aboutsummaryrefslogtreecommitdiff
path: root/app/seafile/build
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2021-01-16 17:07:01 +0100
committerAlex Auvolat <alex@adnab.me>2021-01-16 17:07:01 +0100
commitc74dc92febd1841c8ea5ff31caab0f941d57527d (patch)
treed05a203d95cac988952799667ec43c327a5d9038 /app/seafile/build
parent0c4ee40e01c95d7bf73236cbead5cc261f67eb9d (diff)
downloadinfrastructure-c74dc92febd1841c8ea5ff31caab0f941d57527d.tar.gz
infrastructure-c74dc92febd1841c8ea5ff31caab0f941d57527d.zip
Proposal: reorganize app/ folder by modules
Diffstat (limited to 'app/seafile/build')
-rw-r--r--app/seafile/build/mariadb/60-disable-dialog.cnf3
-rw-r--r--app/seafile/build/mariadb/60-ldap.cnf3
-rw-r--r--app/seafile/build/mariadb/60-remote.cnf2
-rw-r--r--app/seafile/build/mariadb/Dockerfile14
-rw-r--r--app/seafile/build/mariadb/README.md19
-rwxr-xr-xapp/seafile/build/mariadb/entrypoint.sh50
-rw-r--r--app/seafile/build/mariadb/nsswitch.conf21
-rw-r--r--app/seafile/build/mariadb/pam-mariadb2
-rw-r--r--app/seafile/build/seafile/Dockerfile46
-rw-r--r--app/seafile/build/seafile/README.md27
-rwxr-xr-xapp/seafile/build/seafile/seadocker4
-rwxr-xr-xapp/seafile/build/seafile/seaenv7
12 files changed, 198 insertions, 0 deletions
diff --git a/app/seafile/build/mariadb/60-disable-dialog.cnf b/app/seafile/build/mariadb/60-disable-dialog.cnf
new file mode 100644
index 0000000..d41731a
--- /dev/null
+++ b/app/seafile/build/mariadb/60-disable-dialog.cnf
@@ -0,0 +1,3 @@
+[mariadb]
+pam_use_cleartext_plugin
+bind-address = 0.0.0.0
diff --git a/app/seafile/build/mariadb/60-ldap.cnf b/app/seafile/build/mariadb/60-ldap.cnf
new file mode 100644
index 0000000..72ffb9f
--- /dev/null
+++ b/app/seafile/build/mariadb/60-ldap.cnf
@@ -0,0 +1,3 @@
+[mariadb]
+plugin-load=auth_pam.so
+
diff --git a/app/seafile/build/mariadb/60-remote.cnf b/app/seafile/build/mariadb/60-remote.cnf
new file mode 100644
index 0000000..acf8f9b
--- /dev/null
+++ b/app/seafile/build/mariadb/60-remote.cnf
@@ -0,0 +1,2 @@
+[mysqld]
+bind-address = *
diff --git a/app/seafile/build/mariadb/Dockerfile b/app/seafile/build/mariadb/Dockerfile
new file mode 100644
index 0000000..15ef954
--- /dev/null
+++ b/app/seafile/build/mariadb/Dockerfile
@@ -0,0 +1,14 @@
+FROM debian:stretch
+
+RUN apt-get update && \
+ apt-get dist-upgrade -y && \
+ DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server mariadb-client libnss-ldapd
+
+COPY 60-ldap.cnf /etc/mysql/mariadb.conf.d/60-ldap.cnf
+COPY 60-remote.cnf /etc/mysql/mariadb.conf.d/60-remote.cnf
+COPY 60-disable-dialog.cnf /etc/mysql/mariadb.conf.d/60-disable-dialog.cnf
+COPY pam-mariadb /etc/pam.d/mariadb
+COPY nsswitch.conf /etc/nsswitch.conf
+COPY entrypoint.sh /usr/local/bin/entrypoint
+
+ENTRYPOINT ["/usr/local/bin/entrypoint"]
diff --git a/app/seafile/build/mariadb/README.md b/app/seafile/build/mariadb/README.md
new file mode 100644
index 0000000..1a3b8aa
--- /dev/null
+++ b/app/seafile/build/mariadb/README.md
@@ -0,0 +1,19 @@
+```
+sudo docker build -t superboum/amd64_mariadb:v3 .
+
+sudo docker run \
+ -t -i \
+ -p 3306:3306 \
+ -v /tmp/mysql:/var/lib/mysql \
+ -e LDAP_URI='ldap://bottin.service.2.cluster.deuxfleurs.fr' \
+ -e LDAP_BASE='ou=users,dc=deuxfleurs,dc=fr' \
+ -e LDAP_VERSION=3 \
+ -e LDAP_BIND_DN='cn=admin,dc=deuxfleurs,dc=fr' \
+ -e LDAP_BIND_PW='xxxx' \
+ -e MYSQL_PASSWORD='xxxx' \
+ superboum/amd64_mariadb:v1 \
+ tail -f /var/log/mysql/error.log
+
+CREATE USER quentin@localhost IDENTIFIED VIA pam USING 'mariadb';
+
+```
diff --git a/app/seafile/build/mariadb/entrypoint.sh b/app/seafile/build/mariadb/entrypoint.sh
new file mode 100755
index 0000000..7ebf049
--- /dev/null
+++ b/app/seafile/build/mariadb/entrypoint.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+
+set -e
+
+cat > /etc/nslcd.conf <<EOF
+# /etc/nslcd.conf
+# nslcd configuration file. See nslcd.conf(5)
+# for details.
+
+# The user and group nslcd should run as.
+uid nslcd
+gid nslcd
+
+# The location at which the LDAP server(s) should be reachable.
+uri ${LDAP_URI}
+
+# The search base that will be used for all queries.
+base ${LDAP_BASE}
+
+# The LDAP protocol version to use.
+ldap_version ${LDAP_VERSION}
+
+# The DN to bind with for normal lookups.
+binddn ${LDAP_BIND_DN}
+bindpw ${LDAP_BIND_PW}
+
+# The DN used for password modifications by root.
+#rootpwmoddn cn=admin,dc=example,dc=com
+
+# SSL options
+#ssl off
+#tls_reqcert never
+tls_cacertfile /etc/ssl/certs/ca-certificates.crt
+
+# The search scope.
+#scope sub
+EOF
+
+/usr/sbin/nslcd
+
+chown mysql:mysql /var/lib/mysql
+[ -z "$(ls -A /var/lib/mysql)" ] && mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
+
+/usr/bin/mysqld_safe &
+
+until ls /var/run/mysqld/mysqld.sock; do sleep 1; done
+/usr/bin/mysqladmin -u root password ${MYSQL_PASSWORD} || true
+
+exec "$@"
+
diff --git a/app/seafile/build/mariadb/nsswitch.conf b/app/seafile/build/mariadb/nsswitch.conf
new file mode 100644
index 0000000..853348e
--- /dev/null
+++ b/app/seafile/build/mariadb/nsswitch.conf
@@ -0,0 +1,21 @@
+# /etc/nsswitch.conf
+#
+# Example configuration of GNU Name Service Switch functionality.
+# If you have the `glibc-doc-reference' and `info' packages installed, try:
+# `info libc "Name Service Switch"' for information about this file.
+
+passwd: files ldap
+group: files ldap
+shadow: files ldap
+gshadow: files
+
+hosts: files dns
+networks: files
+
+protocols: db files
+services: db files
+ethers: db files
+rpc: db files
+
+netgroup: nis
+
diff --git a/app/seafile/build/mariadb/pam-mariadb b/app/seafile/build/mariadb/pam-mariadb
new file mode 100644
index 0000000..e1bb814
--- /dev/null
+++ b/app/seafile/build/mariadb/pam-mariadb
@@ -0,0 +1,2 @@
+auth required pam_ldap.so
+account required pam_ldap.so
diff --git a/app/seafile/build/seafile/Dockerfile b/app/seafile/build/seafile/Dockerfile
new file mode 100644
index 0000000..88dee4f
--- /dev/null
+++ b/app/seafile/build/seafile/Dockerfile
@@ -0,0 +1,46 @@
+FROM amd64/debian:buster as builder
+
+ENV VERSION 7.0.5
+
+RUN apt-get update && \
+ apt-get dist-upgrade -y && \
+ DEBIAN_FRONTEND=noninteractive apt-get install -y wget tar && \
+ wget https://download.seadrive.org/seafile-server_${VERSION}_x86-64.tar.gz -O ./seafile.tar.gz && \
+ tar xf ./seafile.tar.gz && \
+ mv seafile-server-${VERSION} seafile-server
+
+FROM amd64/debian:buster
+
+COPY --from=builder ./seafile-server /srv/webstore/seafile-server
+
+RUN apt-get update && \
+ apt-get dist-upgrade -y && \
+ DEBIAN_FRONTEND=noninteractive apt-get install -y \
+ python \
+ mariadb-client \
+ python2.7 \
+ libpython2.7 \
+ python-setuptools \
+ python-ldap \
+ python-urllib3 \
+ ffmpeg \
+ python-pip \
+ python-mysqldb \
+ python-memcache \
+ procps \
+ python-requests && \
+ pip install Pillow==4.3.0 && \
+ pip install moviepy && \
+ useradd -u 1000 -d /srv/webstore seauser && \
+ chown -R seauser:1000 /srv/webstore/
+
+RUN mkdir -p /usr/local/lib/mariadb/plugin/ && \
+ ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/mysql_clear_password.so /usr/local/lib/mariadb/plugin/ && \
+ ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/dialog.so /usr/local/lib/mariadb/plugin/
+
+WORKDIR /srv/webstore/seafile-server
+COPY seadocker /usr/local/bin/seadocker
+COPY seaenv /usr/local/bin/seaenv
+
+ENTRYPOINT ["/usr/local/bin/seaenv"]
+CMD ["/usr/local/bin/seadocker"]
diff --git a/app/seafile/build/seafile/README.md b/app/seafile/build/seafile/README.md
new file mode 100644
index 0000000..26d04e0
--- /dev/null
+++ b/app/seafile/build/seafile/README.md
@@ -0,0 +1,27 @@
+
+```bash
+sudo docker build -t superboum/amd64_seafile:v5 .
+```
+
+When upgrading, connect on a production server and run:
+
+```bash
+nomad stop seafile
+sudo docker build -t superboum/amd64_seafile:v6 .
+
+sudo docker run -t -i \
+ -v /mnt/glusterfs/seafile:/mnt/seafile-data \
+ -v /mnt/glusterfs/seaconf/conf:/srv/webstore/conf \
+ -v /mnt/glusterfs/seaconf/ccnet:/srv/webstore/ccnet \
+ superboum/amd64_seafile:v5
+
+# See:
+# * https://download.seafile.com/published/seafile-manual/deploy/upgrade.md
+# * https://download.seafile.com/published/seafile-manual/changelog/server-changelog.md
+
+
+
+nomad start seafile.hcl
+```
+
+when upgrading, change the command on start
diff --git a/app/seafile/build/seafile/seadocker b/app/seafile/build/seafile/seadocker
new file mode 100755
index 0000000..5b5982b
--- /dev/null
+++ b/app/seafile/build/seafile/seadocker
@@ -0,0 +1,4 @@
+#!/bin/bash
+/srv/webstore/seafile-server/seafile.sh start
+/srv/webstore/seafile-server/seahub.sh start
+tail -f /srv/webstore/logs/*
diff --git a/app/seafile/build/seafile/seaenv b/app/seafile/build/seafile/seaenv
new file mode 100755
index 0000000..3b0e0bb
--- /dev/null
+++ b/app/seafile/build/seafile/seaenv
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+chown seauser /srv/webstore
+chown seauser -R /srv/webstore/ccnet
+chown seauser -R /srv/webstore/conf
+
+runuser -u seauser -- "$@"