https下实现aria2结合webui提供离线下载服务

aria2的玩法网上到处都是,但是怎么将其置于https下,说的比较少。我将我的经验整理如下供君参考。

部署aria2-with-webui

  • 拉取镜像

    1
    docker pull xujinkai/aria2-with-webui
  • 运行容器

    1
    2
    3
    4
    5
    6
    7
    8
    9
    docker run -d \
    --name aria2-with-webui \
    -p 6800:6800 \
    -p 6880:80 \
    -p 6888:8080 \
    -v /DOWNLOAD:/data \ # /DOWNLOAD是宿主机目录用于存放下载文件
    -v /CONF:/conf \ # /CONF是宿主机目录用于存放配置文件
    -e SECRET="密码,用于连接aria RPC" \
    xujinkai/aria2-with-webui
  • 配置nginx。示例:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    server {
    server_name aria.lefer.cn;
    charset utf-8;
    location / {
    proxy_pass http://127.0.0.1:6880;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
    listen 443 ssl; # managed by Certbot
    ssl_certificate /path/fullchain.pem; # managed by Certbot
    ssl_certificate_key /path/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    }
    server {
    if ($host = aria.lefer.cn) {
    return 301 https://$host$request_uri;
    } # managed by Certbot
    server_name aria.lefer.cn;
    listen 80;
    return 404; # managed by Certbot
    }
  • 配置域名解析(略)

配置https

  • 配置aria2.conf

    1
    2
    3
    4
    5
    6
    7
    8
    9
    # 将fullchain.pem和privkey.pem复制一份到/CONF目录
    cd /CONF
    sudo cp /path/fullchain.pem /CONF
    sudo cp /path/privkey.pem /CONF
    sudo vim aria2.conf
    # 增加以下内容
    rpc-secure=true
    rpc-certificate=/conf/fullchain.pem
    rpc-private-key=/conf/privkey.pem
  • 重启container

  • 在防火墙中开放6800端口。(笔者不需要通过浏览器访问下载目录,所以并未开放6888端口,如果有此需求,可以一并打开防火墙)

    1
    sudo firewall-cmd --zone=public --add-port=6800/tcp --permanent
  • 访问url打开web界面,在设置中配置主机为主域名(如lefer.cn),端口6800,填入RPC凭证。

补充更新

原本使用aria2-with-webui去部署 aria2Web UI,但发现这个UI体验实在太差。所以后续采用单纯的aria2镜像配合AriaNg去实现。

  • 创建相关目录

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    # 创建配置文件目录和下载目录
    mkdir /path/config
    mkdir /path/downloads
    # 获取uid gid
    id
    # 更改权限. uid:gid 写上真实值.
    chown -R uid:gid /path/config
    find /path/config -type d -exec chmod 755 {} +
    find /path/config -type f -exec chmod 644 {} +
    chown -R uid:gid /path/downloads
    find /path/downloads -type d -exec chmod 755 {} +
    find /path/downloads -type f -exec chmod 644 {} +
  • fullchain.pem privkey.pem复制到config目录,并在该目录下创建aria2.conf文件,内容示例:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    save-session=/config/aria2.session
    input-file=/config/aria2.session
    save-session-interval=60
    dir=/downloads
    file-allocation=prealloc
    disk-cache=128M
    enable-rpc=true
    rpc-listen-port=6800
    rpc-allow-origin-all=true
    rpc-listen-all=true
    rpc-secret={password}
    auto-file-renaming=false
    max-connection-per-server=16
    min-split-size=1M
    split=16
    rpc-secure=true
    rpc-certificate=/config/fullchain.pem
    rpc-private-key=/config/privkey.pem
  • 启动容器

    1
    2
    3
    4
    5
    6
    7
    8
    docker run \
    -d \
    --name aria2 \
    -u=uid:gid \
    -v /path/config:/config \
    -v /path/downloads:/downloads \
    -p 6800:6800 \
    opengg/aria2

END