Differences

This shows you the differences between two versions of the page.

--- freebsd:seafile_with_apache_https [2019/02/22 11:08]
tschulz
+++ freebsd:seafile_with_apache_https [2019/02/22 11:49]
tschulz
@@ Line 16: / Line 16: @@
   * Make sure you set your DNS s the **LetsEncyrpt** can find your server by the hostname you set.
+===== Install Seafile Packges =====
+  * This one is pretty easy just run:<file bash>
+pkg install seafile-server seahub
+</file>
+===== Configure Seafile =====
+  - In our case, we are going to use SQLite so we will run the script **"/usr/local/www/haiwen/seafile-server-latest/setup-seafile.sh"**<file bash>
+/usr/local/www/haiwen/seafile-server-latest/setup-seafile.sh
+</file>
+  - Next run "/usr/local/www/haiwen/seafile-server-latest/reset-admin.sh" to setup the inital admin user<file bash>
+/usr/local/www/haiwen/seafile-server-latest/reset-admin.sh
+E-mail address: changeme@change.me
+Password:
+Password (again):
+Superuser created successfully.
+</file>
+===== Obtaining LetsEncyrpt Certificates  =====
+  * Install Certbot<file bash>pkg install py27-certbot
+</file>
+  * At the time of writing this article the certbot apache module was not working so, we will be using certonly mode.  Be sure to change "**<FQDN>**" and "**<EMAIL>**"<file>certbot certonly --standalone -d <FQDN> --agree-tos -m <EMAIL>
+</file>
+  * This will install your certificates to **/usr/local/etc/letsencrypt/live/<FQDN>/**
+  * Be Sure the directory has **fullchain.pem** and **privkey.pem**.
+===== Apache Setup =====
+  * Apache install<file>
+pkg install apache24
+</file>
+  * setup Seafile Virtual HTTPS host. Create the file **/usr/local/etc/apache24/Includes/seafile_ssl.conf** and enther the following:<file apache>LoadModule proxy_module libexec/apache24/mod_proxy.so
+LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
+LoadModule proxy_http2_module libexec/apache24/mod_proxy_http2.so
+LoadModule rewrite_module libexec/apache24/mod_rewrite.so
+ServerName <FQDN>
+LoadModule ssl_module libexec/apache24/mod_ssl.so
+LoadModule socache_shmcb_module libexec/apache24/mod_socache_shmcb.so
+Listen 443
+SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
+SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
+SSLHonorCipherOrder on
+SSLProtocol all -SSLv3
+SSLProxyProtocol all -SSLv3
+SSLPassPhraseDialog  builtin
+SSLSessionCache        "shmcb:/var/run/ssl_scache(512000)"
+SSLSessionCacheTimeout  300
+<VirtualHost _default_:443>
+DocumentRoot "/usr/local/www"
+Alias /media  /usr/local/www/haiwen/seafile-server-latest/seahub/media
+RewriteEngine On
+<Location /media>
+        Require all granted
+</Location>
+ProxyPass /seafhttp http://127.0.0.1:8082
+ProxyPassReverse /seafhttp http://127.0.0.1:8082
+RewriteRule ^/seafhttp - [QSA,L]
+SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
+ProxyPreserveHost On
+ProxyPass / http://127.0.0.1:8000/
+ProxyPassReverse / http://127.0.0.1:8000/
+SSLEngine on
+SSLCertificateFile "/usr/local/etc/letsencrypt/live/<FQDN>/fullchain.pem"
+SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/<FQDN>/privkey.pem"
+<FilesMatch "\.(cgi|shtml|phtml|php)$">
+    SSLOptions +StdEnvVars
+</FilesMatch>
+BrowserMatch "MSIE [2-5]" \
+         nokeepalive ssl-unclean-shutdown \
+         downgrade-1.0 force-response-1.0
+</VirtualHost>
+</file>
+  * Be sure to change **<FQDN>** at **ServerName**, **SSLCertificateFile**, and **SSLCertificateKeyFile**.
+  * Change **"SERVICE_URL"** in **/usr/local/www/haiwen/conf/ccnet.conf**<file bash /usr/local/www/haiwen/conf/ccnet.conf>
+...
+SERVICE_URL = https://<FQDN>
+...
+</file>
+  * Add **"FILE_SERVER_ROOT"** to **"/usr/local/www/haiwen/conf/seahub_settings.py"**<file python /usr/local/www/haiwen/conf/seahub_settings.py>
+...
+FILE_SERVER_ROOT = 'https://<FQDN>/seafhttp'
+...
+</file>

ISD 820 Knowledge Base

User Tools

Site Tools

Differences

Page Tools