I deployed my seafile server in a server without public ip address and use WireGuard to connect to it. However, when I tried to share someone a file/folder, I have to get him to set up the WireGuard connection, which is inconvenient. So I figured I can set up a second Seafile server on a machine that has public IP Address, and I can use Open Cloud Mesh to share those files between these 2 servers. But it doesn’t work out very well, the files are not editable, only has a download option.
Does anyone have alternative suggestions for a more seamless solution?
I think this will depend a bit on how you intend to use it. It sounds like you want 2-way sync (if either person edits the file, the changes are synced to the other). I thought of several options, but these are the 2 that seem easiest, and feel most likely to do what you want
Least change from current, and still entirely in your control:
Make a second seafile server, but move the file into the library of the server with the public IP (another directory on your machine). When done sharing, move back to the library of the private seafile. Could be a pain if you do this often.
-OR-
A second concurrent sync solution. Share the file from where it already is at on your machine so edits that come from others get to your computer, and then automatically sync to seafile too. Syncthing is pretty good for this. There isn’t a sever copy of the files with syncthing, the syncthing servers only help computers that are sharing to find each other. This means that your computer needs to be on at the same time as the other person’s computer so they can sync with each other. If that’s a problem, it’s pretty easy to set up another machine (vm, or cloud, etc) as a 3rd also sharing the synced folder.
To share with someone you would add a folder to your syncthing synced folders, ask the other person to install syncthing, and give them the ID for the folder. It’s encrypted and the ID serves as the shared key, so without knowing that ID nobody else should be able to access the shared folder.
1 Like
You can use Cloudflare Tunnel to make it available publicly.
2 Likes
This is a viable solution, though it may be a bit inconvenient. Thanks for the suggestion! I’ll give it a try sometime.
This crossed my mind as well. However, using Cloudflare Tunnels would mean that both home and external access would rely solely on the tunnel. Because the FILE_SERVER_ROOT in Seafile settings must be set to a URL that is accessible both at home and outside.
This could significantly slow down upload and download speeds due to the additional routing through Cloudflare’s network.
Did you try syncthing? It works without exposed IP.
There is a way around that. If you control the DNS on your home network then you can override the DNS entry for the name within your local network. So when you try to go to seafile.domin.tld at home you talk to a local reverse proxy that forwards to seafile, and when not on your home network you talk to cloudflare, that then talks to seafile. You need the reverse proxy there because cloudflare handles TLS, but you will need TLS with a certificate (lets encrypt should be fine) when not going through cloudflare too.
As Tom has mentioned previously, setting up an external DNS would be the best way forward for this, then setup a hostfile entry on your machine (or DNS entry on your router for the whole network) so that it links locally instead of going external then back.
If you don’t have a static IP address at home, I use a BASH script that updates my cloudflare whenever my public IP changes, and (because I run multiple servers for different things) I use HAProxy to determine where traffic goes based on the DNS Address.
If you need a hand with any of this, please let me know!
Kind Regards,
Mitch
Edit 1 - Just to note, I don’t see any speed drops across the 1GB/130MB connection I am running on, when using externally.
I did think of another way you could do this, if you share your source DATA directory to the second machine, then link it as a mount, you can setup Seafile to use the same directory, just make sure that it has the permissions (albeit they need to be on the same subnet, and any changes would be across the board).
As mentioned previously, SyncThing would be a good option if you’re not looking have the machines linked at all.