Cool Solution - Install Seafile and setup ldap authentication

From Univention Wiki

Jump to: navigation, search
Produktlogo UCS Version 4.0

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.

This article describes how to install Seafile and its components, and how to setup the LDAP connection.

Requirements

For Seafile to work properly, users must be assigned a primary mail address.

This article assumes that Seafile is downloaded and extracted in the directory /opt/Seafile. Seafile can be installed in any other location, paths and scripts in this article must then be adapted accordingly.

Dependencies

The following dependencies must be installed to ensure a working installation of Seafile:

univention-install mysql-server python-setuptools python-mysqldb

Installation

Download the archive from the Seafile download page (Section "Server generic for Linux"). (Version as of writing this article: 4.3.2)

Extract and run the installer setup-seafile-mysql.sh:

mkdir -p /opt/Seafile
cd /opt/Seafile
tar xzfv seafile-server_4.3.2_x86-64.tar.gz
cd seafile-server-4.3.2
./setup-seafile-mysql.sh

The installer is interactive and will ask for some information. A MySQL user and databases can be created beforehand, the installer will, however, create missing elements itself inside the database.

During the installation, the wizard will ask for the MySQL root user's password, the password can be found in the file /etc/mysql.secret.

Configuration

Firewall

To ensure Seafile is working correctly, port 8000 must be opened in the firewall to gain remote access:

ucr set \
security/packetfilter/seahub/tcp/8000/all/en="Seahub" \
security/packetfilter/seahub/tcp/8000/all=ACCEPT
invoke-rc.d univention-firewall restart

Configure LDAP connection

Edit the file /opt/Seafile/ccnet/ccnet.conf and add the following section at the end:

[LDAP]
HOST = ldap://<FQDN of LDAP server>
BASE = cn=users,LDAP_BASE
USER_DN = <DN of search user>
PASSWORD = <Search user password>
LOGIN_ATTR = mailPrimaryAddress

Hint: To get the correct value for LDAP_BASE run the command ucr get ldap/base on the command line of your server.

Init scripts

In order to have Seafile and Seahub being started and stopped using an init script, two provided scripts must be linked and registered with the init system:

ln -s /opt/Seafile/seafile-server-4.3.2/seafile.sh /etc/init.d/seafile
ln -s /opt/Seafile/seafile-server-4.3.2/seahub.sh /etc/init.d/seahub
update-rc.d seafile defaults
update-rc.d seahub defaults

First start

Before Seafile is accessible, Seafile and Seahub must be started:

invoke-rc.d seafile start
invoke-rc.d seahub startb

When Seahub is started for the first time, the administrative seafile user must be configured. Follow the instructions on-screen instructions to create the user.

UCS overview

To configure the UCS start site to provide a link to Seafile, the UCR variables ucs/web/overview/entries/service must be set:

ucr set \
ucs/web/overview/entries/service/seafile/description/de="Private Cloud fürs Synchronisieren und Teilen von Dateien" \
ucs/web/overview/entries/service/seafile/description="Collaboration Place for Files" \
ucs/web/overview/entries/service/seafile/label/de="Seafile" \
ucs/web/overview/entries/service/seafile/label="Seafile" \
ucs/web/overview/entries/service/seafile/link="http://$(ucr get hostname).$(ucr get domainname):8000"

Further information

Further information can be obtained from the Seafile manual.

Personal tools