Install rTorrent
As rTorrent package is always up-to-date on Arch repository, it's not needed to compile it.
Install ruTorrent
Create the web server root directory if it doesn't already exist:
1 # mkdir -p /usr/share/nginx/html/
Go to the web server folder and clone the ruTorrent git repository into it:
1 2 $ cd /usr/share/nginx/html/ # git clone https://github.com/Novik/ruTorrent.git rutorrent
Install Nginx
1 # pacman -S nginx-mainline
1 2 # systemctl enable nginx.service # systemctl start nginx.service
1 upload_max_filesize = 15M
1 open_basedir = /usr/share/nginx/html/rutorrent
Enable and start php-fpm:
1 2 # systemctl enable php-fpm # systemctl start php-fpm
1 2 3 # mkdir /etc/nginx/auth # mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.default # vim /etc/nginx/nginx.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 user http; worker_processes auto; # PID error: https://bugs.archlinux.org/task/46500 # pid /run/nginx.pid; events { worker_connections 1024; multi_accept on; use epoll; } http { charset UTF-8; ## # Basic Settings ## server_names_hash_bucket_size 64; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; server_tokens off; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_buffers 16 8k; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/servers-enabled/*; }
Create following directories:
1 2 # mkdir /etc/nginx/servers-available # mkdir /etc/nginx/servers-enabled
Create the server domain config:
1 # vim /etc/nginx/servers-available/seedbox.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 server { listen 80; listen [::]:80; # Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response. return 301 https://$host$request_uri; } ## # BLOCK SERVEUR HTTPS ## server { listen 443 ssl http2; server_name seedbox.domain.example.org; root /usr/share/nginx/html/rutorrent; index index.php index.html index.htm; ## # SSL ## ssl_certificate /etc/nginx/ssl/seedbox.crt; ssl_certificate_key /etc/nginx/ssl/seedbox.key; ssl_protocols TLSv1.2; ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES; ssl_ecdh_curve secp384r1; ssl_prefer_server_ciphers on; # ssl optimizations ssl_session_timeout 5m; ssl_session_cache shared:SSL:20m; ssl_session_tickets on; ## # SECURITY ## add_header X-XSS-Protection "1; mode=block"; auth_basic "Restricted Area"; auth_basic_user_file "/etc/nginx/auth/seedbox_auth"; ## # PHP ## location / { index index.php index.html index.htm; try_files $uri $uri/ /index.php?$args; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location ^~ /conf/ { deny all; } location ^~ /share/ { deny all; } }
Don't forget to change server_name seedbox.domain.example.org;
with your own domain and create a CNAME entry in your DNS configuration.
Enable the server:
1 # ln -s /etc/nginx/servers-available/seedbox.conf /etc/nginx/servers-enabled/seedbox.conf
We will both view self-signed certificate and Let's Encrypt ones.
Self-signed
Generate self-signed certificate:
1 2 3 4 # cd /etc/nginx/ssl # openssl ecparam -genkey -name secp384r1 -out seedbox.key # openssl req -new -key seedbox.key -sha256 -out seedbox.csr # openssl req -x509 -days 3650 -sha256 -key seedbox.key -in seedbox.csr -out seedbox.crt
1 2 # chmod 644 /etc/nginx/ssl/*.crt # chmod 640 /etc/nginx/ssl/*.key
Let's Encrypt
TODO
Add an user
1 2 # useradd --shell /bin/bash --create-home sdbox # passwd sdbox
Create needed folder for rtorrent:
1 # mkdir -p /home/sdbox/{torrents,watch,.session}
Create rtorrent config file:
1 # vim /home/sdbox/.rtorrent.rc
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 scgi_port = 127.0.0.1:5001 encoding_list = UTF-8 port_range = 45000-65000 port_random = no check_hash = no directory = /home/sdbox/torrents session = /home/sdbox/.session encryption = allow_incoming, try_outgoing, enable_retry schedule = watch_directory,1,1,"load_start=/home/sdbox/watch/*.torrent" schedule = untied_directory,5,5,"stop_untied=/home/sdbox/watch/*.torrent" use_udp_trackers = yes dht = off peer_exchange = no min_peers = 40 max_peers = 100 min_peers_seed = 10 max_peers_seed = 50 max_uploads = 15 execute = {sh,-c,/usr/bin/php /usr/share/nginx/html/rutorrent/php/initplugins.php sdbox &} schedule = espace_disque_insuffisant,1,30,close_low_diskspace=500M
1 2 3 # chown --recursive sdbox:sdbox /home/sdbox # chown root:root /home/sdbox # chmod 755 /home/sdbox
Edit the virtual server conf:
1 # vim /etc/nginx/servers-available/seedbox.conf
1 2 3 4 5 6 7 location /SDBOX { include scgi_params; scgi_pass 127.0.0.1:5001; auth_basic "Restricted Area"; auth_basic_user_file "/etc/nginx/auth/seedbox_auth sdbox"; }
In order to do not install apache-tools, manually generate the auth file for sdbox user (it will write over the file and don't forget to change the password in the command):
1 $ echo -n "sdbox:" | sudo tee /etc/nginx/auth/seedbox_auth && openssl passwd -apr1 password | sudo tee -a /etc/nginx/auth/seedbox_auth
Protect the authentification file:
1 2 # chmod 600 /etc/nginx/auth/seedbox_auth # chown http:http /etc/nginx/auth/*
Create ruTorrent config file:
1 2 # mkdir /usr/share/nginx/html/rutorrent/conf/users/sdbox # vim /usr/share/nginx/html/rutorrent/conf/users/sdbox/config.php
1 2 3 4 5 6 7 8 <?php $pathToExternals['curl'] = '/usr/bin/curl'; $topDirectory = '/home/sdbox'; $scgi_port = 5001; $scgi_host = '127.0.0.1'; $XMLRPCMountPoint = '/SDBOX'; $tempDirectory = '/usr/share/nginx/html/rutorrent/tmp/';
1 2 3 # chown -R http:http /usr/share/nginx/html/rutorrent # chmod 0777 /usr/share/nginx/html/rutorrent/share/{settings,torrents,users} # systemctl restart nginx.service
Create a rTorrent service
Create the file /etc/systemd/system/rtorrent.service
(because /etc/systemd/user/
doesn't work) containing:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 [Unit] Description=rTorrent Daemon After=network.target [Service] Type=forking KillMode=none User=sdbox ExecStart=/usr/bin/tmux new-session -c /mnt/storage/rtorrent -s rtorrent -n rtorrent -d rtorrent ExecStop=/usr/bin/bash -c "/usr/bin/tmux send-keys -t rtorrent C-q && while pidof rtorrent > /dev/null; do sleep 0.5; done" WorkingDirectory=/home/sdbox/ Restart=on-failure [Install] WantedBy=multi-user.target
Install tmux if not yet installed:
1 # pacman -S --needed tmux
Enable rtorrent at boot time and manually start it:
1 2 $ systemctl enable rtorrent $ systemctl start rtorrent
Source : sdbox , wiki archlinux
Troubleshooting
1 mediainfo: Plugin will not work. rTorrent user can't access external program (mediainfo).
You may need to install mediainfo: pacman -S mediainfo
.
unrar
1 Unpack plugin: rTorrent user can't access 'unrar' program.
You may need to install unrar: pacman -S unrar
.
screenshots
1 screenshots: Plugin will not work. rTorrent user can't access external program (ffmpeg).
I don't use it and don't want to install ffmpeg and all its dependencies (224 MB) so I disabled it.
To do so:
Edit the plugin config file (global) vim /usr/share/nginx/html/rutorrent/conf/plugins.ini
.
And add this lines at the end:
1 2 [screenshots] enabled = no
Or if you want to use screenshots plugin just install ffmpeg: pacman -S ffmpeg
.
1 rss: Some functionality will be unavailable. Webserver user can't access external program (curl).
I didn't find how to cleanly resolve that. Some tells to add /urb/bin
in the open_basedir
or php.ini
but this is a security issue and that doesn't work in our case. So I just disabled rss plugin:
Edit the plugin config file (global) vim /usr/share/nginx/html/rutorrent/conf/plugins.ini
.
And add this lines at the end:
1 2 3 4 5 [rss] enabled = no [rssurlrewrite] enabled = no
rutracker_check
1 rutracker_check: Plugin will not work. Webserver user must have execute access to the rtorrent session directory (/home/sdbox/.session/).
Add /home/sdbox/.session/
into open_basedir
of /etc/php/php.ini
.