linux:debian:seedbox:metodo2

Aquesta és una revisió antiga del document

instalación rápida debian 6 como seedbox

instalación básica

0.sh
apt-get update && apt-get upgrade
apt-get install vim
useradd -m -d /home/user user
useradd -m -d /home/www www-data
 
//su www-data & cd /home/www
mkdir -p /home/www/public
mkdir -p /home/www/private
mkdir -p /home/www/log
mkdir -p /home/www/auth
chown -R www-data:www-data /home/www
 
// ^D & su user & cd
mkdir -p /home/user/completo
mkdir -p /home/user/downloading
mkdir -p /home/user/torrent
chown -R user:user /home/user
 
ln -s /home/user/completo /home/www/public/completo
ln -s /home/user/downloading /home/www/public/descargando
ln -s /home/user/torrent /home/www/public/torrent
apt-get install sudo
vim /etc/sudoers

instalación paquetes básicos

  • sudo apt-get install apache2 apache2-utils autoconf build-essential ca-certificates comerr-dev libapache2-mod-php5 libcloog-ppl-dev libcppunit-dev libcurl3 libcurl4-openssl-dev libncurses5-dev ncurses-base ncurses-term libterm-readline-gnu-perl libsigc++-2.0-dev libssl-dev libtool libxml2-dev ntp openssl patch libperl-dev php5 php5-cli php5-dev php5-curl php5-geoip php5-mcrypt php5-xmlrpc pkg-config python-scgi dtach ssl-cert subversion zlib1g-dev pkg-config unzip htop irssi curl cfv

configuración apache & php

base

  • módulos seguridad apache:
    • sudo a2enmod ssl && sudo a2enmod auth_digest && sudo a2enmod rewrite
    • sudo vim /etc/apache2/apache2.conf
      • cambiamos Timeout 30 (valor por defecto 300)
      • añadimos al final: ServerTokens Prod
  • sudo service apache2 restart
  • echo '<?php phpinfo(); ?>' | sudo tee /var/www/info.php
  • para comprobar:
  • crear certificado (válido 3650): sudo openssl req -new -x509 -days 3650 -nodes -newkey rsa:2048 -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem && chmod 600 /etc/apache2/apache.pem
  • activar usuario y contraseña para el directorio rutorrent: sudo htdigest -c /etc/apache2/htpasswd rutorrent user

conf1

<VirtualHost *:80>
	RewriteEngine on
	RewriteCond %{SERVER_PORT} =80
	RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI}
</VirtualHost>
 
<VirtualHost *:443>
	ServerAdmin webmaster@localhost
 
	SSLEngine on
	SSLOptions +StdEnvVars +ExportCertData
#	SSLCertificateFile /etc/apache2/apache.pem
	SSLCertificateFile /etc/apache2/certificados/Servidor_certificado.crt
	SSLCertificateKeyFile /etc/apache2/certificados/Servidor_privada.key
	SSLCACertificateFile /etc/apache2/certificados/CertificadosRaiz.crt
 
	DocumentRoot /var/www/
#	<Directory />
#		Options FollowSymLinks
#		AllowOverride All
#	</Directory>
 
	<Directory /var/www/>
		Options -Indexes FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	</Directory>
 
	<Location /rtorrent.CFF9640E>
               AuthType Digest
               AuthName "rtorrent"
               AuthDigestDomain /var/www/rtorrent/ https://ks358174.kimsufi.com/rtorrent
 
                AuthDigestProvider file
                AuthUserFile /etc/apache2/htpasswd3
                Require valid-user
 
		Options Indexes
		Order allow,deny
		allow from all
	</Location>
 
	ErrorLog /var/log/apache2/error.log
 
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
	LogLevel warn
 
	CustomLog /var/log/apache2/access.log combined
 
	<Location /rutorrent>
		AuthType Digest
		AuthName "rutorrent"
		AuthDigestDomain /var/www/rutorrent/ https://ks358174.kimsufi.com/rutorrent
 
		AuthDigestProvider file
		AuthUserFile /etc/apache2/htpasswd3
		Require valid-user
#		SetEnv R_ENV "/var/www/rutorrent"
 
		Options Indexes
		Order allow,deny
		allow from all
	</Location>
 
	<Directory /var/www/rutorrentcert>
		SSLVerifyClient require
		SSLVerifyDepth 2
		SSLRequire (%{SSL_CLIENT_V_REMAIN} >= "0" \
		   and %{SSL_CLIENT_I_DN_O} eq "Mate")
		# ErrorDocument 403 https://...
	</Directory>
</VirtualHost>

conf2

<VirtualHost *:80>
ServerAdmin webmaster@localhost
 
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
 
ErrorLog /var/log/apache2/error.log
 
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
 
CustomLog /var/log/apache2/access.log combined
 
<Location /rutorrent>
AuthType Digest
AuthName "rutorrent"
AuthDigestDomain /var/www/rutorrent/ http://ks358174.kimsufi.com/rutorrent
 
AuthDigestProvider file
AuthUserFile /etc/apache2/htpasswd
Require valid-user
SetEnv R_ENV "/var/www/rutorrent"
</Location>
 
</VirtualHost>
 
<VirtualHost *:443>
ServerAdmin webmaster@localhost
 
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
 
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
 
ErrorLog /var/log/apache2/error.log
 
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
 
CustomLog /var/log/apache2/access.log combined
<Location /rutorrent>
AuthType Digest
AuthName "rutorrent"
AuthDigestDomain /var/www/rutorrent/ http://ks358174.kimsufi.com/rutorrent
 
AuthDigestProvider file
AuthUserFile /etc/apache2/htpasswd
Require valid-user
SetEnv R_ENV "/var/www/rutorrent"
</Location>
</VirtualHost>

conf3

otro_ejemplo
ServerName localhost
 
<VirtualHost *:80>
 
        ServerAdmin admin@rutorrent
        ServerName localhost
        DocumentRoot /var/rutorrent
 
        <Directory />
                AllowOverride None
                Order deny,allow
                Deny from all
        </Directory>
        <Location />
                AuthType Basic
                AuthName "My ruTorrent web site"
                AuthUserFile "/etc/apache2/rutorrent_passwd"
                Require valid-user
                Order allow,deny
                Allow from all
        </Location>
        <Location ~ "^/rutorrent/(conf|share)">
                Order deny,allow
                Deny from all
        </Location>
        <Location ~ "/\\.svn">
                Order deny,allow
                Deny from all
        </Location>
        <Location "/RPC00001">
                AuthType Basic
                AuthName "My ruTorrent web site"
                AuthUserFile "/etc/apache2/rutorrent_passwd"
                Require user yes
        </Location>
</VirtualHost>
<VirtualHost *:443>
        SSLEngine On
        SSLCertificateFile /etc/apache2/rutorrent.pem
        ServerAdmin admin@rutorrent
        ServerName localhost
        DocumentRoot /var/rutorrent
 
        <Directory />
                AllowOverride None
                Order deny,allow
                Deny from all
        </Directory>
        <Location />
                AuthType Basic
                AuthName "My ruTorrent web site"
                AuthUserFile "/etc/apache2/rutorrent_passwd"
                Require valid-user
                Order allow,deny
                Allow from all
        </Location>
        <Location ~ "^/rutorrent/(conf|share)">
                Order deny,allow
                Deny from all
        </Location>
        <Location ~ "/\\.svn">
                Order deny,allow
                Deny from all
        </Location>
        <Location "/RPC00001">
                AuthType Basic
                AuthName "My ruTorrent web site"
                AuthUserFile "/etc/apache2/rutorrent_passwd"
                Require user yes
        </Location>
</VirtualHost>
  • sudo a2ensite default-ssl
  • editamos sudo vim /etc/apache2/ports.conf
/etc/apache2/ports.conf
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default
# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
# README.Debian.gz
 
NameVirtualHost *:80
Listen 80
 
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
NameVirtualHost *:443
Listen 443
</IfModule>
 
<IfModule mod_gnutls.c>
Listen 443
</IfModule>

configuración rtorrent

  • compilamos el paquete libtorrent
    • sudo ./configure –prefix=/usr
    • sudo make -j2
    • sudo make install
  • compilamos el paquete rtorrent
    • export LD_LIBRARY_PATH=/usr/lib
    • sudo ./autogen.sh
    • sudo ./configure –prefix=/usr –with-xmlrpc-c
    • sudo make -j2
    • sudo make install
  • sudo ldconfig
  • creamos el fichero de configuración del rtorrent, en el directorio home del usuario
# This is an example resource file for rTorrent. Copy to
# ~/.rtorrent.rc and enable/modify the options as needed. Remember to
# uncomment the options you wish to enable.
#
# Based on original .rtorrent.rc file from http://libtorrent.rakshasa.no/
# Modified by Lemonberry for rtGui http://rtgui.googlecode.com/
#
# This assumes the following directory structure:
#
# /Torrents/Downloading - temporaray location for torrents while downloading (see "directory")
# /Torrents/Complete - Torrents are moved here when complete (see "on_finished")
# /Torrents/TorrentFiles/Auto - The 'autoload' directory for rtorrent to use. Place a file
# in here, and rtorrent loads it #automatically. (see "schedule = watch_directory")
# /Torrents/Downloading/rtorrent.session - for storing rtorrent session information
#
 
# Maximum and minimum number of peers to connect to per torrent.
#min_peers = 40
max_peers = 100
 
# Same as above but for seeding completed torrents (-1 = same as downloading)
min_peers_seed = -1
max_peers_seed = -1
 
# Maximum number of simultanious uploads per torrent.
max_uploads = 50
 
# Global upload and download rate in KiB. "0" for unlimited.
download_rate = 0
upload_rate = 0
 
# Default directory to save the downloaded torrents.
directory = /home/user/downloading
 
# Default session directory. Make sure you don't run multiple instance
# of rtorrent using the same session directory. Perhaps using a
# relative path?
session = /home/user/.session
 
# Watch a directory for new torrents, and stop those that have been
# deleted.
schedule = watch_directory,5,5,load_start=/home/usuario/torrent/*.torrent
schedule = untied_directory,5,5,stop_untied=
 
# Close torrents when diskspace is low. */
schedule = low_diskspace,5,60,close_low_diskspace=100M
 
# Stop torrents when reaching upload ratio in percent,
# when also reaching total upload in bytes, or when
# reaching final upload ratio in percent.
# example: stop at ratio 2.0 with at least 200 MB uploaded, or else ratio 20.0
#schedule = ratio,60,60,stop_on_ratio=200,200M,2000
 
 
# When the torrent finishes, it executes "mv -n <base_path> ~/Download/"
# and then sets the destination directory to "~/Download/". (0.7.7+)
#on_finished = move_complete,"execute=mv,-u,$d.get_base_path=,/home/user/complete/ ;d.set_directory=/home/user/complete/"
system.method.set_key = event.download.finished,move_complete,"execute=mv,-u,$d.get_base_path=,/home/user/complete/ ;d.set_directory=/home/user/complete/"
# The ip address reported to the tracker.
#ip = 127.0.0.1
#ip = rakshasa.no
 
# The ip address the listening socket and outgoing connections is
# bound to.
#bind = 127.0.0.1
#bind = rakshasa.no
 
# Port range to use for listening.
port_range = 55995-56000
 
# Start opening ports at a random position within the port range.
#port_random = yes
 
scgi_port = 127.0.0.1:5000
 
# Check hash for finished torrents. Might be usefull until the bug is
# fixed that causes lack of diskspace not to be properly reported.
#check_hash = no
 
# Set whetever the client should try to connect to UDP trackers.
#use_udp_trackers = no
 
# Alternative calls to bind and ip that should handle dynamic ip's.
#schedule = ip_tick,0,1800,ip=rakshasa
#schedule = bind_tick,0,1800,bind=rakshasa
 
# Encryption options, set to none (default) or any combination of the following:
# allow_incoming, try_outgoing, require, require_RC4, enable_retry, prefer_plaintext
#
# The example value allows incoming encrypted connections, starts unencrypted
# outgoing connections but retries with encryption if they fail, preferring
# plaintext to RC4 encryption after the encrypted handshake
#
encryption = allow_incoming,enable_retry,prefer_plaintext
 
# Enable DHT support for trackerless torrents or when all trackers are down.
# May be set to "disable" (completely disable DHT), "off" (do not start DHT),
# "auto" (start and stop DHT as needed), or "on" (start DHT immediately).
# The default is "off". For DHT to work, a session directory must be defined.
#
dht = disable
 
# UDP port to use for DHT.
#
# dht_port = 6881
 
# Enable peer exchange (for torrents not marked private)
#
peer_exchange = no
 
#
# Do not modify the following parameters unless you know what you're doing.
#
 
# Example of scheduling commands: Switch between two ip's every 5
# seconds.
#schedule = "ip_tick1,5,10,ip=torretta"
#schedule = "ip_tick2,10,10,ip=lampedusa"
 
# Remove a scheduled event.
#schedule_remove = "ip_tick1"

screen

resumen

  • fichero de configuración en ~/.screenrc:
    startup_message off
hardstatus alwayslastline '%{= wk}%?%-Lw%?%{r}(%{k}%n*%f%t%?(%u)%?%{r})%{k}%?%+Lw%?%?%= %d-%m-%Y %c'
activity ''
    • 1ª linea: evita msg informativo
    • 2ª linea: barra informativa (te permite saber si estás en una screen
  • teclas:
    • Ctrl+a d : ejecución en segundo planto
    • Ctrl+a : nueva consola virtual
    • Ctrl+a n,a : ir a siguiente y anterior consola
    • Ctrl+a <n> : ir a <n> número de consola
    • Ctrl+a w : mostrar lista de consolas abiertas
    • Ctrl+a May+a : poner nombre a la consola actual
    • Ctrl+d : salir de consola (también Ctrl+a k)
  • screen -r : mostrará si hay sesiones virtuales y te podrás «reenganchar»
    • screen -r xxxx
  • screen -d: cerrar sesión

uso

  • screen -q -S rtorrent → abre sesión rtorrent
    • si se produce un error → Cannot open your terminal '/dev/pts/1' - please check. corregir con chmod 777 /dev/pts/1
    • también screen -S rtorrent rtorrent
  • una vez abierta sesión, ejecutar el rtorrent
  • para salir de la sesión y que continue abierta, CTRL+A, D
  • para volver a una sesión ya abierta: screen -raAd rtorrent
  • para matar rtorrent: killall -9 -u $(whoami) rtorrent
    • si se atasca, eliminar ficheros de directorios .session (se perderá todo lo compartido, aunque no los ficheros descargados)

rutorrent

  • descargar en directorio temporal:
    • svn checkout http://rutorrent.googlecode.com/svn/trunk/rutorrent
    • svn checkout http://rutorrent.googlecode.com/svn/trunk/plugins
    • sustituimos la carpeta plugins dentro del rutorrent por la descargada
    • copiamos/movemos la carpeta a la raiz del webserver, cambiando permisos y propietario
      • chown -R www-data:www-data rutorrent
      • chmod -R 755 rutorrent
    • reemplazamos el archivo ~/rutorrent/conf/config.php
      <?php
// configuration parameters
 
// for snoopy client
@define('HTTP_USER_AGENT', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9) Gecko/2008052906 Firefox/3.0', true);
@define('HTTP_TIME_OUT', 30, true); // in seconds
@define('HTTP_USE_GZIP', true, true);
$httpIP = null; // IP string. Or null for any.
 
@define('RPC_TIME_OUT', 5, true); // in seconds
 
@define('LOG_RPC_CALLS', false, true);
@define('LOG_RPC_FAULTS', true, true);
 
// for php
@define('PHP_USE_GZIP', false, true);
@define('PHP_GZIP_LEVEL', 2, true);
 
$do_diagnostic = true;
$log_file = '/tmp/rutorrent_errors.log'; // path to log file (comment or leave blank to disable logging)
 
$saveUploadedTorrents = true; // Save uploaded torrents to profile/torrents directory or not
$overwriteUploadedTorrents = false; // Overwrite existing uploaded torrents in profile/torrents directory or make unique name
 
$topDirectory = '/home'; // Upper available directory. Absolute path with trail slash.
$forbidUserSettings = false;
 
$scgi_port = 5000;
$scgi_host = "127.0.0.1";
 
// For web->rtorrent link through unix domain socket
// (scgi_local in rtorrent conf file), change variables
// above to something like this:
//
//$scgi_port = 0;
//$scgi_host = "unix:///tmp/rtorrent.sock";
 
$XMLRPCMountPoint = "/RPC2"; // DO NOT DELETE THIS LINE!!! DO NOT COMMENT THIS LINE!!!
 
$pathToExternals = array(
"php" => '/usr/bin/php', // Something like /usr/bin/php. If empty, will be found in PATH.
"curl" => '/usr/bin/curl', // Something like /usr/bin/curl. If empty, will be found in PATH.
"gzip" => '/bin/gzip', // Something like /usr/bin/gzip. If empty, will be found in PATH.
"id" => '/usr/bin/id', // Something like /usr/bin/id. If empty, will be found in PATH.
"stat" => '/usr/bin/stat', // Something like /usr/bin/stat. If empty, will be found in PATH.
);
 
$localhosts = array( // list of local interfaces
"127.0.0.1",
"localhost",
);
 
$profilePath = '../share'; // Path to user profiles
$profileMask = 0777; // Mask for files and directory creation in user profiles.
// Both Webserver and rtorrent users must have read-write access to it.
// For example, if Webserver and rtorrent users are in the same group then the value may be 0770.
 
?>
    • reemplazamos el archivo ~/rutorrent/conf/plugins.ini
      ;; Plugins' permissions.
;; If flag is not found in plugin section, corresponding flag from "default" section is used.
;; If flag is not found in "default" section, it is assumed to be "yes".
;;
;; For setting individual plugin permissions you must write something like that:
;;
;; [ratio]
;; enabled = yes ;; also may be "user-defined", in this case user can control plugin's state from UI
;; canChangeToolbar = yes
;; canChangeMenu = yes
;; canChangeOptions = no
;; canChangeTabs = yes
;; canChangeColumns = yes
;; canChangeStatusBar = yes
;; canChangeCategory = yes
;; canBeShutdowned = yes
 
[default]
enabled = user-defined
canChangeToolbar = yes
canChangeMenu = yes
canChangeOptions = yes
canChangeTabs = yes
canChangeColumns = yes
canChangeStatusBar = yes
canChangeCategory = yes
canBeShutdowned = yes
 
;; Default
 
[_getdir]
enabled = yes
[cpuload]
enabled = user-defined
[create]
enabled = user-defined
[datadir]
enabled = yes
[diskspace]
enabled = user-defined
[erasedata]
enabled = user-defined
[show_peers_like_wtorrent]
enabled = user-defined
[theme]
enabled = yes
[tracklabels]
enabled = user-defined
[trafic]
enabled = user-defined
 
;; Enabled
 
[autotools]
enabled = user-defined
[cookies]
enabled = user-defined
[data]
enabled = user-defined
[edit]
enabled = user-defined
[extratio]
enabled = user-defined
[extsearch]
enabled = user-defined
[filedrop]
enabled = user-defined
[filemanager]
enabled = user-defined
[geoip]
enabled = user-defined
[httprpc]
enabled = yes
canBeShutdowned = no
[pausewebui]
enabled = yes
[ratio]
enabled = user-defined
[ratiocolor]
enabled = user-defined
[rss]
enabled = user-defined
[_task]
enabled = yes
[throttle]
enabled = user-defined
[titlebar]
enabled = user-defined
[unpack]
enabled = user-defined
 
;; Disabled
 
[chat]
enabled = no
[chunks]
enabled = no
[feeds]
enabled = no
[fileshare]
enabled = no
[fileupload]
enabled = no
[history]
enabled = no
[instantsearch]
enabled = no
[ipad]
enabled = no
[logoff]
enabled = no
[loginmgr]
enabled = no
[mediainfo]
enabled = no
[mediastream]
enabled = no
[check_port]
enabled = no
[retrackers]
enabled = no
[rpc]
enabled = no
[rssurlrewrite]
enabled = no
[rutracker_check]
enabled = no
[scheduler]
enabled = no
[screenshots]
enabled = no
[seedingtime]
enabled = no
[source]
enabled = no
  • linux/debian/seedbox/metodo2.1421447279.txt.gz
  • Darrera modificació: 16/01/2015 14:27
  • per mate