-net
networks:
seafile-net:
name: seafile-net
根据自己的配置修改 .env 文件中的项目,准备工作完成,开始部署
docker compose pull #拉取或更新镜像
docker compose up -d
######################################################
# 复制自己的ssl证书到caddy目录,证书名称必须和.env中设置的相同
cp 证书.crt /opt/seafile-12/seafile-caddy/certs/
cp 证书.key /opt/seafile-12/seafile-caddy/certs/
chmod 400 /opt/seafile-12/seafile-caddy/certs/证书.key
# 复制自己的ssl证书到onlyoffice目录,必须重命名为onlyoffice.crt和onlyoffice.key
mkdir /opt/seafile-12/onlyoffice/data/certs
cp 证书.crt /opt/seafile-12/onlyoffice/data/certs/onlyoffice.crt
cp 证书.key /opt/seafile-12/onlyoffice/data/certs/onlyoffice.key
chmod 400 /opt/seafile-12/onlyoffice/data/certs/onlyoffice.key
# 赋予 elasticsearch 的 data 目录 777 权限,否则搜索功能失效
chmod 777 -R /opt/seafile-12/seafile-elasticsearch/data
######################################################
编辑 /opt/seafile-12/seafile-data/seafile/conf/seahub_settings.py 文件,添加以下内容,并根据自己的配置修改seafile.example.com和JWT密码
ENABLE_ONLYOFFICE = True
ONLYOFFICE_APIJS_URL = 'https://seafile.example.com:6233/web-apps/apps/api/documents/api.js'
ONLYOFFICE_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods', 'csv', 'ppsx', 'pps')
ONLYOFFICE_EDIT_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods', 'csv', 'ppsx', 'pps')
ONLYOFFICE_JWT_SECRET = 'JWT密码'
######################################################
docker compose stop
docker compose up -d
docker exec onlyoffice supervisorctl start ds:example
部署完成,顺利的话现在就可以访问你的Seafile网站了。