Seafile backup step-by-step how-to, plus: Co-existing with NextCloud, auto-mounting seaf-fuse with Docker

Just for reference, here is my full Docker Compose file, docker-compose.yml.

Note that set up of the network under 10.10.10.x was to allow simultaneous operation of Seafile and NextCloud (both like to sit on port 443 . . . ).

This is a Seafile Pro installation, so it allows elasticsearch integration and (if I recall) works a little differently with the Collabora & Office Preview integration. But most things are no different from a CE installation, which I had previously set up.

networks:
  seafile_default:
    ipam:
          driver: default
          config:
              - subnet: "10.10.10.0/16"
                gateway: "10.10.10.1"

services:
  db:
    image: mariadb:10.11
    container_name: seafile-mysql
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=<<secret DB password>>  # Requested, set the root's password of MySQL service.
      - MYSQL_LOG_CONSOLE=true
      - MARIADB_AUTO_UPGRADE=1
    volumes:
      - /d/seafile/seafile-mysql/db:/var/lib/mysql  # Requested, specifies the path to MySQL data persistent store.
      - /mnt/seafile_main_data_store/seafile_db_dumps:/mnt/seafile_db_dumps  # Location of regular DB dumps & config file copies, for backups
      - /home/<<my-user-name>>/seafile:/mnt/config #location of my Docker Composer files & other config for Seafile

    networks:
      seafile_default:
        ipv4_address: 10.10.10.2

  memcached:
    image: memcached:1.6.18
    container_name: seafile-memcached
    restart: always
    entrypoint: memcached -m 256
    networks:
      seafile_default:
        ipv4_address: 10.10.10.3

  elasticsearch:
    image: elasticsearch:8.6.2
    container_name: seafile-elasticsearch
    ports:
      - 9200:9200   # 192.x.x.x is the IP address of the machine
    environment:
      - discovery.type=single-node
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms1g -Xmx1g"
      - xpack.security.enabled=false
    ulimits:
      memlock:
        soft: -1
        hard: -1
    mem_limit: 2g
    volumes:
      - /d/seafile/seafile-elasticsearch/data:/usr/share/elasticsearch/data  # Requested, specifies the path to Elasticsearch data persisten
     - /mnt/seafile_main_data_store_on_W/elasticsearch/data:/usr/share/elasticsearch/data  # Requested, specifies the path to Elasticsearch d
    networks:
      seafile_default:
        ipv4_address: 10.10.10.6

  seafile:
    image: docker.seadrive.org/seafileltd/seafile-pro-mc:latest
    #This command initiates the normal command to start the container - /sbin/my_init -- /scripts/enterpoint.sh
    #It also waits 15 seconds and then starts seaf-fuse.sh - (sleep 15 && /opt/seafile/seafile-server-latest/seaf-fuse.sh start /seafile-fuse)&
    command: sh -c "(sleep 15 && /opt/seafile/seafile-server-latest/seaf-fuse.sh start /seafile-fuse)& /sbin/my_init -- /scripts/enterpoint.sh"
    container_name: seafile
    restart: unless-stopped
    privileged: true
    ports:
      # NO PORTS need to be defined here, because we have our external networks & hit them directly from CADDY
      #- "180:80" #Windows uses port 80 for WebDAV services etc, so use something else
      #- "1443:443"  # If https is enabled, cancel the comment.
      - "8000:8000" #backup access port

    volumes:
      - /mnt/seafile_main_data_store:/shared   # Requested, specifies the path to Seafile data persistent store. NEW location on W drive
      #  This is to create a local externally accessible mount point for the entire data store at /mnt/seafile-fuse      
      - type: bind
        source: /mnt/seafile-archive/
        target: /seafile-fuse/
        bind:
          propagation: rshared
    environment:
      - DB_HOST=db
      - DB_ROOT_PASSWD=<<secret-DB-password>>  # Requested, the value should be root's password of MySQL service (same as above)
      - TIME_ZONE=America/Chicago  # Optional, default is UTC. Should be uncomment and set to your local time zone.
      - SEAFILE_ADMIN_EMAIL=<<my-email-address>> # Specifies Seafile admin user, default is 'me@example.com'.
      - SEAFILE_ADMIN_PASSWORD=<<my-secret-admin-password>>     # Specifies Seafile admin password, default is 'asecret'.
      - SEAFILE_SERVER_LETSENCRYPT=false   # Whether to use https or not. (Not necessary as https is done via Caddy.)
      - SEAFILE_SERVER_HOSTNAME=sf.myddns.org # Specifies your host name if https is enabled.
    depends_on:
      - db
      - memcached
      - elasticsearch
    networks:
      seafile_default:
        ipv4_address: 10.10.10.4

  collabora:
    image: collabora/code:23.05.5.4.1
    container_name: collabora
    restart: unless-stopped
    #privileged: true
    user: cool
    env_file:
      - ./collabora.env
    ports:
      - "19980:9980"   # 192.x.x.x is the IP address of the machine
    networks:
      seafile_default:
        ipv4_address: 10.10.10.5

  seafile-office-preview:
    image: seafileltd/office-preview:latest
    container_name: seafile-office-preview
    command: bash start.sh
    environment:
      - IGNORE_JWT_CHECK=true   # Usually, seafile and office-perview are deployed on the same machine and communicate through the intranet, >    ports:
      - "0.0.0.0:8089:8089"   # 192.x.x.x is the IP address of the machine
    volumes:
      - ./office-preview:/shared
      - ./office-previewer-settings.py:/opt/office_convertor/settings.py
    networks:
      seafile_default:
        ipv4_address: 10.10.10.7

File collabora.env in the same folder:

domain="https://sf.myddns.org"
username=<<myusername>>
password=<<mypassword>>

These are the relevant portions of the Caddyfile used to run NextCloud, Seafile, and a few other things on the same network:

#nextcloud
https://nc.myddns.org:443 {
        header Strict-Transport-Security max-age=31536000;
        reverse_proxy localhost:11000
}
#seafile
#Note these are sent directly to the 10.10.10.X network set up for
#Seafile & it's various components in the Docker Compose file
#This allows Seafile to co-exist with NextCloud -  both want to
#own & live on ports 443 & 80
sf.myddns.org {
        reverse_proxy 10.10.10.4:80
}
sf.myddns.org/seafhttp* {
        uri strip_prefix seafhttp
        reverse_proxy 10.10.10.4:8082
}
sf.myddns.org/seafdav* {
        uri strip_prefix seafdav
        reverse_proxy 10.10.10.4:8899
}
#paperless
pl.myddns.org {
        reverse_proxy localhost:7500
}
#vaultwarden
vw.myddns.org {
        reverse_proxy localhost:7843
}
#collabora, running with SeaFile
co.myddns.org {
        encode gzip

        reverse_proxy localhost:19980 {
                transport http {
                        tls
                        tls_insecure_skip_verify
                }
        }
}
#Office Preview, running with SeaFile
op.myddns.org {
        reverse_proxy localhost:8089
}
#portainer - access via https://po.myddns.org:9443
po.myddns.org {
        reverse_proxy localhost:9443
}