Because you could doesn’t mean you should series #1: SeaFile + NextCloud

Steve “Stefan” Fan
Jun 5 · 3 min read

(Note: this is part the salvation of my old blog, that a catastrophic event has recently happened me, I’m very sad now, and I will make an postmortem later)

Why?

I loved how NextCloud have rich functionalities that they had such a good plugin ecosystem, but I also want SeaFile level kind of speed, that it is well known how slow NextCloud syncs via WebDAV.

However there are never such integration, and probably never will. And I think that NextCloud as frontend + SeaFile as backend is a good idea…

So, this is the abomination I made. A Docker app that runs SeaDrive and NextCloud altogether

Even if you can, please don’t do it out of novel context.

First try

Well, SeaDrive under the hood, is actually a SeaFile client strapped with a FUSE and a polling hook that updates the required repository on the fly, so that means we will need FUSE on Docker first.

app:
build: ./
image: nextcloud-seafile
restart: on-failure
devices:
- /dev/fuse
cap_add:
- SYS_ADMIN
# Base config

This is because FUSE requires kernel communications and Docker explicitly blocks off all such syscalls — in this case SYS_ADMIN

The Config

Next up we will need to know how to generate a valid config for SeaDrive.

Copying from the official guide, I used this as an example template:

[account]
server = $SEAFILE_HOST
username = $SEAFILE_USERNAME
token = $SEAFILE_TOKEN
is_pro = $SEAFILE_IS_PRO
[general]
client_name = nextcloud
[cache]
size_limit = 10GB
clean_cache_interval = 10

Remember to add `https?://` for `server` or you’re guaranteed to get a segfault.

And this is how I get a token:

curl -s \
-d "username=$SEAFILE_USERNAME" \
-d "password=$SEAFILE_PASSWORD" \
$SEAFILE_HOST/api2/auth-token/ | jq -r '.token'

If `jq` returns `null`, that means there’s absolutely something wrong, probably incorrect login credentials.

Based on this authentication context we can assume this is a generic authentication error.

Minefields

So you thought just using normal seadrive CLI config is enough?

seadrive -f -c /data/$filename -d /data/seadrive-data /data/seadrive-fuse -l /dev/stdout &

Wrong. The official NextCloud image runs Apache and launches under `www-data`, meaning it will not be able to access the FUSE mountpoint, so we will need to add at least `allow_other`. Corrected:

mkdir -p /data/seadrive-fuse # Create if not exist, otherwise FUSE will exit
seadrive -f -c /data/$filename -o nonempty,allow_other -d /data/seadrive-data /data/seadrive-fuse -l /dev/stdout &

Okay…we got the NextCloud login page…We filled in the root admin credentials…Database imported…

What? My data folder is readable by all users so I need to set rwxrwx — -?

So the first instinct is that we should use chmod offered by the error message:

chmod -R 770 /data/seadrive-fuse/My\ Library/nextcloud

Annnnnd again no. SeaDrive doesn’t currently allow Unix ACL, rather they have their own ACL and I see no other options as well.

Fortunately we can disable the stupid check, so we need to patch it via occ:

sudo -u www-data php occ config:system:set check_data_directory_permissions --value="false" --type=boolean

Et Voila! Now NextCloud won’t bitch again!

You can upload anything from the NextCloud web panel and see that they are also synced into SeaFile (if not instantaneously), sweet!

Next time I should try to see how fast and stable SeaDrive really is under huge pressure to see if it is usable in practice.

But this is still not perfect though, you can see the repo below for some known issues.

POC repo

All this is available in stevefan1999-personal/docker-nextcloud-seafile.

You should know what to do, and you should try this on your own risk.

— Steve

(Originally Published Date: 2019–01–20T10:31:15.276Z)

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade