Seafile - это облачная система хранения данных с открытым исходным кодом с функциями конфиденциальности защиты и командной работы. Коллекции файлов называются библиотеками, и каждая библиотека может быть синхронизирована отдельно. Библиотека также может быть зашифрована с выбранным пользователем паролем. Seafile также позволяет пользователям создавать группы и легко делиться файлами в группах.

cd /usr/ports/net-mgmt/seafile-server/ && make install clean
cd /usr/ports/www/seahub/ && make install clean

При сборке libiconv стал ругаться на отсутствие .la фалов. Набираю команду и всё на, что нашлось пересобираю

find /usr/local/lib -name '*.la' | xargs grep -l 'libiconv\.la' | xargs pkg which

(http://forum.lissyara.su/viewtopic.php?t=42757)

portmaster -L | grep fusefs-lib
portmaster -o sysutils/fusefs-libs fusefs-libs-2.9.3_2

Настраиваю SeaFile с поддержкой MySQL У меня MySQL и SeaFile находятся на разных серверах. На сервере с MySQL создаю три базы данных ccnet-db, seafile-db, seahub-db. Создаю пользователя seafile и разрешаю ему управлять созданными базами данных. Настраиваю удалённый доступ к MySQL.

mysql -uroot -p
Enter password:
show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
4 rows in set (0.03 sec)

create database `ccnet-db` character set = 'utf8';
Query OK, 1 row affected (0.07 sec)

create database `seafile-db` character set = 'utf8';
Query OK, 1 row affected (0.01 sec)

create database `seahub-db` character set = 'utf8';
Query OK, 1 row affected (0.02 sec)

show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| ccnet-db           |
| mysql              |
| performance_schema |
| seafile-db         |
| seahub-db          |
| sys                |
+--------------------+
7 rows in set (0.03 sec)

select user,host from mysql.user;
+---------------+-----------+
| user          | host      |
+---------------+-----------+
| mysql.session | localhost |
| mysql.sys     | localhost |
| root          | localhost |
+---------------+-----------+
3 rows in set (0.00 sec)

create user 'seafile'@'10.215.130.22' identified by 'Kl0T1k#$ea';
Query OK, 0 rows affected (0.02 sec)

GRANT ALL PRIVILEGES ON `ccnet-db`.* to `seafile`@10.215.130.22;
Query OK, 0 rows affected (0.03 sec)

GRANT ALL PRIVILEGES ON `seafile-db`.* to `seafile`@10.215.130.22;
Query OK, 0 rows affected (0.02 sec)

GRANT ALL PRIVILEGES ON `seahub-db`.* to `seafile`@10.215.130.22;
Query OK, 0 rows affected (0.02 sec)

CREATE USER 'root'@'10.215.130.22' IDENTIFIED BY 'Ce,,0nf#';
Query OK, 0 rows affected (0.02 sec)

GRANT ALL PRIVILEGES ON *.* TO 'root'@'10.215.130.22';
Query OK, 0 rows affected (0.02 sec)

FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.01 sec)

select user,host from mysql.user;
+---------------+---------------+
| user          | host          |
+---------------+---------------+
| root          | 10.215.130.22 |
| seafile       | 10.215.130.22 |
| mysql.session | localhost     |
| mysql.sys     | localhost     |
| root          | localhost     |
+---------------+---------------+
5 rows in set (0.00 sec)

На сервере с SeaFile запускаю скрипт setup-seafile-mysql.sh

cd /usr/local/www/haiwen/seafile-server
./setup-seafile-mysql.sh
Checking python on this machine ...
Checking python module: python-mysqldb ... Done.

-----------------------------------------------------------------
This script will guide you to setup your seafile server using MySQL.
Make sure you have read seafile server manual at

        https://github.com/haiwen/seafile/wiki

Press ENTER to continue
-----------------------------------------------------------------

What is the name of the server? It will be displayed on the client.
3 - 15 letters or digits
[ server name ] sea-klotik

What is the ip or domain of the server?
For example: www.mycompany.com, 192.168.1.101
[ This server's ip or domain ] 10.215.130.22

Where do you want to put your seafile data?
Please use a volume with enough free space
[ default "/usr/local/www/haiwen/seafile-data" ] /mnt/seafile-data

Which port do you want to use for the seafile fileserver?
[ default "8082" ]

-------------------------------------------------------
Please choose a way to initialize seafile databases:
-------------------------------------------------------

[1] Create new ccnet/seafile/seahub databases
[2] Use existing ccnet/seafile/seahub databases

[ 1 or 2 ] 2

What is the host of mysql server?
[ default "localhost" ] 10.215.130.20

From which hosts could the mysql account be used?
[ default "%" ]

What is the port of mysql server?
[ default "3306" ]

Which mysql user to use for seafile?
[ mysql user for seafile ] seafile

What is the password for mysql user "seafile"?
[ password for seafile ]

verifying password of user seafile ...  done

Enter the existing database name for ccnet:
[ ccnet database ] ccnet-db

verifying user "seafile" access to database ccnet-db ...  done

Enter the existing database name for seafile:
[ seafile database ] seafile-db

verifying user "seafile" access to database seafile-db ...  done

Enter the existing database name for seahub:
[ seahub database ] seahub-db

verifying user "seafile" access to database seahub-db ...  done

---------------------------------
This is your configuration
---------------------------------

    server name:            sea-klotik
    server ip/domain:       10.215.130.22

    seafile data dir:       /mnt/seafile-data
    fileserver port:        8082

    database:               use existing
    ccnet database:         ccnet-db
    seafile database:       seafile-db
    seahub database:        seahub-db
    database user:          seafile

---------------------------------
Press ENTER to continue, or Ctrl-C to abort
---------------------------------
Generating ccnet configuration ...

done
Successly create configuration dir /usr/local/www/haiwen/ccnet.
Generating seafile configuration ...

Done.
done
Generating seahub configuration ...

----------------------------------------
Now creating ccnet database tables ...

----------------------------------------
----------------------------------------
Now creating seafile database tables ...

----------------------------------------
----------------------------------------
Now creating seahub database tables ...

----------------------------------------

creating seafile-server-latest symbolic link ...  done

-----------------------------------------------------------------
Your seafile server configuration has been finished successfully.
-----------------------------------------------------------------

run seafile server:     sysrc seafile_enable=YES
                        service seafile { start | stop | restart }
run seahub  server:     sysrc seahub_enable=YES
                        service seahub { start | stop | restart }
run reset-admin:        ./reset-admin.sh

-----------------------------------------------------------------
If you are behind a firewall, remember to allow input/output of these tcp ports:
-----------------------------------------------------------------

port of seafile fileserver:   8082
port of seahub:               8000

When problems occur, Refer to

        https://github.com/haiwen/seafile/wiki

for information.

cd /usr/local/www/haiwen/seafile-server ./setup-seafile-mysql.sh Checking python on this machine … Checking python module: python-mysqldb … Done. —————————————————————– This script will guide you to setup your seafile server using MySQL. Make sure you have read seafile server manual at https://github.com/haiwen/seafile/wiki Press ENTER to continue —————————————————————– What is the name of the server? It will be displayed on the client. 3 - 15 letters or digits [ server name ] sea-klotik What is the ip or domain of the server? For example: www.mycompany.com, 192.168.1.101 [ This server's ip or domain ] 10.215.130.23 Where do you want to put your seafile data? Please use a volume with enough free space [ default «/usr/local/www/haiwen/seafile-data» ] /mnt/sea/seafile-data Which port do you want to use for the seafile fileserver? [ default «8082» ] ——————————————————- Please choose a way to initialize seafile databases: ——————————————————- [1] Create new ccnet/seafile/seahub databases [2] Use existing ccnet/seafile/seahub databases [ 1 or 2 ] 1 What is the host of mysql server? [ default «localhost» ] 10.215.130.20 From which hosts could the mysql account be used? [ default «%» ] What is the port of mysql server? [ default «3306» ] What is the password of the mysql root user? [ root password ] Failed to connect to mysql server using user «root» and password «*»: Host '10.215.130.23' is not allowed to connect to this MySQL server MySQL сервер находится на другом компьютере, проверяю его доступность mysql -h 10.215.130.20 -u root -p Enter password: ERROR 1045 (28000): Access denied for user 'root'@'10.215.130.23' (using password: YES) Был закрыт доступ к MySQL по сети, открыл. What is the password of the mysql root user? [ root password ] verifying password of user root … done Enter the name for mysql user of seafile. It would be created if not exists. [ default «seafile» ] Enter the password for mysql user «seafile»: [ password for seafile ] Enter the database name for ccnet-server: [ default «ccnet-db» ] Enter the database name for seafile-server: [ default «seafile-db» ] Enter the database name for seahub: [ default «seahub-db» ] ——————————— This is your configuration ——————————— server name: sea-klotik server ip/domain: 10.215.130.23 seafile data dir: /mnt/sea/seafile-data fileserver port: 8082 database: create new ccnet database: ccnet-db seafile database: seafile-db seahub database: seahub-db database user: seafile ——————————— Press ENTER to continue, or Ctrl-C to abort ——————————— Error: Failed to grant permission of database ccnet-db: Access denied for user 'root'@'%' to database 'ccnet-db' Выполнение скрипта завершилось ошибкой. Подключаюсь к MySQL mysql -h 10.215.130.20 -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 287971 Server version: 5.7.25-log Source distribution Copyright © 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> status ————– mysql Ver 14.14 Distrib 5.7.26, for FreeBSD11.2 (amd64) using EditLine wrapper Connection id: 287971 Current database: Current user: root@10.215.130.23 SSL: Cipher in use is DHE-RSA-AES128-GCM-SHA256 Current pager: more Using outfile: '' Using delimiter: ; Server version: 5.7.25-log Source distribution Protocol version: 10 Connection: 10.215.130.20 via TCP/IP Server characterset: utf8mb4 Db characterset: utf8mb4 Client characterset: utf8 Conn. characterset: utf8 TCP port: 3306 Uptime: 142 days 1 hour 53 min 30 sec Threads: 8 Questions: 32713604 Slow queries: 11311 Opens: 2272 Flush tables: 1 Open tables: 1512 Queries per second avg: 2.664 ————– Проверяю как я вошел в систему mysql> SELECT USER(),CURRENT_USER(); +——————–+—————-+ | USER() | CURRENT_USER() | +——————–+—————-+ | root@10.215.130.23 | root@% | +——————–+—————-+ 1 row in set (0.00 sec) * USER () сообщает, как вы пытались пройти аутентификацию в MySQL * CURRENT_USER () сообщает, как вам разрешили проходить аутентификацию в MySQL Проверяю привилегии после входа в систему mysql> SHOW GRANTS; +——————————————-+ | Grants for root@% | +——————————————-+ | GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' | +——————————————-+ 1 row in set (0.00 sec) mysql> SELECT `User`, `Grant_priv` FROM `mysql`.`user` WHERE `User` = 'root'; +——+————+ | User | Grant_priv | +——+————+ | root | Y | | root | N | +——+————+ 2 rows in set (0.00 sec) В какой то момент в MySQL появился второй root пониженными правами. Делаю. UPDATE `mysql`.`user` SET `Grant_priv` = 'Y' WHERE `User` = 'root'; Query OK, 1 row affected (0.03 sec) Rows matched: 2 Changed: 1 Warnings: 0 FLUSH PRIVILEGES; Query OK, 0 rows affected (0.05 sec) mysql> SELECT `User`, `Grant_priv` FROM `mysql`.`user` WHERE `User` = 'root'; +——+————+ | User | Grant_priv | +——+————+ | root | Y | | root | Y | +——+————+ 2 rows in set (0.00 sec) quit Запускаю скрипт повторно ./setup-seafile-mysql.sh … ——————————— Press ENTER to continue, or Ctrl-C to abort ——————————— Generating ccnet configuration … done Successly create configuration dir /usr/local/www/haiwen/ccnet. Generating seafile configuration … Done. done Generating seahub configuration … —————————————- Now creating ccnet database tables … —————————————- —————————————- Now creating seafile database tables … —————————————- —————————————- Now creating seahub database tables … —————————————- creating seafile-server-latest symbolic link … done —————————————————————– Your seafile server configuration has been finished successfully. —————————————————————– run seafile server: sysrc seafile_enable=YES service seafile { start | stop | restart } run seahub server: sysrc seahub_enable=YES service seahub { start | stop | restart } run reset-admin: ./reset-admin.sh —————————————————————– If you are behind a firewall, remember to allow input/output of these tcp ports: —————————————————————– port of seafile fileserver: 8082 port of seahub: 8000 When problems occur, Refer to https://github.com/haiwen/seafile/wiki for information. </del> === Запуск сервера === В /etc/rc.conf добавляю строки seafile_enable=YES seahub_enable=YES Запускаю сервер service seafile start [08/19/19 01:48:16] ../common/session.c(132): using config file /usr/local/www/haiwen/conf/ccnet.conf Starting seafile server, please wait … Message: 01:48:16.751: seafile-controller.c(775): No seafevents. Seafile server started service seahub start LANG is not set in ENV, set to en_US.UTF-8 LC_ALL is not set in ENV, set to en_US.UTF-8 Starting seahub at port 8000 … Seahub is started Создаю административный аккаунт. В папке /usr/local/www/haiwen/seafile-server запускаю скрипт ./reset-admin.sh E-mail address: alex@klotik.ru Password: Password (again): Superuser created successfully. Проверяю работу pgrep -f seafile-controller 11451 pgrep -f seahub 26308 26253 25676 25359 25121 22270 Сервер доступен по адресу 10.215.130.23:8000 ==== Seahub с Nginx ==== Seahub - это веб-интерфейс сервера Seafile. FileServer используется для обработки загрузки/выгрузки необработанных файлов через браузеры. По умолчанию он прослушивает порт 8082 для HTTP-запросов. Настройка Seahub и FileServer с обратным прокси с использованием Nginx. cat nginx.conf #user nobody; worker_processes 1; # This default error log path is compiled-in to make sure configuration parsing # errors are logged somewhere, especially during unattended boot when stderr # isn't normally logged anywhere. This path will be touched on every nginx # start regardless of error log location configured here. See # https://trac.nginx.org/nginx/ticket/147 for more info. # #error_log /var/log/nginx/error.log; # #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] «$request» ' # '$status $body_bytes_sent «$http_referer» ' # '«$http_user_agent» «$http_x_forwarded_for»'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name klotik.ru; proxy_set_header X-Forwarded-For $remote_addr; location / { proxy_pass http://127.0.0.1:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; proxy_read_timeout 1200s; # used for view/edit office file via Office Online Server client_max_body_size 0; access_log /var/log/nginx/seahub.access.log; error_log /var/log/nginx/seahub.error.log; } location /seafhttp { rewrite ^/seafhttp(.*)$ $1 break; proxy_pass http://127.0.0.1:8082; client_max_body_size 0; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 36000s; proxy_read_timeout 36000s; proxy_send_timeout 36000s; send_timeout 36000s; access_log /var/log/nginx/seafhttp.access.log; error_log /var/log/nginx/seafhttp.error.log; } location /media { root /usr/local/www/haiwen/seafile-server-latest/seahub; } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} } ==== Включение Https с Nginx ==== Для получения действительного сертификата от Let's Encrypt можно использовать клиент Certbot ACME. Для установки Certbot из портов, выполняю команды cd /usr/ports/security/py-certbot && make install clean cd /usr/ports/security/py-certbot-nginx && make install clean Для получения сертификата certbot –nginx -d seafile.klotik.ru -d www.seafile.klotik.ru Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Obtaining a new certificate Performing the following challenges: http-01 challenge for www.seafile.klotik.ru Using default address 80 for authentication. Waiting for verification… Cleaning up challenges Deploying Certificate to VirtualHost /usr/local/etc/nginx/nginx.conf Could not automatically find a matching server block for www.seafile.klotik.ru. Set the `server_name` directive to use the Nginx installer. IMPORTANT NOTES: - Unable to install the certificate - Congratulations! Your certificate and chain have been saved at: /usr/local/etc/letsencrypt/live/seafile.klotik.ru/fullchain.pem Your key file has been saved at: /usr/local/etc/letsencrypt/live/seafile.klotik.ru/privkey.pem Your cert will expire on 2019-11-19. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the «certonly» option. To non-interactively renew *all* of your certificates, run «certbot renew» Изменяю файл конфигурации Nginx /usr/local/etc/nginx/nginx.conf cat nginx.conf #user nobody; worker_processes 1; # This default error log path is compiled-in to make sure configuration parsing # errors are logged somewhere, especially during unattended boot when stderr # isn't normally logged anywhere. This path will be touched on every nginx # start regardless of error log location configured here. See # https://trac.nginx.org/nginx/ticket/147 for more info. # #error_log /var/log/nginx/error.log; # #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] «$request» ' # '$status $body_bytes_sent «$http_referer» ' # '«$http_user_agent» «$http_x_forwarded_for»'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name seafile.klotik.ru; rewrite ^ https:$http_host$request_uri? permanent; # force redirect http to https # Enables or disables emitting nginx version on error pages and in the «Server» response header field. server_tokens off; } server { listen 443 ssl; ssl_certificate /usr/local/etc/letsencrypt/live/klotik.ru/fullchain.pem; ssl_certificate_key /usr/local/etc/letsencrypt/live/klotik.ru/privkey.pem; server_name seafile.klotik.ru; ssl_session_timeout 5m; ssl_session_cache shared:SSL:5m; # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits ssl_dhparam /usr/local/etc/nginx/dhparam.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS'; ssl_prefer_server_ciphers on; proxy_set_header X-Forwarded-For $remote_addr; add_header Strict-Transport-Security «max-age=31536000; includeSubDomains»; server_tokens off; location / { proxy_pass http://127.0.0.1:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Proto https; access_log /var/log/nginx/seahub.access.log; error_log /var/log/nginx/seahub.error.log; proxy_read_timeout 1200s; client_max_body_size 0; } location /seafhttp { rewrite ^/seafhttp(.*)$ $1 break; proxy_pass http://127.0.0.1:8082; client_max_body_size 0; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 36000s; proxy_read_timeout 36000s; proxy_send_timeout 36000s; send_timeout 36000s; } location /media { root /usr/local/www/haiwen/seafile-server-latest/seahub; } } } Перезапускаю сервер service nginx restart Поскольку я изменил с http на https, нужно изменить настройки Seafile service seafile stop service seahub stop == ccnet conf == Нужно изменить значение SERVICE_URL в ccnet.conf. Можно изменить SERVICE_URL через веб-интерфейс в «Системный администратор→ Настройки». ( Настройка через веб-интерфейс имеет приоритет.) SERVICE_URL = https://seafile.example.com == seahub_settings.py == В seahub_settings.py, нужно добавить строку чтобы установить значение FILE_SERVER_ROOT. Можно изменить FILE_SERVER_ROOT через веб-интерфейс в «Системный администратор→ Настройки». ( Настройка через веб-интерфейс имеет приоритет.) FILE_SERVER_ROOT = 'https://seafile.example.com/seafhttp' == Конфигурацию Seafile == Нужно обновить конфигурацию файлового сервера seafile, в [fileserver] разделе файла seafile.conf на локальный ip 127.0.0.1 [fileserver] # bind address for fileserver # default to 0.0.0.0, if deployed without proxy: no access restriction # set to 127.0.0.1, if used with local proxy: only access by local host = 127.0.0.1 Стартую Seafile service seafile start service seahub start Для проверки сайта можно воспользоваться https://www.ssllabs.com ==== Проверка и настройка автообновления Certbot ==== Сертификаты Let's Encrypt действительны только в течение девяноста дней. Обновлять сертификаты удобно с помощью cronзадач. Перед настройкой автоматического обновления проверяю продление сертификата. certbot renew –dry-run Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /usr/local/etc/letsencrypt/renewal/klotik.ru.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert not due for renewal, but simulating renewal for dry run Plugins selected: Authenticator nginx, Installer nginx Renewing an existing certificate Performing the following challenges: http-01 challenge for klotik.ru http-01 challenge for www.klotik.ru Using default address 80 for authentication. Using default address 80 for authentication. Waiting for verification… Cleaning up challenges - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - new certificate deployed with reload of nginx server; fullchain is /usr/local/etc/letsencrypt/live/klotik.ru/fullchain.pem - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /usr/local/etc/letsencrypt/renewal/seafile.klotik.ru.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert not due for renewal, but simulating renewal for dry run Plugins selected: Authenticator nginx, Installer nginx Renewing an existing certificate Performing the following challenges: http-01 challenge for seafile.klotik.ru http-01 challenge for www.seafile.klotik.ru Using default address 80 for authentication. Waiting for verification… Cleaning up challenges - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - new certificate deployed with reload of nginx server; fullchain is /usr/local/etc/letsencrypt/live/seafile.klotik.ru/fullchain.pem - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - DRY RUN: simulating 'certbot renew' close to cert expiry (The test certificates below have not been saved.) Congratulations, all renewals succeeded. The following certs have been renewed: /usr/local/etc/letsencrypt/live/klotik.ru/fullchain.pem (success) /usr/local/etc/letsencrypt/live/seafile.klotik.ru/fullchain.pem (success) DRY RUN: simulating 'certbot renew' close to cert expiry (The test certificates above have not been saved.) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Your account credentials have been saved in your Certbot configuration directory at /usr/local/etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. Если нет ошибок, в crontab добавляю строку 0 0,12 * * * root /usr/local/bin/certbot renew и добавляю путь :/usr/local/bin/ Если процесс автоматического обновления когда-нибудь не удастся, Let's Encrypt отправит сообщение на указанный адрес электронной почты, предупреждая, когда срок действия вашего сертификата истекает. Ссылки:
https://manual.seafile.com/deploy/using_mysql.html
https://manual.seafile.com/deploy/https_with_nginx.html
https://manual.seafile.com/deploy/deploy_with_apache.html
https://xakep.ru/2014/10/08/own-dropbox
https://books.google.ru/books?id=pKDKCQAAQBAJ&pg=PA121&lpg=PA121&dq=%D0%BE%D1%82%D1%81%D1%83%D1%82%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82+setup-seafile.sh&source=bl&ots=bwTpVEDhz9&sig=KlbAcu2hMaHSlfdhwGlUDYLWocY&hl=ru&sa=X&ved=0ahUKEwiO4pmnyZHQAhXE3iwKHSKdCycQ6AEIKTAC#v=onepage&q=%D0%BE%D1%82%D1%81%D1%83%D1%82%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%20setup-seafile.sh&f=false
https://www.freshports.org/net-mgmt/seafile-server
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-letsencrypt-freebsd
https://zen.yandex.ru/media/id/5cd02303ac1ad900b3c6a564/seafile-server-702-dlia-linux-5d0e300bdc3c7c00b0d62ee5
https://www.8host.com/blog/sinxronizaciya-i-sovmestnoe-ispolzovanie-fajlov-s-pomoshhyu-seafile-v-debian-9
https://zaraev.blogspot.com/2015/12/seafile-debian-dropbox.html