Authorhenrypoon

Installing Seafile with Docker and Apache 2

Seafile is an open source file sharing software that allows its users to setup their own cloud storage at home. Think Dropbox, but self-hosted.

This post is about deploying an instance of Seafile using Docker on a non-standard port (i.e. not 80 and 443). The reason to deploy the app on a non-standard port is usually because there is already another webserver running on that port (in my case Apache 2). In such scenarios, it is necessary to set up a reverse proxy so the Seafile port can be exposed by Apache on ports 80/443. Under typical circumstances, deploying Seafile on a standard port would mean that the app would host itself without the need for Apache 2 at all. This post also assumes Ubuntu 16.04 as the operating system, but in theory should apply to other Linux OS’s.

The process can be split into multiple parts:

  1. Setup Docker
  2. Deploy Seafile
  3. Configure Apache 2
  4. Setup systemd
  5. Setup e-mail (optional)
  6. Backing up the image
  7. Troubleshooting

Setup Docker

This guide won’t go into depth on how to setup Docker, but rather the setup guide and more information about what Docker is can be found here: https://docs.docker.com/get-started/

Deploy Seafile

The key page in the Seafile documentation for deploying Seafile within Docker can be found here: https://manual.seafile.com/deploy/deploy_with_docker.html. The command I used is as follows:

docker run -d --name seafile \
  -e SEAFILE_SERVER_HOSTNAME=seafile.example.com \
  -e SEAFILE_ADMIN_EMAIL=me@example.com \
  -e SEAFILE_ADMIN_PASSWORD=a_very_secret_password \
  -v /opt/seafile-data:/shared \
  -p 8000:80 \
  seafileltd/seafile:latest

I recommend setting up Seafile with an actual secret password because it’s not easy to change once it’s set up.

Note that the port argument shows 8000:80. It means that Docker will use the host port 8000 and the container will use port 80 – meaning that using Docker will interpret requests from my host OS on port 8000 as requests on port 80 in the container. 8000 was used on my setup because port 80 was already used.

Once the command is executed, the necessary files will be downloaded and the container will start and will be accessible on port 8000.

There is also an option to setup Seafile with an SSL cert from Let’s Encrypt, but I didn’t do this because I already had a cert that I wanted to reuse.

Once the server is up, navigate to https://seafile.example.com/sys/settings/ and change SERVICE_URL and FILE_SERVER_URL to match your domain name.

Configure Apache 2

Adding a reverse proxy on Apache 2 will allow Apache 2 to route requests to port 8000, which will go to port 80 in the container. The main reference for this section is this: https://manual.seafile.com/deploy/deploy_seahub_at_non-root_domain.html. This is done by adding a new site to Apache 2. The following configuration assumes that a LetsEncrypt SSL certificate is used.

cd /etc/apache2/sites-available
sudo nano seafile.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerName seafile.example.com
        ServerAdmin me@example.com

        RewriteEngine On

        # ModSecurity does not process requests.  There is a hard limit of 1 GB
        # with ModSecurity.
        SecRuleEngine Off

        # Whitelist internal IPs for mod_evasive
        DOSWhitelist 192.168.1.*

        <Location /media>
                Require all granted
        </Location>

        # Stuff for seafile server
        ProxyPass /seafhttp http://127.0.0.1:8082
        ProxyPassReverse /seafhttp http://127.0.0.1:8082
        RewriteRule ^/seafhttp - [QSA,L]

        # Stuff for seahub
        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
        ProxyPreserveHost On
        ProxyPass / http://127.0.0.1:8000/
        ProxyPassReverse / http://127.0.0.1:8000/

        ErrorLog ${APACHE_LOG_DIR}/seafile_error.log
        CustomLog ${APACHE_LOG_DIR}/seafile_access.log combined

        Include /etc/letsencrypt/options-ssl-apache.conf

        SSLCertificateFile /path/to/cert/file.pem
        SSLCertificateKeyFile /path/to/cert/key/file.pem
</VirtualHost>
</IfModule>

I’ve added my local domain to the whitelist so that mod_evasive doesn’t think my local host is a threat.

There are two sets of ProxyPass and ProxyPassReverse lines. The reason for this is that Seafile is split up into Seahub and Seafile, where one uses port 8082 (by default), while the other uses 8000. These two lines are essentially what allows Apache to read requests from port 443 and pass them on to the container.

Once the file is saved, execute the following

sudo a2ensite seafile.conf
sudo service apache2 reload

Navigating to the site at the Apache 2 defined port should now load Seafile without having to go to port 8000.

Setup systemd

systemd allows the Docker container to be started up on boot, and be controlled like this:

sudo service seafile start/stop/restart

The configuration is as follows:

sudo nano /etc/systemd/system/seafile.service
[Unit]
Description=Seafile Server
After=network.target mysql.service

[Service]
Type=oneshot
ExecStart=/usr/bin/docker container start seafile
ExecStop=/usr/bin/docker container stop seafile
ExecReload=/usr/bin/docker container restart seafile
RemainAfterExit=yes
User=root
Group=root

[Install]
WantedBy=multi-user.target

Once the configuration is saved, shut off the existing running instance of Seafile and then let systemd start it up for you.

sudo systemctl daemon-reload
sudo service seafile start

At this point, Seafile should start automatically on boot, with Apache 2 doing a reverse proxy to the true Seafile port.

Setup e-mail (optional)

Optionally, Seafile can be configured to send e-mails. The reference is here: https://manual.seafile.com/config/sending_email.html. The config file should be under:

/opt/seafile-data/seafile/conf/seahub_settings.py

I happen to be using Gmail SMTP, so at the end of the file I’ve added

EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_HOST_USER = 'me@example.com'
EMAIL_HOST_PASSWORD = 'password'
EMAIL_PORT = 587
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
SERVER_EMAIL = EMAIL_HOST_USER

Backing up the image

After setting everything up, you’ll probably want to backup the Docker image. First, print out the list of running containers

sudo docker ps

Then take a snapshot of the current running state:

docker commit -p  

Running this command lists all the images and should show this newly saved image:

sudo docker images

I don’t have a private docker repository, so I saved the image to the disk and backed up the file by doing the below. Just make sure to actually move the image to an actual backup location.

sudo docker save -o /.tar 

The image should be backed up now. To restore the image, it’s a matter of running this:

sudo docker load -i 

Listing the images as above should show that the image was successfully loaded. Running this starts it back up again.

sudo docker run 

Troubleshooting

Seafile logs can be helpful if it doesn’t start up correctly. These can be found at:

/opt/seafile-data/logs/seafile

There may be a need to ssh into the Docker container. The command for that is:

sudo docker exec -it seafile /bin/bash

A day in Bali – the villa, the beach, and the food

After just about a week of travel, we were pretty exhausted. Bali was a really welcome change. We could just literally do nothing and relax.

All of this was a part of our villa. I’ve never had such nice accommodations.

We got to try some Indonesian Roti. Each dish was like a dollar!! We watched the staff at the restaurant tossing and spinning the dough and everything. They have plain roti, roti with sausage, cheese, onions, or even dessert roti!

Warung Bunana

Getting around is pretty easy with the many taxis around or even a motorbike rental. I’ve read that there have been altercations between taxi drivers and Grab drivers, but I didn’t experience that while I was there, except for some areas clearly marked as not Grab friendly. There aren’t a lot of gas stations around, but a lot of stores fill up petrol in vodka bottles and sell them.

This section of the beach was part of a restaurant/bar/resort called Ku De Ta, and people could just sit back and enjoy a drink or two (cigars are on the menu too!) while enjoying the beach. Locals own the chairs on the beach and charge people to sit on them.

The waves were a bit strong for actual swimming though

We couldn’t chill on this beach, but we did have a pool in our villa! Mike made an amazing video tour of the villa in his video below!

I spent my time in the pool learning how to swim (at this point, I didn’t even know how to float). I started off being super uncomfortable even leaning back to float, and was really frustrated at not being able to do basic actions on the water. I looked up YouTube videos on how to float and tread water and eventually figured it out! We basically stayed in the pool until we got hungry for dinner – this time to try local seafood. Mike, if you’re reading this, you missed out by not recording this part.

Warung 24/7 has an option on the menu that serves a variety of barbecued seafood and it’s amazing – highly recommended for seafood lovers

After the meal, we went back in the pool. I practiced some more, and when I got tired, I floated on my back and gazed at the stars.

I was disappointed to leave this amazing villa, but alas, all good things must come to an end. The next day, we took the plane and flew back home, where we resumed our regular lives.

For my photos of Bali, click here.

Luwak coffee, getting attacked by a monkey, and pouring rain in Ubud, Bali

Aside from tropical beaches in Bali, there’s quite a bit to do inland in Ubud. We hired Enrico, a driver/tour guide who spoke super good English and he was around our age so it was super easy chat with him. The first destination he took us to was a coffee plantation (I never knew what a coffee plant looked like before this!), where they had luwak coffee and a slew of different coffees and teas for us to try.

The luwak coffee is at the top, and each of the other coffees/teas are labeled here. There’s even durian coffee!

The luwak coffee has no added milk or sugar and is sweet on its own. It tastes like regular black coffee with sugar in it, but then I’m not a coffee drinker, so my taste for it isn’t as nuanced.

The luwak eats the coffee cherry (the fruit that contains the coffee bean), and. The bean itself is partially digested and defecated and then used to make the coffee. Yes, the coffee is actually made from part poop. Plantations send people out into the woods to specifically look for the poop. The guide said 1 kg takes 42 days to produce.

It’s one of the most expensive if not most expensive coffees in the world. Our guide at the plantation called it a “cat-poo-ccino”!! The plantation doesn’t actually charge for any of the tours and samples (except for the cup of luwak coffee), but rather they rely on people buying coffee and tea to make money.

They’re nocturnal, and our guide at the plantation tried to wake the poor guy up

The next stop was the monkey forest. It was really cool to see monkeys running around with humans so close to them.

They literally just sit in front of you, forcing you to walk around them

There was a sign that said to not stare at the monkey for too long, but I clearly forgot…

Here’s a fun YouTube clip of it: https://youtu.be/dANaZnrgZv0

Monkeys like to play too!

The monkey forest was the coolest place in the whole tour. Mike’s video has even more clips of the monkeys. Check it out below.

The next stop were some rice fields. But a freak rainstorm occurred and cut that way short. At first we thought, it’d be okay with a little, but then it just poured.

The raindrops were HUGE.

We’ve now gotten rained on in every single destination we went to on our trip

15 minutes later, the rain was gone. A bit of a drive later, we reached a waterfall as the conclusion of the tour.

From there we drove back to our accommodations and passed by some more rice fields. Throughout the car ride, we chatted with our guide about sorts of things like the history of Indonesian independence, North American culture, and life in Indonesia. One thing that really stood out to me was that he spoke very fondly about how dad prepared dog meat really and how much he enjoyed eating it. To him, it’s something super normal and part of the culture, but it seems so foreign to us in North America.

This ends our day trip in Ubud. See more of the trip here.

A brief layover in Kuala Lumpur

The next destination after Chiang Mai was Kuala Lumpur in Malaysia. We boarded the flight to KL early in the morning and our flight was scheduled to leave KL to Bali at night – this would give us a solid couple of hours for sightseeing.

Apparently this is a restaurant. How did that get that there?

The flight was to arrive in Kuala Lumpur at around 13:00 and we would depart for Bali at 21:50. Arriving at 13:00, we should have been able to arrive in the city via Grab between 14:30 – 15:00, but it took at least an hour at the immigration line so we didn’t get to the city until after 16:00. This would leave us around 5 hours in Kuala Lumpur, which is not great, but not terrible.

We had only eaten breakfast, so by this time, we were starving. So we went to Lot 10. Everything looks super good, but in actually only tasted okay. I thought it’d be on par with my trip to Singapore.

Clockwise from top left: fish head noodle soup, egg custard buns, spicy noodle soup with fish, fish cake, meatballs, etc., hainan chicken rice with cha siu

Next, we visited a nearby street market. The market reminded me a lot of Singapore – similar food options (bak kut teh, chili crab, stingray, etc.), which makes sense since Singapore used to be a part of Malaysia.

Our next destination was the iconic Petronas Twin Towers, but all of a sudden out of nowhere, it started pouring with thunder and lightning. At first the thunder was a few kilometers away judging but how long it took to hear the sound, but not long after it was right on top of us.

Just a little bit of rain, nothing to worry about

We got on a Grab to head over there, but the sudden rainstorm brought traffic to a complete stop and it was barely moving. After being in the car for 30 mins and having gone less than a kilometer, the driver advised that we head to the airport directly as there wouldn’t be enough time to hit up the twin towers and make our flight. We reluctantly agreed.

During the car ride, I chatted with the driver about living in Kuala Lumpur. The driver was Cantonese in enthnicity but was born and raised in Kuala Lumpur, which I didn’t expect at all. I had forgotten about how stuck we were in traffic while chatting with the driver (at one point the driver took a bathroom break and left the keys in the ignition).

Eventually, I looked on Google Maps, and saw there was no way we’d make it to the airport by car. We decided to get dropped off at the metro station in the pouring rain and we’d take public transit the rest of the way. Check it out in Mike’s video (the raining part starts at ~5:10).

That was pretty much our trip to Kuala Lumpur. After a big delay at the airport and the freak rainstorm, we really only had 3 hours in the city to do stuff, which was too bad. See the rest of the photos here.

Chiang Mai food

I’ve already talked about the live shrimp and the bugs, so this food post is going to have normal stuff.

The first stop is a food market not far from where we stayed. The curry dish isn’t as spicy as it looks and is very flavourful. The beef noodles is pretty similar to pho, but with their Thai spin on it with the herbs that they use. I’d say it had a bit more umami than the typical pho. The Pad Thai I thought wasn’t as flavourful as I liked, and was actually kind of plain. The other two dishes are highly recommended though!

Clockwise from top left: panang curry, pad thai, beef noodles
https://goo.gl/maps/UEaeswTuJGpKNCeDA

As far as fruit smoothies go, the fruit seemed to be so much more flavourful. I know that with bananas they are harvested before they’re riped so they can last for a few weeks as they are transported, so it’s possible the same thing is happening with these fruits. But since these fruits are local, they get to fully ripen on the tree.

I also saw them add a little bit of salt to enhance the existing sweetness and acidity of the smoothies. It made it perfectly sweet, without being overpowering.

From left to right: pineapple, mango, and honey queen orange

Next is probably the most famous dish in northern Thailand: Khao Soi. It’s a noodle dish with soft noodles in the soup and deep fried noodles on top. The soup itself can vary in spiciness, but is made of a curry-like sauce with meat, chilis, lime, and coconut milk.

The main attraction about this dish for me is the spiciness of the soup. It isn’t just a big spicy attack on the senses, but rather it’s nuanced because it’s balanced by the coconut milk.

https://goo.gl/maps/XSJwL5seVhNWdPRA9

Last but not least, we had some tom yum, yellow curry, and morning glory. This place is an actual restaurant with western style ambience, so naturally there was a price premium to that.

It’s kind of difficult to comment on how the yellow curry and tom yum tasted because it was way too spicy for our senses. I definitely tasted the spiciness and sourness of the soup, but the spiciness overpowered me quickly. The best by far as the morning glory. I just really like leafy greens with crunchy stems. The chilis added gave it a slight zing.

From left to right: yellow curry, tom yum, morning glory, pad thai

As usual, Mike has made a video!

The food I miss most is definitely the fruit smoothies. When I came back home, I had constant cravings for those smoothies for weeks. To see the other parts of my trip in Chiang Mai, click here.

© 2019 Henry Poon's Blog

Theme by Anders NorénUp ↑