From 8764e63ab893c56ec3b627d45f915d0cc298ae6a Mon Sep 17 00:00:00 2001
From: Matthew Baggett <matthew@baggett.me>
Date: Mon, 3 Mar 2025 19:52:50 +0100
Subject: [PATCH] Fiddlin' still doesn't work.

---
 products/seafile/inputs.tf  | 14 ++++++--
 products/seafile/seafile.tf | 65 +++++++++++++++++++++----------------
 2 files changed, 48 insertions(+), 31 deletions(-)

diff --git a/products/seafile/inputs.tf b/products/seafile/inputs.tf
index 4b5b06a..cb92f60 100644
--- a/products/seafile/inputs.tf
+++ b/products/seafile/inputs.tf
@@ -5,9 +5,13 @@ variable "enable" {
 }
 variable "seafile_version" {
   type        = string
-  default     = "11.0.13"
+  default     = "12.0-latest"
   description = "The version of the docker image to use for the Seafile service."
 }
+variable "domain" {
+  type        = string
+  description = "The domain to use for the traefik configuration."
+}
 # Pass-thru variables
 variable "stack_name" {
   type    = string
@@ -33,7 +37,9 @@ variable "ports" {
     protocol     = optional(string, "tcp")
     publish_mode = optional(string, "ingress")
   }))
-  default     = []
+  default = [
+    { container = 80 },
+  ]
   description = "A map of port mappings to expose on the host. The key is the host port, and the value is the container port."
 }
 variable "mysql_ports" {
@@ -43,7 +49,9 @@ variable "mysql_ports" {
     protocol     = optional(string, "tcp")
     publish_mode = optional(string, "ingress")
   }))
-  default     = []
+  default = [
+    { container = 3306 },
+  ]
   description = "A map of port mappings to expose on the host. The key is the host port, and the value is the container port."
 }
 variable "mounts" {
diff --git a/products/seafile/seafile.tf b/products/seafile/seafile.tf
index 51569ea..33cf902 100644
--- a/products/seafile/seafile.tf
+++ b/products/seafile/seafile.tf
@@ -1,19 +1,37 @@
-variable "domain" {
+variable "admin_email" {
+  type        = string
+  description = "The email address of the admin user."
+}
+variable "admin_password" {
+  default     = null
+  description = "Optional password for the admin user. If not provided, a random password will be generated."
+}
+resource "random_password" "admin_password" {
+  count   = var.admin_password == null ? 1 : 0
+  length  = 32
+  special = false
+}
+locals {
+  admin_password = var.admin_password != null ? var.admin_password : random_password.admin_password[0].result
+}
+variable "protocol" {
+  default     = "https"
+  description = "http or https"
   type        = string
-  description = "The domain to use for the traefik configuration."
 }
 module "seafile" {
   depends_on            = [module.memcached, module.mysql, module.network]
   source                = "../../docker/service"
   enable                = var.enable
   stack_name            = var.stack_name
-  image                 = "h44z/seafile-ce:${var.seafile_version}"
+  image                 = "seafileltd/seafile-mc:${var.seafile_version}"
   placement_constraints = var.placement_constraints
   service_name          = var.service_name
   networks              = concat([module.network.network], var.networks, )
+  ports                 = var.ports
   mounts = {
-    "${var.data_persist_path}/seafile" = "/seafile"
-    "${var.data_persist_path}/logs"    = "/opt/seafile/logs"
+    "${var.data_persist_path}/data" = "/seafile"
+    "${var.data_persist_path}/logs" = "/opt/seafile/logs"
   }
   labels = {
     "traefik.enable"         = "true"
@@ -59,31 +77,22 @@ module "seafile" {
     # You can either specify a root password (MYSQL_ROOT_PASSWORD), or use your exsting database tables.
     # Also specifying MYSQL_USER_HOST only makes sense if MYSQL_ROOT_PASSWORD is given, otherwise no new MySQL user will be created.
     # To use an external database, simply remove the MySQL service from the docker-compose.yml.
-    MYSQL_SERVER        = module.mysql.service_name
-    MYSQL_USER          = module.mysql.username
-    MYSQL_USER_PASSWORD = module.mysql.password
-    MYSQL_PORT          = 3306
+    DB_HOST          = module.mysql.service_name
+    DB_PORT          = 3306
+    DB_USER          = module.mysql.username
+    DB_PASSWORD      = module.mysql.password
+    DB_ROOT_PASSWORD = module.mysql.root_password
+
+    INIT_SEAFILE_ADMIN_EMAIL    = var.admin_email
+    INIT_SEAFILE_ADMIN_PASSWORD = local.admin_password
 
     # General Seafile Settings
-    SEAFILE_VERSION  = var.seafile_version
-    SEAFILE_NAME     = "Seafile"
-    SEAFILE_ADDRESS  = var.domain
-    SEAFILE_ADMIN    = "admin@${var.domain}"
-    SEAFILE_ADMIN_PW = "changeme"
-
-    # OnlyOffice Settings
-    ONLYOFFICE_JWT_SECRET = "Supers3cr3t" // @todo generate a key instead
-
-    # Optional Seafile Settings
-    LDAP_IGNORE_CERT_CHECK = true
-
-    # Traefik (Reverse Proxy) Settings
-    DOMAINNAME = var.domain
-
-    # All other settings can be edited in the conf dir (/seafile/conf) once the container started up!
-
-    # runmode, default = run
-    #MODE=maintenance
+    SEAFILE_SERVER_HOSTNAME = var.domain
+    SEAFILE_SERVER_PROTOCOL = var.protocol
+    SEAFILE_LOG_TO_STDOUT   = true
+    ENABLE_SEADOC           = false
+    SEADOC_SERVER_URL       = "${var.protocol}://${var.domain}/seadoc"
+    JWT_PRIVATE_KEY         = "Supers3cr3t" // @todo generate a key instead
   }
   converge_enable = false // @todo: Fix healthcheck and change this.
 }