Contents
使用 docker 安装 aria2-pro
详细参数信息参考 https://p3terx.com/archives/docker-aria2-pro.html
主要是记录自己的配置文件
1.安装 docker
Ubuntu 系统使用官方脚本安装 docker
curl -fsSL get.docker.com -o get-docker.sh
sh get-docker.sh
2. docker 部署 aria2-pro
注意将 RPC_SECRET 参数替换为自己的密码
docker run -d \
--name aria2-pro \
--restart unless-stopped \
--log-opt max-size=1m \
-e PUID=UID \
-e PGID=GID \
-e RPC_SECRET=123456 \
-p 8001:6800 \
-p 8002:6888 -p 8002:6888/udp \
-e DISK_CACHE=1024M \
-e IPV6_MODE=true \
-v /root/aria2-config:/config \
-v /root/aria2/downloads:/downloads \
p3terx/aria2-pro
3. docker 部署 ariaNG
docker run -d \
--name ariang \
--restart unless-stopped \
--log-opt max-size=1m \
-p 8003:6880 \
p3terx/ariang
4. docker 部署 filebrowser
docker run -d \
--name filebrowser \
--restart always \
-v /root/aria2/downloads:/srv \
-p 8000:80 \
filebrowser/filebrowser
5. docker 部署 nginx 实现 ssl 反代
5.1 docker 部署nginx
docker run -d \
--name nginx \
-v /root/nginx/conf.d:/etc/nginx/conf.d \
-v /root/nginx/ssl:/etc/nginx/ssl \
-v /root/nginx/www:/usr/share/nginx/html \
-p 80:80 \
-p 81:81 \
-p 443:443 \
--restart unless-stopped \
nginx
5.2 aria2.conf 的 nginx 配置文件
注意将 listen , server_name 和 proxy_pass 替换为自己服务器的信息
server{
server_name www.abc.com;
rewrite ^(.*) https://server_name1 permanent;
}
server{
listen 443 ssl;
server_name www.abc.com;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://x.x.x.x:xxxx;
proxy_set_header Host host;
proxy_set_header X-Real-IPremote_addr;
proxy_set_header X-Forwarded-For proxy_add_x_forwarded_for;
}
}
server{
listen xx ssl;
server_name www.abc.com;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://x.x.x.x:xxxx;
proxy_set_header Hosthost:server_port;
proxy_set_header X-Real-IPremote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
5.3 filebrowser.conf 的 nginx 配置文件
注意将 listen , server_name 和 proxy_pass 替换为自己服务器的信息
server{
server_name www.abc.com;
rewrite ^(.*) https://server_name1 permanent;
}
server{
listen xxx ssl;
server_name d.tremb1e.com;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://x.x.x.x:xxxx;
proxy_set_header Host host;
proxy_set_header X-Real-IPremote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
5.4 放行 iptables
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
6. 使用 acme 申请 ssl 证书并自动续期
acme 教程 https://github.com/acmesh-official/acme.sh/wiki/说明
acme.sh --install-cert -d a.tremb1e.com \
--key-file /root/nginx/ssl/a.tremb1e.com/key.pem \
--fullchain-file /root/nginx/ssl/cert.pem \
--reloadcmd "service nginx force-reload"
acme.sh --install-cert -d d.tremb1e.com \
--key-file /root/nginx/ssl/d.tremb1e.com/key.pem \
--fullchain-file /root/nginx/ssl/cert.pem
证书安装完成后,重启 nginx 即可
docker restart nginx