Seafile Single-Container Image for TrueNAS SCALE Dragonfish ============================================================ This repository packages Seafile Server Core (seafile-server) and Seahub (Django web UI) into a single container suitable for TrueNAS SCALE Dragonfish Custom App deployment. Components inside the container: - Nginx reverse proxy (ports 80/443) → proxies to internal Gunicorn (Seahub) and the Go fileserver - Gunicorn serving Seahub (Django) on 127.0.0.1:8000 - Seafile core (seaf-server) and fileserver (Go) via seafile.sh - MariaDB (in-container) - Redis (in-container) - Single persistent volume at /data storing configuration, databases, media, and logs Persistent layout under /data: - /data/conf → central Seafile/Seahub config (seafile.conf, ccnet.conf, seahub_settings.py, seahub_secret_key.txt) - /data/seafile-data → Seafile data store - /data/db → MariaDB datadir - /data/redis → Redis data - /data/seahub-media → Seahub uploads/media - /data/logs → logs (nginx, seahub, seafile, supervisord, mariadb, redis) - /data/ssl → TLS certs (optional if terminating TLS in-container) Files ----- - Dockerfile → Debian Bookworm base image with nginx, supervisor, mariadb, redis, python venv - docker/entrypoint.sh → Idempotent bootstrap and configuration renderer, then execs supervisord - docker/supervisord.conf.template → supervisord programs for mariadb, redis, seafile core, seahub, nginx - docker/nginx.conf.template → reverse proxy and upload limits - docker/gunicorn.conf.py → Gunicorn settings for Seahub - docker/seahub_settings.py.template → rendered to /data/conf/seahub_settings.py - docker/seafile.conf.template → rendered to /data/conf/seafile.conf - docker/ccnet.conf.template → rendered to /data/conf/ccnet.conf - docker/init_seahub.sh → one-shot collectstatic, migrations, optional admin creation - docker/healthcheck.sh → container healthcheck Environment Variables --------------------- Required at first run (recommended): - SEAFILE_SERVER_HOSTNAME: your public hostname (e.g., files.example.com) - SEAFILE_SERVER_URL: full base URL (e.g., https://files.example.com) - DB_ROOT_PASSWORD: MariaDB root password for bootstrap (required on first run) - DB_PASSWORD: password for application DB user (seafile) Optional (defaults in Dockerfile): - DB_USER=seafile - DB_NAME (generic bootstrap DB used by the plan; typically not required by Seafile) - DB_NAME_SEAHUB=seahub_db - DB_NAME_SEAFILE=seafile_db - DB_NAME_CCNET=ccnet_db - REDIS_URL=redis://127.0.0.1:6379/0 - TIMEZONE=UTC - NGINX_MAX_BODY=200m (upload size limit) - SSL_ENABLE=false (if you want nginx to terminate TLS with /data/ssl/{fullchain.pem,privkey.pem}, adjust nginx template or provide a values override) - ADMIN_EMAIL and ADMIN_PASSWORD (optional) → auto-create admin user on first run - SEAFILE_TGZ_URL (optional) → URL to an official Seafile server release tarball. If provided, the entrypoint will download and extract it into /opt/seafile/seafile-server-latest Notes on Releases ----------------- By default, this image expects an official Seafile server release to be present at: - /opt/seafile/seafile-server-latest You can satisfy this in one of two ways: 1) Provide SEAFILE_TGZ_URL (preferred): The entrypoint will download and extract on first start. 2) Bake or mount a release: Place the extracted release at /opt/seafile/seafile-server-latest (e.g., by modifying the Dockerfile to ADD/COPY it, or by mounting in TrueNAS using an additional hostPath volume). TrueNAS SCALE Custom App Configuration -------------------------------------- - Image: build and push the built Docker image, then reference it in your custom app - Ports: - TCP 80 → host or ingress (required) - TCP 443 → host or ingress (optional if terminating TLS externally) - Storage: - PVC mounted at /data (ReadWriteOnce) - Environment: - SEAFILE_SERVER_HOSTNAME=files.example.com - SEAFILE_SERVER_URL=https://files.example.com - DB_ROOT_PASSWORD=your-root-password - DB_PASSWORD=your-app-password - DB_NAME_SEAHUB=seahub_db - DB_NAME_SEAFILE=seafile_db - DB_NAME_CCNET=ccnet_db - ADMIN_EMAIL=admin@example.com (optional) - ADMIN_PASSWORD=change-me (optional) - NGINX_MAX_BODY=200m (adjust as desired) - TIMEZONE=UTC - SEAFILE_TGZ_URL=https://example.com/path/to/seafile-server_X.Y.Z_x86-64.tar.gz (optional, recommended) - Healthcheck: - Container includes a HEALTHCHECK that probes Seahub and the fileserver. First Run Flow -------------- On container start, the entrypoint will: 1) Create /data subdirectories; write /etc/redis/redis.conf 2) Initialize MariaDB at /data/db if empty: - Set root password (DB_ROOT_PASSWORD) - Create DBs: DB_NAME_SEAHUB, DB_NAME_SEAFILE, DB_NAME_CCNET - Create user DB_USER with DB_PASSWORD; grant privileges 3) Optionally download and extract Seafile server release if SEAFILE_TGZ_URL is provided 4) Render configs: - /etc/nginx/nginx.conf from template - /etc/supervisor/supervisord.conf from template - /data/conf/seahub_settings.py from template (uses env and SECRET_KEY) - /data/conf/seafile.conf and /data/conf/ccnet.conf from templates 5) Create Python venv and install Seahub requirements from the release 6) Supervisord starts: - mariadbd - redis-server - seafile (seafile.sh start) - seahub (runs docker/init_seahub.sh once, then gunicorn) - nginx Nginx Routing ------------- - / → Gunicorn (Seahub) at 127.0.0.1:8000 - /seafhttp → fileserver at 127.0.0.1:8082 - /media → /data/seahub-media Build & Run (Local) ------------------- Build: - docker build -t seafile-single:local . Run (example): - mkdir -p /host/seafile-data - docker run -it --rm \ -e SEAFILE_SERVER_HOSTNAME=localhost \ -e SEAFILE_SERVER_URL=http://localhost \ -e DB_ROOT_PASSWORD=changeme \ -e DB_PASSWORD=changeme \ -e ADMIN_EMAIL=admin@example.com \ -e ADMIN_PASSWORD=changeme \ -p 80:80 \ -v /host/seafile-data:/data \ seafile-single:local Then open http://localhost and log in with the admin credentials. From-Source Variant (Optional) ------------------------------ If you need to build from the provided sources instead of using official releases: - seafile-server (C, autotools) found under ./seafile-server - fileserver (Go) under ./seafile-server/fileserver - Seahub (Django) under ./seahub You will need to: - Install build dependencies (see seafile-server/configure.ac) - Build and install seafile core and fileserver into /opt/seafile/seafile-server-latest - Use seahub/requirements.txt for Python dependencies - Ensure templates in docker/ still render configs into /data/conf Testing Checklist ----------------- - Healthcheck: container becomes healthy (Seahub login page, fileserver protocol-version endpoint) - Admin creation: login with ADMIN_EMAIL/ADMIN_PASSWORD - Upload flow: create library, upload small file; verify in /data/seafile-data - Persistence: stop/start container; confirm data intact - Logs: /data/logs/* should not contain critical errors Known Notes ----------- - The container expects a compatible Seafile server release and Seahub version. - If terminating TLS at Nginx inside the container, copy certs to /data/ssl and adapt nginx.conf.template accordingly (or add a values override in TrueNAS).