306 lines
9.3 KiB
Bash
306 lines
9.3 KiB
Bash
#!/bin/bash
|
|
#
|
|
|
|
if [[ $HOME == "" ]]; then
|
|
export HOME=/root
|
|
fi
|
|
|
|
|
|
# -------------------------------------------
|
|
# Vars
|
|
# -------------------------------------------
|
|
SEAFILE_ADMIN=ice@qq.com
|
|
SEAFILE_SERVER_USER=seafile
|
|
SEAFILE_SERVER_HOME=/opt/seafile
|
|
IP_OR_DOMAIN=127.0.0.1
|
|
SEAFILE_VERSION=7.1.0
|
|
TIME_ZONE=Asia/Shanghai
|
|
|
|
|
|
FILE_SERVER_PACKAGE=seafile-server_${SEAFILE_VERSION}_x86-64.tar.gz
|
|
INSTALLPATH=${SEAFILE_SERVER_HOME}/seafile-server-${SEAFILE_VERSION}/
|
|
|
|
# -------------------------------------------
|
|
# Additional requirements
|
|
# -------------------------------------------
|
|
# apt-get update
|
|
|
|
|
|
# apt-get install -y python3 python3-setuptools python3-pip python3-ldap memcached openjdk-8-jre \
|
|
# libmemcached-dev libreoffice-script-provider-python libreoffice pwgen curl nginx
|
|
|
|
# pip3 install --timeout=3600 Pillow pylibmc captcha jinja2 sqlalchemy psd-tools \
|
|
# django-pylibmc django-simple-captcha
|
|
|
|
|
|
service memcached start
|
|
|
|
rm /etc/nginx/sites-enabled/*
|
|
|
|
cp /root/seafile.conf /etc/nginx/sites-available/seafile.conf
|
|
|
|
ln -sf /etc/nginx/sites-available/seafile.conf /etc/nginx/sites-enabled/seafile.conf
|
|
|
|
service nginx restart
|
|
|
|
|
|
# -------------------------------------------
|
|
# MariaDB
|
|
# -------------------------------------------
|
|
if [[ -f "/root/.my.cnf" ]] ;
|
|
then
|
|
echo "MariaDB installed before, skip this part"
|
|
SQLROOTPW=`sed -n 's/password=//p' /root/.my.cnf`
|
|
else
|
|
DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server
|
|
service mysql restart
|
|
|
|
SQLROOTPW="phea8Mie"
|
|
|
|
mysqladmin -u root password $SQLROOTPW
|
|
|
|
cat > /root/.my.cnf <<EOF
|
|
[client]
|
|
user=root
|
|
password=$SQLROOTPW
|
|
EOF
|
|
|
|
chmod 600 /root/.my.cnf
|
|
fi
|
|
|
|
# -------------------------------------------
|
|
# Seafile
|
|
# -------------------------------------------
|
|
mkdir -p ${SEAFILE_SERVER_HOME}/installed
|
|
cd ${SEAFILE_SERVER_HOME}
|
|
cp /root/${FILE_SERVER_PACKAGE} .
|
|
tar xzf ${FILE_SERVER_PACKAGE}
|
|
|
|
mv ${FILE_SERVER_PACKAGE} installed
|
|
|
|
# -------------------------------------------
|
|
# Seafile DB
|
|
# -------------------------------------------
|
|
if [[ -f "/opt/seafile.my.cnf" ]] ;
|
|
then
|
|
echo "MariaDB installed before, skip this part"
|
|
SQLSEAFILEPW=`sed -n 's/password=//p' /opt/seafile.my.cnf`
|
|
else
|
|
SQLSEAFILEPW="eiwae8Af"
|
|
|
|
cat > /opt/seafile.my.cnf <<EOF
|
|
[client]
|
|
user=seafile
|
|
password=$SQLSEAFILEPW
|
|
EOF
|
|
|
|
chmod 600 /opt/seafile.my.cnf
|
|
fi
|
|
|
|
# -------------------------------------------
|
|
# Add seafile user
|
|
# -------------------------------------------
|
|
useradd --system --comment "${SEAFILE_SERVER_USER}" ${SEAFILE_SERVER_USER} --home-dir ${SEAFILE_SERVER_HOME}
|
|
|
|
# -------------------------------------------
|
|
# Go to /opt/seafile/seafile-pro-server-${SEAFILE_VERSION}
|
|
# -------------------------------------------
|
|
cd $INSTALLPATH
|
|
|
|
# -------------------------------------------
|
|
# Vars - Don't touch these unless you really know what you are doing!
|
|
# -------------------------------------------
|
|
TOPDIR=$(dirname "${INSTALLPATH}")
|
|
DEFAULT_CONF_DIR=${TOPDIR}/conf
|
|
SEAFILE_DATA_DIR=${TOPDIR}/seafile-data
|
|
DEST_SETTINGS_PY=${TOPDIR}/conf/seahub_settings.py
|
|
|
|
mkdir -p ${DEFAULT_CONF_DIR}
|
|
|
|
# -------------------------------------------
|
|
# Create ccnet, seafile, seahub conf using setup script
|
|
# -------------------------------------------
|
|
|
|
./setup-seafile-mysql.sh auto -u seafile -w ${SQLSEAFILEPW} -r ${SQLROOTPW}
|
|
|
|
# -------------------------------------------
|
|
# Configure Seafile WebDAV Server(SeafDAV)
|
|
# -------------------------------------------
|
|
sed -i 's/enabled = .*/enabled = true/' ${DEFAULT_CONF_DIR}/seafdav.conf
|
|
sed -i 's/fastcgi = .*/fastcgi = true/' ${DEFAULT_CONF_DIR}/seafdav.conf
|
|
sed -i 's/share_name = .*/share_name = \/seafdav/' ${DEFAULT_CONF_DIR}/seafdav.conf
|
|
|
|
# -------------------------------------------
|
|
# Configuring seahub_settings.py
|
|
# -------------------------------------------
|
|
cat >> ${DEST_SETTINGS_PY} <<EOF
|
|
|
|
CACHES = {
|
|
'default': {
|
|
'BACKEND': 'django_pylibmc.memcached.PyLibMCCache',
|
|
'LOCATION': '127.0.0.1:11211',
|
|
},
|
|
'locmem': {
|
|
'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
|
|
},
|
|
}
|
|
COMPRESS_CACHE_BACKEND = 'locmem'
|
|
|
|
# EMAIL_USE_TLS = False
|
|
# EMAIL_HOST = 'localhost'
|
|
# EMAIL_HOST_USER = ''
|
|
# EMAIL_HOST_PASSWORD = ''
|
|
# EMAIL_PORT = '25'
|
|
# DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
|
|
# SERVER_EMAIL = EMAIL_HOST_USER
|
|
|
|
TIME_ZONE = '${TIME_ZONE}'
|
|
SITE_BASE = 'http://${IP_OR_DOMAIN}'
|
|
SITE_NAME = 'Seafile Server'
|
|
SITE_TITLE = 'Seafile Server'
|
|
SITE_ROOT = '/'
|
|
ENABLE_SIGNUP = False
|
|
ACTIVATE_AFTER_REGISTRATION = False
|
|
SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER = True
|
|
SEND_EMAIL_ON_RESETTING_USER_PASSWD = True
|
|
CLOUD_MODE = False
|
|
FILE_PREVIEW_MAX_SIZE = 30 * 1024 * 1024
|
|
SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2
|
|
SESSION_SAVE_EVERY_REQUEST = False
|
|
SESSION_EXPIRE_AT_BROWSER_CLOSE = False
|
|
|
|
FILE_SERVER_ROOT = 'http://${IP_OR_DOMAIN}/seafhttp'
|
|
EOF
|
|
|
|
|
|
# -------------------------------------------
|
|
# Backup check_init_admin.py befor applying changes
|
|
# -------------------------------------------
|
|
cp ${INSTALLPATH}/check_init_admin.py ${INSTALLPATH}/check_init_admin.py.backup
|
|
|
|
|
|
# -------------------------------------------
|
|
# Set admin credentials in check_init_admin.py
|
|
# -------------------------------------------
|
|
SEAFILE_ADMIN_PW=$(pwgen)
|
|
eval "sed -i 's/= ask_admin_email()/= \"${SEAFILE_ADMIN}\"/' ${INSTALLPATH}/check_init_admin.py"
|
|
eval "sed -i 's/= ask_admin_password()/= \"${SEAFILE_ADMIN_PW}\"/' ${INSTALLPATH}/check_init_admin.py"
|
|
|
|
# -------------------------------------------
|
|
# Start and stop Seafile eco system. This generates the initial admin user.
|
|
# -------------------------------------------
|
|
chown ${SEAFILE_SERVER_USER}:${SEAFILE_SERVER_USER} -R ${SEAFILE_SERVER_HOME}
|
|
|
|
su - seafile -c "${INSTALLPATH}/seafile.sh start"
|
|
su - seafile -c "${INSTALLPATH}/seahub.sh start"
|
|
wait # sleep for a while, otherwise seahub will not be stopped
|
|
su - seafile -c "${INSTALLPATH}/seahub.sh stop"
|
|
sleep 1
|
|
su - seafile -c "${INSTALLPATH}/seafile.sh stop"
|
|
sleep 1
|
|
|
|
# -------------------------------------------
|
|
# Restore original check_init_admin.py
|
|
# -------------------------------------------
|
|
mv ${INSTALLPATH}/check_init_admin.py.backup ${INSTALLPATH}/check_init_admin.py
|
|
|
|
if is_pro; then
|
|
PRO_PY=${INSTALLPATH}/pro/pro.py
|
|
$PYTHON ${PRO_PY} setup --mysql --mysql_host=127.0.0.1 --mysql_port=3306 --mysql_user=seafile --mysql_password=${SQLSEAFILEPW} --mysql_db=seahub_db
|
|
fi
|
|
|
|
# kill all process
|
|
sleep 1
|
|
pkill -9 -u seafile
|
|
sleep 1
|
|
|
|
|
|
# -------------------------------------------
|
|
# Fix permissions
|
|
# -------------------------------------------
|
|
chown ${SEAFILE_SERVER_USER}:${SEAFILE_SERVER_USER} -R ${SEAFILE_SERVER_HOME}
|
|
if [[ -d /tmp/seafile-office-output/ ]]; then
|
|
chown ${SEAFILE_SERVER_USER}:${SEAFILE_SERVER_USER} -R /tmp/seafile-office-output/
|
|
fi
|
|
|
|
# -------------------------------------------
|
|
# Start seafile server
|
|
# -------------------------------------------
|
|
echo "Starting productive Seafile server"
|
|
service seafile-server start
|
|
|
|
|
|
# -------------------------------------------
|
|
# Final report
|
|
# -------------------------------------------
|
|
cat > ${TOPDIR}/aio_seafile-server.log<<EOF
|
|
|
|
Your Seafile server is installed
|
|
-----------------------------------------------------------------
|
|
|
|
Server Address: http://${IP_OR_DOMAIN}
|
|
|
|
Seafile Admin: ${SEAFILE_ADMIN}
|
|
Admin Password: ${SEAFILE_ADMIN_PW}
|
|
|
|
Seafile Data Dir: ${SEAFILE_DATA_DIR}
|
|
|
|
Seafile DB Credentials: Check /opt/seafile.my.cnf
|
|
Root DB Credentials: Check /root/.my.cnf
|
|
|
|
This report is also saved to ${TOPDIR}/aio_seafile-server.log
|
|
|
|
|
|
|
|
Next you should manually complete the following steps
|
|
-----------------------------------------------------------------
|
|
|
|
1) Log in to Seafile and configure your server domain via the system
|
|
admin area if applicable.
|
|
|
|
2) If this server is behind a firewall, you need to ensure that
|
|
tcp port 80 is open.
|
|
|
|
3) Seahub tries to send emails via the local server. Install and
|
|
configure Postfix for this to work or
|
|
check https://manual.seafile.com/config/sending_email.html
|
|
for instructions on how to use an existing email account via SMTP.
|
|
|
|
|
|
|
|
|
|
Optional steps
|
|
-----------------------------------------------------------------
|
|
|
|
1) Check seahub_settings.py and customize it to fit your needs. Consult
|
|
http://manual.seafile.com/config/seahub_settings_py.html for possible switches.
|
|
|
|
2) Setup NGINX with official SSL certificate.
|
|
|
|
3) Secure server with iptables based firewall. For instance: UFW or shorewall
|
|
|
|
4) Harden system with port knocking, fail2ban, etc.
|
|
|
|
5) Enable unattended installation of security updates. Check
|
|
https://wiki.Ubuntu.org/UnattendedUpgrades for details.
|
|
|
|
6) Implement a backup routine for your Seafile server.
|
|
|
|
7) Update NGINX worker processes to reflect the number of CPU cores.
|
|
|
|
|
|
|
|
|
|
Seafile support options
|
|
-----------------------------------------------------------------
|
|
|
|
For free community support visit: https://bbs.seafile.com
|
|
For paid commercial support visit: https://seafile.com
|
|
|
|
EOF
|
|
|
|
chmod 600 ${TOPDIR}/aio_seafile-server.log
|
|
|
|
clear
|
|
|
|
cat ${TOPDIR}/aio_seafile-server.log |