This guide deploys Seafile with Docker Compose on Debian 10 to latest stable, Ubuntu LTS, and RHEL 9+ compatible hosts.
- name: Deploy Seafile
hosts: seafile
become: true
vars:
app_root: /opt/seafile
http_port: 80
https_port: 443
seafile_version: "13.0-latest"
db_root_pass: "{{ vault_seafile_db_root_password }}"
admin_email: "admin@example.com"
admin_password: "{{ vault_seafile_admin_password }}"
server_hostname: "seafile.example.com"
jwt_private_key: "{{ vault_seafile_jwt_key }}"
tasks:
- name: Install Docker on Debian/Ubuntu
apt:
name:
- docker.io
- docker-compose-plugin
state: present
update_cache: true
when: ansible_os_family == "Debian"
- name: Install Docker on RHEL family
dnf:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-compose-plugin
state: present
when: ansible_os_family == "RedHat"
- name: Enable and start Docker
service:
name: docker
state: started
enabled: true
- name: Create app directory
file:
path: "{{ app_root }}"
state: directory
mode: "0755"
- name: Write Docker Compose file
copy:
dest: "{{ app_root }}/docker-compose.yml"
mode: "0644"
content: |
version: '3.8'
services:
db:
image: mariadb:10.11
container_name: seafile-mysql
environment:
- MYSQL_ROOT_PASSWORD={{ db_root_pass }}
- MYSQL_LOG_CONSOLE=true
volumes:
- ./db-data:/var/lib/mysql
networks:
- seafile-net
memcached:
image: memcached:1.6.29
container_name: seafile-memcached
entrypoint: memcached -m 256
networks:
- seafile-net
seafile:
image: seafileltd/seafile-mc:{{ seafile_version }}
container_name: seafile
ports:
- "{{ http_port }}:80"
- "{{ https_port }}:443"
volumes:
- ./seafile-data:/shared
environment:
- DB_HOST=db
- DB_ROOT_PASS={{ db_root_pass }}
- SEAFILE_ADMIN_EMAIL={{ admin_email }}
- SEAFILE_ADMIN_PASSWORD={{ admin_password }}
- SEAFILE_SERVER_HOSTNAME={{ server_hostname }}
- JWT_PRIVATE_KEY={{ jwt_private_key }}
depends_on:
- db
- memcached
networks:
- seafile-net
networks:
seafile-net:
driver: bridge
- name: Start application stack
community.docker.docker_compose:
project_src: "{{ app_root }}"
state: present
- name: Wait for Seafile to be ready
uri:
url: "https://localhost:{{ https_port }}"
validate_certs: false
status_code: 200,302
register: result
until: result.status in [200, 302]
retries: 60
delay: 5
Create an ansible-vault file with secure passwords and keys:
# group_vars/all/vault.yml
vault_seafile_db_root_password: "your-secure-db-root-password"
vault_seafile_admin_password: "your-secure-admin-password"
vault_seafile_jwt_key: "your-32-character-random-secret-key-here"
Generate the JWT key with: openssl rand -hex 32
# Run the playbook
ansible-playbook -i inventory.ini seafile.yml
# With vault password
ansible-playbook -i inventory.ini seafile.yml --ask-vault-pass
For production deployments, consider adding:
SEAFILE_SERVER_HOSTNAME to your actual domain./seafile-data and ./db-dataSee Configuration and Security for production hardening.
Any questions?
Feel free to contact us. Find all contact information on our contact page.