My little tutorial may not work for everybody but for me its the perfect solution. What you need:
- Seafile server with local IP-Adress
- Self-signed certificate
- Any DynDSN-Service (if you don’t have a fixed public IP-address)
- DNS-Access to your domain name
- Free Cloudflare-Account
Step 1
Set up the seafile server with a self-signed SSL-certificate. The server has an internal IP-address, lets say 192.168.0.5
and is listening to SSL-Port 8001
So, if you open the web interface with https://192.168.0.5:8001
you will get a message that the certificate is unsecure.
Next step is to open the ports in your router to grant access from outside. Redirect port 443
to internal IP 192.168.0.5
and port 8001
Its very important that you forward external Port 443 because the free Cloudflare service (description below) only supports the ports 80
and 443
.
Step 2
This step is only needed if you don’t have a fixed public IP-address:
One of your devices in your local network should run a DynDNS-Client. It’s not important for which service you decide. This tutorial should work with any DynDSN-provider.
Lets say, that your DynDNS-name is seafile.dyndns.org
Step 3
Now you need a free Cloudflare-account. Add your Domain name to this account and follow the instructions of the Cloudflare website. They will generate a free SSL-certificate for your domain (including wildcard-names).
When your domain name is activated in your cloudflare account add a DNS-entry for your Seafile-server. It has to be a CNAME entry pointing to your DynDNS-name. The cloud icon on the right side has to be active (orange) for this entry.
Example:
CNAME seafile.yourdomain.xyz --> seafile.dyndns.org
If you have a fixed public IP-address you can make an A-record pointing to your IP instead.
Make sure that your Seafile-server is responding on seafile.yourdomain.xyz
Check the Cloudflare “Crypt” settings tab. The SSL-mode has to be set to Full
. This setting will encrypt the connection between your website visitors and Cloudflare, and from Cloudflare to your server. The difference between Full
and Full (Strict)
is that Full (Strict)
checks for a valid certificate on your origin server, whereas Full
checks for any certificate. You will need to have an SSL certificate on your server. However, Cloudflare will not attempt to validate the certificate (certificates may be self-signed).
Thats it! Your Seafile server should now be accessible with https://seafile.yourdomain.xyz
without any warning messages. The same domain name can be used with the Seafile clients.