Matt-Cloud Drive
Here are the updated configurations for the LDAP/OIDC sync.
seahub_settings.py
# -*- coding: utf-8 -*-
SECRET_KEY = "deadbeefsecretlolz"
SERVICE_URL = "http://drive.domain.com"
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'seahub_db',
'USER': 'seafile',
'PASSWORD': 'deadbeefsecretlolz',
'HOST': '192.168.1.10',
'PORT': '3306',
'OPTIONS': {'charset': 'utf8mb4'},
}
}
CACHES = {
'default': {
'BACKEND': 'django_pylibmc.memcached.PyLibMCCache',
'LOCATION': 'memcached:11211',
},
'locmem': {
'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
},
}
COMPRESS_CACHE_BACKEND = 'locmem'
TIME_ZONE = 'America/Los_Angeles'
FILE_SERVER_ROOT = 'https://drive.domain.com/seafhttp'
ENABLE_LDAP = True
LDAP_SERVER_URL = 'ldap://192.168.1.15'
LDAP_BASE_DN = 'OU=Users,DC=domain,DC=local'
LDAP_ADMIN_DN = 'docker-ldap@domain.local'
LDAP_ADMIN_PASSWORD = 'deadbeefsecretlolz'
LDAP_PROVIDER = 'ldap'
LDAP_LOGIN_ATTR = 'sAMAccountName'
LDAP_USER_FIRST_NAME_ATTR = 'givenName'
LDAP_USER_LAST_NAME_ATTR = 'sn'
LDAP_USER_NAME_REVERSE = False
SSO_LDAP_USE_SAME_UID = True
LDAP_FILTER = 'memberOf=CN=Seafile,OU=AD-Groups,OU=Users,DC=domain,DC=local'
ENABLE_OAUTH = True
OAUTH_ENABLE_INSECURE_TRANSPORT = False
OAUTH_CLIENT_ID = "matt-drive-oidc"
OAUTH_CLIENT_SECRET = "deadbeefsecretlolz"
OAUTH_REDIRECT_URL = 'https://drive.domain.com/oauth/callback/'
OAUTH_PROVIDER_DOMAIN = 'auth.domain.com'
OAUTH_AUTHORIZATION_URL = 'https://auth.domain.com/api/oidc/authorization'
OAUTH_TOKEN_URL = 'https://auth.domain.com/api/oidc/token'
OAUTH_USER_INFO_URL = 'https://auth.domain.com/api/oidc/userinfo'
OAUTH_SCOPE = [
"openid",
"profile",
"email",
]
OAUTH_ATTRIBUTE_MAP = {
"preferred_username": (True, "uid") ,
"preferred_username": (True, "email"),
"name": (False, "name"),
}
ENABLE_SEADOC = True
SEADOC_PRIVATE_KEY = 'deadbeefsecretlolz' # sdoc-server private_key
SEADOC_SERVER_URL = 'https://drive.domain.com/sdoc-server' # sdoc-server service url
# When SeaDoc and Seafile/Seafile docker are deployed on the same host, SEADOC_SERVER_URL should be 'https://seafile.example.com/sdoc-server'
FILE_CONVERTER_SERVER_URL = 'http://192.168.1.20:8888' # converter-server url
# When SeaDoc and Seafile are deployed on the same host, FILE_CONVERTER_SERVER_URL should be LAN address 'http://127.0.0.1:8888'
# When SeaDoc and Seafile docker are deployed on the same host, FILE_CONVERTER_SERVER_URL should be http://sdoc-server:8888
# M@O8VWUb81YvmtWLHGB2I_V7di5-@0p(MF*GrE!sIws23F
ENABLE_ONLYOFFICE = True
ONLYOFFICE_APIJS_URL = 'https://office.matt-cloud.com/web-apps/apps/api/documents/api.js'
ONLYOFFICE_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods', 'csv', 'ppsx', 'pps')
ONLYOFFICE_EDIT_FILE_EXTENSION = ('docx','pptx','xlsx')
ONLYOFFICE_JWT_SECRET = 'deadbeefsecretlolz'
docker-compose.yaml
services:
seafile:
image: seafileltd/seafile-mc:12.0-latest
container_name: mc-drive-seafile
restart: always
ports:
- "172.25.1.14:80:80"
- "172.25.1.14:443:443"
volumes:
- /media/seafile/mcd-data:/shared
environment:
- DB_HOST=10.30.31.1
- DB_ROOT_PASSWD=deadbeefsecretlol
- DB_PASSWORD=deadbeefsecretlol
- TIME_ZONE=America/Los_Angeles
- SEAFILE_SERVER_HOSTNAME=drive.matt-cloud.com
- SEAFILE_SERVER_PROTOCOL=https
- SEAFILE_SERVER_LETSENCRYPT=true # Whether to use https or not.
- SITE_ROOT=/
- JWT_PRIVATE_KEY=deadbeefsecretlol
- ENABLE_SEADOC=true
- SEADOC_SERVER_URL=https://drive.matt-cloud.com/sdoc-server
depends_on:
- db
- memcached
networks:
- net
seadoc:
image: seafileltd/sdoc-server:1.0-latest
container_name: seadoc
volumes:
- ./seadoc-data/:/shared
# ports:
# - "80:80"
environment:
- DB_HOST=10.30.31.1
- DB_PORT=3306
- DB_USER=root
- DB_PASSWORD=deadbeefsecretlol
- DB_NAME=seahub_db
- TIME_ZONE=America/Los_Angeles
- JWT_PRIVATE_KEY=deadbeefsecretlol
- SEAHUB_SERVICE_URL=https://drive.matt-cloud.com
- SDOC_SERVER_LETSENCRYPT=true # Whether to use https or not.
- SDOC_SERVER_HOSTNAME=drive.matt-cloud.com # Specifies your host name if https is enabled.
ports:
- 172.25.1.14:7070:7070
- 172.25.1.14:8888:8888
networks:
- net
db:
image: mariadb:10.11
restart: always
container_name: mc-drive-seafile-mysql
ports:
- "10.30.31.1:3306:3306"
environment:
- MYSQL_ROOT_PASSWORD=deadbeefsecretlol
- MYSQL_LOG_CONSOLE=true
- MARIADB_AUTO_UPGRADE=1
volumes:
- /media/docker/308a/db:/var/lib/mysql
networks:
- net
memcached:
image: memcached:1.6.29
restart: always
container_name: mc-drive-seafile-memcached
entrypoint: memcached -m 256
networks:
- net
onlyoffice:
image: onlyoffice/documentserver
container_name: office.matt-cloud.com
environment:
- JWT_ENABLED=false
- WOPI_ENABLED=false
restart: always
networks:
- net
volumes:
- log:/var/log/onlyoffice
- etc-oo:/etc/onlyoffice
- www:/var/www/onlyoffice/Data
- var-oo:/var/lib/onlyoffice
- var-db:/var/lib/postgresql
ports:
- "10.30.30.1:81:80"
volumes:
db-etc:
driver: local # Define the driver and options under the volume name
driver_opts:
type: none
device: ./db-etc
o: bind
log:
driver: local # Define the driver and options under the volume name
driver_opts:
type: none
device: /media/docker/308-seafile/onlyoffice/log
o: bind
www:
driver: local # Define the driver and options under the volume name
driver_opts:
type: none
device: /media/docker/308-seafile/onlyoffice/www
o: bind
etc-oo:
driver: local # Define the driver and options under the volume name
driver_opts:
type: none
device: /media/docker/308-seafile/onlyoffice/etc-oo
o: bind
var-oo:
driver: local # Define the driver and options under the volume name
driver_opts:
type: none
device: /media/docker/308-seafile/onlyoffice/var-oo
o: bind
var-db:
driver: local # Define the driver and options under the volume name
driver_opts:
type: none
device: /media/docker/308-seafile/onlyoffice/var-db
o: bind
networks:
net:
driver: bridge
ipam:
driver: default
config:
-
subnet: 10.30.31.0/24