Your commit message

脚本参考/seafile-installer-71.sh

@@ -0,0 +1,306 @@
+#!/bin/bash
+#
+
+if [[ $HOME == "" ]]; then
+    export HOME=/root
+fi
+
+
+# -------------------------------------------
+# Vars
+# -------------------------------------------
+SEAFILE_ADMIN=ice@qq.com
+SEAFILE_SERVER_USER=seafile
+SEAFILE_SERVER_HOME=/opt/seafile
+IP_OR_DOMAIN=127.0.0.1
+SEAFILE_VERSION=7.1.0
+TIME_ZONE=Asia/Shanghai
+
+
+FILE_SERVER_PACKAGE=seafile-server_${SEAFILE_VERSION}_x86-64.tar.gz
+INSTALLPATH=${SEAFILE_SERVER_HOME}/seafile-server-${SEAFILE_VERSION}/
+
+# -------------------------------------------
+# Additional requirements
+# -------------------------------------------
+# apt-get update
+
+
+# apt-get install -y python3 python3-setuptools python3-pip python3-ldap memcached openjdk-8-jre \
+#     libmemcached-dev libreoffice-script-provider-python libreoffice pwgen curl nginx
+
+# pip3 install --timeout=3600 Pillow pylibmc captcha jinja2 sqlalchemy psd-tools \
+#     django-pylibmc django-simple-captcha
+
+
+service memcached start
+
+rm /etc/nginx/sites-enabled/*
+
+cp /root/seafile.conf /etc/nginx/sites-available/seafile.conf 
+
+ln -sf /etc/nginx/sites-available/seafile.conf /etc/nginx/sites-enabled/seafile.conf
+
+service nginx restart
+
+
+# -------------------------------------------
+# MariaDB
+# -------------------------------------------
+if [[ -f "/root/.my.cnf" ]] ;
+then
+  echo "MariaDB installed before, skip this part"
+  SQLROOTPW=`sed -n 's/password=//p' /root/.my.cnf`
+else
+  DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server
+  service mysql restart
+
+  SQLROOTPW="phea8Mie"
+
+  mysqladmin -u root password $SQLROOTPW
+
+  cat > /root/.my.cnf <<EOF
+[client]
+user=root
+password=$SQLROOTPW
+EOF
+
+  chmod 600 /root/.my.cnf
+fi
+
+# -------------------------------------------
+# Seafile
+# -------------------------------------------
+mkdir -p ${SEAFILE_SERVER_HOME}/installed
+cd ${SEAFILE_SERVER_HOME}
+cp /root/${FILE_SERVER_PACKAGE} .
+tar xzf ${FILE_SERVER_PACKAGE}
+
+mv ${FILE_SERVER_PACKAGE} installed
+
+# -------------------------------------------
+# Seafile DB
+# -------------------------------------------
+if [[ -f "/opt/seafile.my.cnf" ]] ;
+then
+  echo "MariaDB installed before, skip this part"
+  SQLSEAFILEPW=`sed -n 's/password=//p' /opt/seafile.my.cnf`
+else
+  SQLSEAFILEPW="eiwae8Af"
+
+  cat > /opt/seafile.my.cnf <<EOF
+[client]
+user=seafile
+password=$SQLSEAFILEPW
+EOF
+
+  chmod 600 /opt/seafile.my.cnf
+fi
+
+# -------------------------------------------
+# Add seafile user
+# -------------------------------------------
+useradd --system --comment "${SEAFILE_SERVER_USER}" ${SEAFILE_SERVER_USER} --home-dir  ${SEAFILE_SERVER_HOME}
+
+# -------------------------------------------
+# Go to /opt/seafile/seafile-pro-server-${SEAFILE_VERSION}
+# -------------------------------------------
+cd $INSTALLPATH
+
+# -------------------------------------------
+# Vars - Don't touch these unless you really know what you are doing!
+# -------------------------------------------
+TOPDIR=$(dirname "${INSTALLPATH}")
+DEFAULT_CONF_DIR=${TOPDIR}/conf
+SEAFILE_DATA_DIR=${TOPDIR}/seafile-data
+DEST_SETTINGS_PY=${TOPDIR}/conf/seahub_settings.py
+
+mkdir -p ${DEFAULT_CONF_DIR}
+
+# -------------------------------------------
+# Create ccnet, seafile, seahub conf using setup script
+# -------------------------------------------
+
+./setup-seafile-mysql.sh auto -u seafile -w ${SQLSEAFILEPW} -r ${SQLROOTPW}
+
+# -------------------------------------------
+# Configure Seafile WebDAV Server(SeafDAV)
+# -------------------------------------------
+sed -i 's/enabled = .*/enabled = true/' ${DEFAULT_CONF_DIR}/seafdav.conf
+sed -i 's/fastcgi = .*/fastcgi = true/' ${DEFAULT_CONF_DIR}/seafdav.conf
+sed -i 's/share_name = .*/share_name = \/seafdav/' ${DEFAULT_CONF_DIR}/seafdav.conf
+
+# -------------------------------------------
+# Configuring seahub_settings.py
+# -------------------------------------------
+cat >> ${DEST_SETTINGS_PY} <<EOF
+
+CACHES = {
+    'default': {
+        'BACKEND': 'django_pylibmc.memcached.PyLibMCCache',
+        'LOCATION': '127.0.0.1:11211',
+    },
+    'locmem': {
+        'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
+    },
+}
+COMPRESS_CACHE_BACKEND = 'locmem'
+
+# EMAIL_USE_TLS                       = False
+# EMAIL_HOST                          = 'localhost'
+# EMAIL_HOST_USER                     = ''
+# EMAIL_HOST_PASSWORD                 = ''
+# EMAIL_PORT                          = '25'
+# DEFAULT_FROM_EMAIL                  = EMAIL_HOST_USER
+# SERVER_EMAIL                        = EMAIL_HOST_USER
+
+TIME_ZONE                           = '${TIME_ZONE}'
+SITE_BASE                           = 'http://${IP_OR_DOMAIN}'
+SITE_NAME                           = 'Seafile Server'
+SITE_TITLE                          = 'Seafile Server'
+SITE_ROOT                           = '/'
+ENABLE_SIGNUP                       = False
+ACTIVATE_AFTER_REGISTRATION         = False
+SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER  = True
+SEND_EMAIL_ON_RESETTING_USER_PASSWD = True
+CLOUD_MODE                          = False
+FILE_PREVIEW_MAX_SIZE               = 30 * 1024 * 1024
+SESSION_COOKIE_AGE                  = 60 * 60 * 24 * 7 * 2
+SESSION_SAVE_EVERY_REQUEST          = False
+SESSION_EXPIRE_AT_BROWSER_CLOSE     = False
+
+FILE_SERVER_ROOT                    = 'http://${IP_OR_DOMAIN}/seafhttp'
+EOF
+
+
+# -------------------------------------------
+# Backup check_init_admin.py befor applying changes
+# -------------------------------------------
+cp ${INSTALLPATH}/check_init_admin.py ${INSTALLPATH}/check_init_admin.py.backup
+
+
+# -------------------------------------------
+# Set admin credentials in check_init_admin.py
+# -------------------------------------------
+SEAFILE_ADMIN_PW=$(pwgen)
+eval "sed -i 's/= ask_admin_email()/= \"${SEAFILE_ADMIN}\"/' ${INSTALLPATH}/check_init_admin.py"
+eval "sed -i 's/= ask_admin_password()/= \"${SEAFILE_ADMIN_PW}\"/' ${INSTALLPATH}/check_init_admin.py"
+
+# -------------------------------------------
+# Start and stop Seafile eco system. This generates the initial admin user.
+# -------------------------------------------
+chown ${SEAFILE_SERVER_USER}:${SEAFILE_SERVER_USER} -R ${SEAFILE_SERVER_HOME}
+
+su - seafile -c "${INSTALLPATH}/seafile.sh start"
+su - seafile -c "${INSTALLPATH}/seahub.sh start"
+wait					# sleep for a while, otherwise seahub will not be stopped
+su - seafile -c "${INSTALLPATH}/seahub.sh stop"
+sleep 1
+su - seafile -c "${INSTALLPATH}/seafile.sh stop"
+sleep 1
+
+# -------------------------------------------
+# Restore original check_init_admin.py
+# -------------------------------------------
+mv ${INSTALLPATH}/check_init_admin.py.backup ${INSTALLPATH}/check_init_admin.py
+
+if is_pro; then
+    PRO_PY=${INSTALLPATH}/pro/pro.py
+    $PYTHON ${PRO_PY} setup --mysql --mysql_host=127.0.0.1 --mysql_port=3306 --mysql_user=seafile --mysql_password=${SQLSEAFILEPW} --mysql_db=seahub_db
+fi
+
+# kill all process
+sleep 1
+pkill -9 -u seafile
+sleep 1
+
+
+# -------------------------------------------
+# Fix permissions
+# -------------------------------------------
+chown ${SEAFILE_SERVER_USER}:${SEAFILE_SERVER_USER} -R ${SEAFILE_SERVER_HOME}
+if [[ -d /tmp/seafile-office-output/ ]]; then
+    chown ${SEAFILE_SERVER_USER}:${SEAFILE_SERVER_USER} -R /tmp/seafile-office-output/
+fi
+
+# -------------------------------------------
+# Start seafile server
+# -------------------------------------------
+echo "Starting productive Seafile server"
+service seafile-server start
+
+
+# -------------------------------------------
+# Final report
+# -------------------------------------------
+cat > ${TOPDIR}/aio_seafile-server.log<<EOF
+
+  Your Seafile server is installed
+  -----------------------------------------------------------------
+
+  Server Address:      http://${IP_OR_DOMAIN}
+
+  Seafile Admin:       ${SEAFILE_ADMIN}
+  Admin Password:      ${SEAFILE_ADMIN_PW}
+
+  Seafile Data Dir:    ${SEAFILE_DATA_DIR}
+
+  Seafile DB Credentials:  Check /opt/seafile.my.cnf
+  Root DB Credentials:     Check /root/.my.cnf
+
+  This report is also saved to ${TOPDIR}/aio_seafile-server.log
+
+
+
+  Next you should manually complete the following steps
+  -----------------------------------------------------------------
+
+  1) Log in to Seafile and configure your server domain via the system
+     admin area if applicable.
+
+  2) If this server is behind a firewall, you need to ensure that
+     tcp port 80 is open.
+
+  3) Seahub tries to send emails via the local server. Install and
+     configure Postfix for this to work or
+     check https://manual.seafile.com/config/sending_email.html
+     for instructions on how to use an existing email account via SMTP.
+
+
+
+
+  Optional steps
+  -----------------------------------------------------------------
+
+  1) Check seahub_settings.py and customize it to fit your needs. Consult
+     http://manual.seafile.com/config/seahub_settings_py.html for possible switches.
+
+  2) Setup NGINX with official SSL certificate.
+
+  3) Secure server with iptables based firewall. For instance: UFW or shorewall
+
+  4) Harden system with port knocking, fail2ban, etc.
+
+  5) Enable unattended installation of security updates. Check
+     https://wiki.Ubuntu.org/UnattendedUpgrades for details.
+
+  6) Implement a backup routine for your Seafile server.
+
+  7) Update NGINX worker processes to reflect the number of CPU cores.
+
+
+
+
+  Seafile support options
+  -----------------------------------------------------------------
+
+  For free community support visit:   https://bbs.seafile.com
+  For paid commercial support visit:  https://seafile.com
+
+EOF
+
+chmod 600 ${TOPDIR}/aio_seafile-server.log
+
+clear
+
+cat ${TOPDIR}/aio_seafile-server.log