diff --git a/roles/onlyoffice_document_server/defaults/main.yml b/roles/onlyoffice_document_server/defaults/main.yml
index 603dc9f..4587ac6 100644
--- a/roles/onlyoffice_document_server/defaults/main.yml
+++ b/roles/onlyoffice_document_server/defaults/main.yml
@@ -11,4 +11,7 @@ oo_db_port: 3306
 oo_redis_server: localhost
 oo_redis_port: 6379
 
+# Secret key
+# oo_secret: XXXX
+
 oo_ds_vhost: onlyoffice-ds.{{ ansible_domain }}
diff --git a/roles/onlyoffice_document_server/templates/oods.json.j2 b/roles/onlyoffice_document_server/templates/oods.json.j2
index cd65ae3..ec7cad0 100644
--- a/roles/onlyoffice_document_server/templates/oods.json.j2
+++ b/roles/onlyoffice_document_server/templates/oods.json.j2
@@ -9,6 +9,25 @@
   },
   "services": {
     "CoAuthoring": {
+{% if oo_secret is defined %}
+      "secret": {
+        "inbox": {
+          "string": "{{ oo_secret }}"
+        },
+        "outbox": {
+          "string": "{{ oo_secret }}"
+        }
+      },
+      "token": {
+        "enable": {
+          "browser": true,
+          "request": {
+            "inbox": true,
+            "outbox": true
+          }
+        }
+      },
+{% endif %}
       "sql": {
         "type": "mysql",
         "dbHost": "{{ oo_db_server }}",
diff --git a/roles/seafile/defaults/main.yml b/roles/seafile/defaults/main.yml
index fcdc359..3cc3bb4 100644
--- a/roles/seafile/defaults/main.yml
+++ b/roles/seafile/defaults/main.yml
@@ -11,11 +11,11 @@
 #   MaxUsers = "9"
 #   Mode = "subscription"
 #   etc...
-seafile_version: "{{ seafile_license is defined | ternary('7.0.12','7.0.5') }}"
+seafile_version: "{{ seafile_license is defined | ternary('7.1.3','7.1.3') }}"
 
 # Archive URL and sha1 are only used for the community version
 seafile_archive_url: https://download.seadrive.org/seafile-server_{{ seafile_version }}_x86-64.tar.gz
-seafile_archive_sha1: a648e149301432ea0af4de83233a4c8cd1c60ada
+seafile_archive_sha1: b94b63bb7ea770e4afdc8e5d8ac82d8fc10e0403
 
 seafile_root_dir: /opt/seafile
 seafile_data_dir: "{{ seafile_root_dir }}/data"
@@ -67,6 +67,8 @@ seafile_ldap_auth: "{{ (ad_auth | default(False) or ldap_auth | default(False))
 seafile_ldap_uri: "{{ ad_auth | default(False) | ternary('ldaps://' + ad_realm | default(samba_realm) | default(ansible_domain) | lower,ldap_uri | regex_replace('^ldap://(.*)','ldaps://\\1')) }}"
 seafile_ldap_base: "{{ ad_auth | default(False) | ternary('DC=' + ad_realm | default(samba_realm) | default(ansible_domain) | regex_replace('\\.',',DC='), 'ou=Users,' + ldap_base) }}"
 # seafile_ldap_bind_dn:
+# Note that seafile_ldap_bind_pass should not contain special caracter, as it might break the parser and
+# prevent seafevents from starting !
 # seafile_ldap_bind_pass: 
 seafile_ldap_login_attr: "{{ ad_auth | default(False) | ternary('userPrincipalName','mail') }}"
 seafile_ldap_filter: "{{ ad_auth | default(False) | ternary('&(objectClass=user)(objectCategory=person)(primaryGroupId=513)','objectClass=inetOrgPerson') }}"
@@ -110,6 +112,8 @@ seafile_site_title: 'Mon cloud privé'
 
 # Set to your OnlyOffice url to enable integration
 # seafile_oo_uri: https://oods.example.org/
+# Optional secret token shared with OnlyOffice
+# seafile_oo_secret: XXXXX
 
 # Enable ClamAV scanning of files
 # Only available if you run the PRO edition
diff --git a/roles/seafile/files/seafile-pro-server_7.1.3_x86-64_CentOS.tar.gz b/roles/seafile/files/seafile-pro-server_7.1.3_x86-64_CentOS.tar.gz
new file mode 100644
index 0000000..fceed23
--- /dev/null
+++ b/roles/seafile/files/seafile-pro-server_7.1.3_x86-64_CentOS.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8627da084ad54abab077e65cc6bb66d3dc315fafac04dc596b8f1c5d435dd29d
+size 103177803
diff --git a/roles/seafile/meta/main.yml b/roles/seafile/meta/main.yml
index c839555..9e1b9f4 100644
--- a/roles/seafile/meta/main.yml
+++ b/roles/seafile/meta/main.yml
@@ -1,5 +1,7 @@
 ---
 dependencies:
   - role: repo_nux_dextop
+  - role: memcached_server
+    when: seafile_memcached_server is search('^(127\.0\.0\.1|localhost)')
   - role: clamav
     when: seafile_license is defined and seafile_scan_av == True
diff --git a/roles/seafile/tasks/cleanup.yml b/roles/seafile/tasks/cleanup.yml
index 79b45d8..1763f36 100644
--- a/roles/seafile/tasks/cleanup.yml
+++ b/roles/seafile/tasks/cleanup.yml
@@ -5,7 +5,7 @@
   with_items:
     - "{{ seafile_root_dir }}/tmp/seafile-server_{{ seafile_version }}_x86-64.tar.gz"
     - "{{ seafile_root_dir }}/tmp/seafile-server-{{ seafile_version }}"
-    - "{{ seafile_root_dir }}/tmp/seafile-pro-server_{{ seafile_version }}_x86-64.tar.gz"
+    - "{{ seafile_root_dir }}/tmp/seafile-pro-server_{{ seafile_version }}_x86-64_CentOS.tar.gz"
     - "{{ seafile_root_dir }}/tmp/seafile-pro-server-{{ seafile_version }}"
     - /etc/cron.d/seafil_gc
     - "{{ seafile_root_dir }}/db_dumps"
diff --git a/roles/seafile/tasks/conf.yml b/roles/seafile/tasks/conf.yml
index 725af1d..b9c81c4 100644
--- a/roles/seafile/tasks/conf.yml
+++ b/roles/seafile/tasks/conf.yml
@@ -13,7 +13,7 @@
     - seafdav.conf
     - seafile.conf
     - seahub_settings.py
-    - gunicorn.conf
+    - gunicorn.conf.py
   notify:
     - restart seafile
     - restart seahub
diff --git a/roles/seafile/tasks/install.yml b/roles/seafile/tasks/install.yml
index d443692..35f8fe1 100644
--- a/roles/seafile/tasks/install.yml
+++ b/roles/seafile/tasks/install.yml
@@ -3,12 +3,11 @@
 - name: Install RPM dependencies
   yum:
     name:
-      - python-imaging
+      - python3
+      - python3-setuptools
+      - python3-pip
+      - python3-virtualenv
       - MySQL-python
-      - python-memcached
-      - python-ldap
-      - python-urllib3
-      - python-virtualenv
       - ffmpeg
       - ffmpeg-devel
       - libmemcached-devel
@@ -23,20 +22,39 @@
       - unoconv             # For seafile-pro
   tags: seafile
 
+- name: Check if py2 venv is setup
+  stat: path={{ seafile_root_dir }}/bin/python2
+  register: seafile_py2
+  tags: seafile
+
+- name: Clear the venv as we migrate to py3
+  file: path={{ seafile_root_dir }}/{{ item }} state=absent
+  loop:
+    - lib
+    - lib64
+    - bin
+    - include
+  when: seafile_py2.stat.exists
+  tags: seafile
+
 - name: Install or update python modules in the virtualenv
   pip:
-    state: latest
+    state: "{{ (seafile_install_mode == 'upgrade') | ternary('latest', 'present') }}"
     virtualenv: "{{ seafile_root_dir }}"
-    virtualenv_python: python2.7
+    virtualenv_command: /usr/bin/virtualenv-3
+    virtualenv_python: /usr/bin/python3
     name:
-      - pip
-      - virtualenv
-      - pillow
-        #- moviepy
+      - Pillow
       - pylibmc
+      - captcha
+      - jinja2
+      - sqlalchemy
+      - psd-tools
       - django-pylibmc
+      - django-simple-captcha
+      - python3-ldap
       - requests_oauthlib
-      - MySQL-python
+      #- wsgidav
   notify:
     - restart seafile
     - restart seahub
@@ -58,7 +76,7 @@
   tags: seafile
 
 - name: Copy Seafile pro archive
-  copy: src=seafile-pro-server_{{ seafile_version }}_x86-64.tar.gz dest={{ seafile_root_dir }}/tmp/
+  copy: src=seafile-pro-server_{{ seafile_version }}_x86-64_CentOS.tar.gz dest={{ seafile_root_dir }}/tmp/
   when:
     - seafile_install_mode != 'none'
     - seafile_license is defined
@@ -66,7 +84,7 @@
 
 - name: Extract seafile archive
   unarchive:
-    src: "{{ seafile_root_dir }}/tmp/seafile-{{ seafile_license is defined | ternary('pro-','') }}server_{{ seafile_version }}_x86-64.tar.gz"
+    src: "{{ seafile_root_dir }}/tmp/{{ seafile_license is defined | ternary('seafile-pro-server_' ~ seafile_version ~ '_x86-64_CentOS.tar.gz','seafile-server_' ~ seafile_version ~ '_x86-64.tar.gz') }}"
     dest: "{{ seafile_root_dir }}/tmp"
     remote_src: yes
   when: seafile_install_mode != 'none'
@@ -82,6 +100,13 @@
   when: seafile_install_mode != 'none'
   tags: seafile
 
+- name: Chown seafile install dir
+  command: chown -R {{ seafile_user }}:{{ seafile_group }} {{ seafile_root_dir }}/seafile-server/*
+  args:
+    warn: False
+  when: seafile_install_mode != 'none'
+  tags: seafile
+
 - name: Check if avatar is a dir or a link
   stat: path={{ seafile_root_dir }}/seafile-server/seahub/media/avatars
   register: seafile_avatar
diff --git a/roles/seafile/templates/gunicorn.conf.py.j2 b/roles/seafile/templates/gunicorn.conf.py.j2
new file mode 100644
index 0000000..05641f6
--- /dev/null
+++ b/roles/seafile/templates/gunicorn.conf.py.j2
@@ -0,0 +1,16 @@
+import os
+
+daemon = True
+workers = 5
+
+bind = "0.0.0.0:{{ seafile_seahub_port }}"
+
+pids_dir = '{{ seafile_root_dir }}/pids'
+pidfile = os.path.join(pids_dir, 'seahub.pid')
+
+logs_dir = '{{ seafile_root_dir }}/logs'
+errorlog = os.path.join(logs_dir, 'gunicorn_error.log')
+accesslog = os.path.join(logs_dir, 'gunicorn_access.log')
+
+timeout = 1200
+limit_request_line = 8190
diff --git a/roles/seafile/templates/seafile.conf.j2 b/roles/seafile/templates/seafile.conf.j2
index 50c7e70..f644667 100644
--- a/roles/seafile/templates/seafile.conf.j2
+++ b/roles/seafile/templates/seafile.conf.j2
@@ -1,9 +1,6 @@
 [general]
 enable_syslog = true
 
-[fileserver]
-port = {{ seafile_seafile_port }}
-
 [database]
 type = mysql
 host = {{ seafile_db_server }}
@@ -24,6 +21,7 @@ keep_days = {{ seafile_default_history }}
 {% endif %}
 
 [fileserver]
+port = {{ seafile_seafile_port }}
 {% if seafile_max_upload_size is defined %}
 max_upload_size = {{ seafile_max_upload_size }}
 {% endif %}
diff --git a/roles/seafile/templates/seafile.service.j2 b/roles/seafile/templates/seafile.service.j2
index e4463dd..e0d39fb 100644
--- a/roles/seafile/templates/seafile.service.j2
+++ b/roles/seafile/templates/seafile.service.j2
@@ -4,6 +4,7 @@ After=network.target mariadb.service
 
 [Service]
 Type=forking
+Environment=PATH={{ seafile_root_dir }}/bin:/bin:/usr/bin
 ExecStart={{ seafile_root_dir }}/seafile-server/seafile.sh start
 ExecStop={{ seafile_root_dir }}/seafile-server-latest/seafile.sh stop
 User={{ seafile_user }}
diff --git a/roles/seafile/templates/seahub.service.j2 b/roles/seafile/templates/seahub.service.j2
index 5d6ae50..0e9039c 100644
--- a/roles/seafile/templates/seahub.service.j2
+++ b/roles/seafile/templates/seahub.service.j2
@@ -4,7 +4,8 @@ After=network.target seafile.service
 
 [Service]
 Type=forking
-Environment=PYTHONPATH={{ seafile_root_dir }}/lib64/python2.7/site-packages/
+Environment=PYTHONPATH={{ seafile_root_dir }}/lib64/python3.6/site-packages/
+Environment=PYTHON={{ seafile_root_dir }}/bin/python
 ExecStart={{ seafile_root_dir }}/seafile-server/seahub.sh {{ seafile_seahub_fastcgi | ternary('start-fastcgi','start') }} {{ seafile_seahub_port }}
 ExecStop={{ seafile_root_dir }}/seafile-server/seahub.sh stop
 User={{ seafile_user }}
diff --git a/roles/seafile/templates/seahub_settings.py.j2 b/roles/seafile/templates/seahub_settings.py.j2
index 96a661c..f305966 100644
--- a/roles/seafile/templates/seahub_settings.py.j2
+++ b/roles/seafile/templates/seahub_settings.py.j2
@@ -140,6 +140,9 @@ VERIFY_ONLYOFFICE_CERTIFICATE = True
 ONLYOFFICE_APIJS_URL = "{{ (seafile_oo_uri is search('api\.js$')) | ternary(seafile_oo_uri,seafile_oo_uri | regex_replace('/$','') + '/web-apps/apps/api/documents/api.js') }}"
 ONLYOFFICE_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods')
 ONLYOFFICE_EDIT_FILE_EXTENSION = ('docx', 'pptx', 'xlsx', 'odt', 'ods', 'odp')
+{% if seafile_oo_secret is defined %}
+ONLYOFFICE_JWT_SECRET = '{{ seafile_oo_secret }}'
+{% endif %}
 {% endif %}
 
 {% if seafile_public_url is search '^https://' %}