117 lines
3.7 KiB
YAML
117 lines
3.7 KiB
YAML
# Seafile - File sync
|
|
# Port: 8082
|
|
# File sync and share with versioning
|
|
|
|
services:
|
|
db:
|
|
image: mariadb:11.4-noble #LTS Long Time Support Until May 29, 2029.
|
|
container_name: Seafile-DB
|
|
hostname: seafile-db
|
|
security_opt:
|
|
- no-new-privileges:false
|
|
volumes:
|
|
- /volume1/docker/seafile/db:/var/lib/mysql:rw
|
|
environment:
|
|
MYSQL_ROOT_PASSWORD: "REDACTED_PASSWORD"
|
|
MYSQL_DATABASE: seafile_db
|
|
MYSQL_USER: seafileuser
|
|
MYSQL_PASSWORD: "REDACTED_PASSWORD"
|
|
TZ: America/Los_Angeles
|
|
restart: on-failure:5
|
|
|
|
cache:
|
|
image: memcached:1.6
|
|
entrypoint: memcached -m 256
|
|
container_name: Seafile-CACHE
|
|
hostname: memcached
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
read_only: true
|
|
user: 1026:100
|
|
restart: on-failure:5
|
|
|
|
redis:
|
|
image: redis
|
|
container_name: Seafile-REDIS
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- redis-server --requirepass REDACTED_PASSWORD
|
|
hostname: redis
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
read_only: false
|
|
user: 1026:100
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "redis-cli ping || exit 1"]
|
|
volumes:
|
|
- /volume1/docker/seafile/redis:/data:rw
|
|
environment:
|
|
TZ: America/Los_Angeles
|
|
restart: on-failure:5
|
|
|
|
seafile:
|
|
image: seafileltd/seafile-mc:13.0-latest
|
|
container_name: Seafile
|
|
user: 0:0
|
|
hostname: seafile
|
|
security_opt:
|
|
- no-new-privileges:false
|
|
healthcheck:
|
|
test: wget --no-verbose --tries=1 --spider http://localhost
|
|
volumes:
|
|
- /volume1/docker/seafile/data:/shared:rw
|
|
ports:
|
|
- 8611:80
|
|
environment:
|
|
INIT_SEAFILE_MYSQL_ROOT_PASSWORD: "REDACTED_PASSWORD"
|
|
SEAFILE_MYSQL_DB_HOST: seafile-db
|
|
SEAFILE_MYSQL_DB_USER: seafileuser
|
|
SEAFILE_MYSQL_DB_PORT: 3306
|
|
SEAFILE_MYSQL_DB_PASSWORD: "REDACTED_PASSWORD"
|
|
SEAFILE_MYSQL_DB_SEAFILE_DB_NAME: seafile_db
|
|
SEAFILE_MYSQL_DB_CCNET_DB_NAME: ccnet_db
|
|
SEAFILE_MYSQL_DB_SEAHUB_DB_NAME: seahub_db
|
|
CACHE_PROVIDER: redis
|
|
REDIS_HOST: redis
|
|
REDIS_PORT: 6379
|
|
REDIS_PASSWORD: "REDACTED_PASSWORD"
|
|
TIME_ZONE: America/Los_Angeles
|
|
SEAFILE_VOLUME: /opt/seafile-data
|
|
SEAFILE_MYSQL_VOLUME: /opt/seafile-mysql/db
|
|
INIT_SEAFILE_ADMIN_EMAIL: your-email@example.com
|
|
INIT_SEAFILE_ADMIN_PASSWORD: "REDACTED_PASSWORD" # pragma: allowlist secret
|
|
JWT_PRIVATE_KEY: "REDACTED_JWT_PRIVATE_KEY"
|
|
SEADOC_VOLUME: /opt/seadoc-data
|
|
SEADOC_IMAGE: seafileltd/sdoc-server:2.0-latest
|
|
ENABLE_SEADOC: true
|
|
SEADOC_SERVER_URL: https://sf.vish.gg/sdoc-server
|
|
SEAFILE_SERVER_HOSTNAME: sf.vish.gg
|
|
SEAFILE_SERVER_PROTOCOL: https
|
|
FORCE_HTTPS_IN_CONF: true
|
|
SEAFILE_SERVER_LETSENCRYPT: false
|
|
# Authentik OAuth2 SSO - keeps local login working
|
|
# NOTE: Also add to seahub_settings.py in /shared/seafile/conf/:
|
|
# ENABLE_OAUTH = True
|
|
# OAUTH_ENABLE_INSECURE_TRANSPORT = False
|
|
# OAUTH_CLIENT_ID = "REDACTED_CLIENT_ID"
|
|
# OAUTH_CLIENT_SECRET = "REDACTED_CLIENT_SECRET"
|
|
# OAUTH_REDIRECT_URL = "https://sf.vish.gg/oauth/callback/"
|
|
# OAUTH_PROVIDER_DOMAIN = "sso.vish.gg"
|
|
# OAUTH_AUTHORIZATION_URL = "https://sso.vish.gg/application/o/authorize/"
|
|
# OAUTH_TOKEN_URL = "https://sso.vish.gg/application/o/token/"
|
|
# OAUTH_USER_INFO_URL = "https://sso.vish.gg/application/o/userinfo/"
|
|
# OAUTH_SCOPE = ["openid", "profile", "email"]
|
|
# OAUTH_ATTRIBUTE_MAP = {
|
|
# "email": (True, "email"),
|
|
# "name": (False, "name"),
|
|
# }
|
|
depends_on:
|
|
db:
|
|
condition: service_started
|
|
cache:
|
|
condition: service_started
|
|
redis:
|
|
condition: service_started
|
|
restart: on-failure:5
|