Don’t even get me started… I just made a huge comment about the clown-nature of this thought-process.
I think it all boils down to experience. Some people need time to understand how to make their systems secure (including myself). It took me years of experience to learn how to raise all defenses to ensure security in all my self-hosts.
I would say Seafile, and especially their webserver “seahub”, which is written in Python and Django, is just pure garbage. I’m using Seafile since 2012, and I’m honestly so sick of its problems. It just crashes for no good reason, and the encryption is extremely mediocre (there’s been issues about it). I have it behind my VPN so security isn’t a big deal.
Because it’s written with the garbage Python + Django, just try moving your installation to a new version… and you’ll be stuck with a very specific version of a bunch of libraries or otherwise seahub won’t even launch… and to make it even better, you don’t get anything on stdout/stderr to tell you what’s wrong, unless you launch Seahub in a specific configuration mode (WSAPI or something?).
Seafile has become so bad that I stopped caring about tracking its issues. I set my docker container to just restart on health checks’ failure, and forgot about it. My status tracker shows that it’s shutdown, and eventually it’ll restart. “Hey look, Seafile is down.” And I respond “That’s OK, dear, just give it another 15 minutes and it’ll restart”. This is my status on Seafile.
I think Seahub needs a complete revamp.
Those guys coded Seafile like a decade ago and they don’t care about fixing it anymore. Github is cluttered with issues.