Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
 

Owncloud has a very poor performance on Raspberry Pi. But seafile runs very fast if running on nginx. There exist already a lot of instructions how to install seafile on raspberry so you will find links to these website on the following page which I used to install seafile. In addition I wrote down the sequence of steps I executed. It's primaily a combination of the various installation instructions which I found. My config files of seafile running with nginx can be downloaded as sample config files for your convenience. In addition there is a startscript for /etc/init.d available which starts seafile all the time when Linux ist started and and stops it when it's shut down. 

Characteristics of the seafileserver: foo.no-ip.org is used as external dns name, nginx (no apache), runs on secure https port and offers webdav services.

 

Installation instructions for seafile

Raspberry Pi Forum: [Tutorial] Seafile als Dropbox und Owncloud Ersatz auf dem PI installieren (German)

Jan Karres: Raspberry Pi: Owncloud-Alternative Seafile Server installieren (German)Jan Karres: Raspberry Pi: Owncloud-Alternative Seafile Server installieren (German)

Jan Karres: Raspberry Pi: Seafile Server Upgrade (German)

Draptik: Installing Seafile on Raspberry Pi

Seafile Server Manual

 

My installation steps

1) Install raspbian

2) Execute

sudo apt-get update apt-get upgrade
sudo apt-get install -y install python2.7 python-setuptools python-simplejson python-imaging sqlite3
sudo adduser seafile --disabled-password
sudo su seafile
cd
mkdir mycloud && cd mycloud
wget https://bitbucket.org/haiwen/seafile/downloads/seafile-server_3.1.7_pi.tar.gztar -xvzf seafile-server_*
mkdir installed
mv seafile-server_* installed
cd seafile-server-3.1.7
./setup-seafile.sh
Servername: foo
Domain: foo.no-ip.org

3) Adapt some config files as user seafile (sudo su seafile) or user pi with sudo in front of the nano command

nano /home/seafile/mycloud/ccnet/ccnet.conf
    SERVICE_URL=https://foo.no-ip.org:80    

nano /home/seafile/mycloud/seahub_settings.py
HTTP_SERVER_ROOT='https://foo.no-ip.org:80/seafhttp'

4) Adaptation for webdav as user seafile (sudo su seafile) or user pi with sudo in front of the nano command

Webdav will be avaibale on https://foo.no-ip.org:80/seafdav

nano /home/seafile/mycloud/conf/seafdav.conf:
[WEBDAV]
enabled = true
port = 8080
fastcgi = true
share_name = /seafdav

5) Start seafile

./seafile.sh start
./seahub.sh start-fastcgi

6) Install nginx as user pi

sudo apt-get install nginx
sudo nano /etc/nginx/nginx.conf
    worker_processes 1;
    worker_connections 128;
sudo mkdir /etc/nginx/ssl
cd /etc/nginx/ssl
sudo openssl genrsa -out seahub.key 2048
sudo openssl req -new -key seahub.key -out seahub.csr
sudo openssl x509 -req -days 3650 -in seahub.csr -signkey seahub.key -out seahub.crt

7) Adapt nginx config as user pi

sudo nano /etc/nginx/sites-available/seahub
server {
    listen 80; # <----------------------------------------- NGINX PORT
    ssl on; # <-------------------------------------------- SSL
    ssl_certificate /etc/nginx/ssl/seahub.crt; # <--------- SSL
    ssl_certificate_key /etc/nginx/ssl/seahub.key; # <----- SSL
    server_name foo.no-ip.org; # <----------------- CHANGE THIS
    error_page 497  https://$host:$server_port$request_uri;    location / {
        fastcgi_pass    127.0.0.1:8000;
        fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
        fastcgi_param   PATH_INFO           $fastcgi_script_name;
        fastcgi_param   SERVER_PROTOCOL $server_protocol;
        fastcgi_param   QUERY_STRING        $query_string;
        fastcgi_param   REQUEST_METHOD      $request_method;
        fastcgi_param   CONTENT_TYPE        $content_type;
        fastcgi_param   CONTENT_LENGTH      $content_length;
        fastcgi_param   SERVER_ADDR         $server_addr;
        fastcgi_param   SERVER_PORT         $server_port;
        fastcgi_param   SERVER_NAME         $server_name;
        fastcgi_param   HTTPS   on;
        fastcgi_param HTTP_SCHEME https;
        access_log      /var/log/nginx/seahub.access.log;
        error_log       /var/log/nginx/seahub.error.log;
    }
    location /seafhttp {
        rewrite ^/seafhttp(.*)$ $1 break;
        proxy_pass http://127.0.0.1:8082;
        client_max_body_size 0;
    }
     location /seafdav {
        fastcgi_pass    127.0.0.1:8080;
        fastcgi_param   SCRIPT_FILENAME     $document_root$fastcgi_script_name;
        fastcgi_param   PATH_INFO           $fastcgi_script_name;
        fastcgi_param   SERVER_PROTOCOL     $server_protocol;
        fastcgi_param   QUERY_STRING        $query_string;
        fastcgi_param   REQUEST_METHOD      $request_method;
        fastcgi_param   CONTENT_TYPE        $content_type;
        fastcgi_param   CONTENT_LENGTH      $content_length;
        fastcgi_param   SERVER_ADDR         $server_addr;
        fastcgi_param   SERVER_PORT         $server_port;
        fastcgi_param   SERVER_NAME         $server_name;
        fastcgi_param   HTTPS               on;
        client_max_body_size 0;
        access_log      /var/log/nginx/seafdav.access.log;
        error_log       /var/log/nginx/seafdav.error.log;
    }
    location /media {
        root /home/seafile/mycloud/seafile-server-latest/seahub; # <-- change: 2014-07-11
        # include /etc/nginx/mime.types; # <--- UNCOMMENT THIS IF CSS FILES AREN'T LOADED
    }
}

8) Start nginx

sudo ln -s /etc/nginx/sites-available/seahub /etc/nginx/sites-enabled/seahub
sudo /etc/init.d/nginx restart

 

Start- and stop of seafile as Linux service

The seafile manual explains how to start and stop seafile with entries in crontab. Shutdown of a Linux system will not stop seafile and this may cause data corruption. THe right Linux way to start and stop a server is to use a service and to register it to be exeuted all the time during start and stop of the operating system. Download the script from here and copy it into /etc/init.d. Now activatethe script execution during start and stop of the OS with

chmod +x /etc/init.d/seafile
update-rc.d seafile defaults
service seafile start

From now on seafile will be started and stopped in a controlled way.

Now you can start seafile with

service seafile start

and stop it with

service seafile stop

and restart with

service seafile restart

and query the status with

service seafile status

 

Secure a seafile server in a local network against unauthorized access from the outside and into you local network

Right now there is only a linked German version available. Post a comment if you think it's useful to translate the linked article into English.

Usually you want to have your seafile available from all over the world. The right way is to put the seafile server into a DMZ but the general home router doesn't offer this capability. So you have to forward the seafile ports to your pi from your home router. Nevertheless you should protect your seafileserver from access from the internet and your local network from access from your seafile server - just in case somebody managed to get access. You can configure  iptables rules for seafile which you can find here, to protect your local network against unwanted access from the seafile server - as long as the intruder doesn't manage to get root access, because then he's able to turn off the iptables firewall. So it's very important to protect the root access to your pi with a strong password and to keep your Raspberry Pi software up to date all the time.

 

Other useful links about seafile

Deutsches Seafile Forum (German)

Seafile FAQ zu Security Features (German)

Forumsbeitrag zu Webdav und Seafile (German)

Seafile Server Manual: Webdav extensions

Optimizing NGINX and PHP-fpm for high traffic sites

High performance webserver with nginx and php-fpm

Seafile Server Manual: Sending email notifications on seafile

Seafile3 mit nginx und mysql backend

 

My seafile config files

zip file contains:

1) nginx.conf and seahub

2) ccnet.conf, seafdav.conf, seahub.conf and seahub_settings.py

Add comment

*** Note ***

Comments are welcome. But in order to reject spam posts please consider following rules:
  1. Comments with string http are rejected with message You have no rights to use this tag
  2. All comments are reviewed by hand and thus it usually takes one day until a comment will be published.