aria2的玩法网上到处都是,但是怎么将其置于https下,说的比较少。我将我的经验整理如下供君参考。

部署aria2-with-webui

  • 拉取镜像

    docker pull xujinkai/aria2-with-webui

  • 运行容器

    docker run -d \
    --name aria2-with-webui \
    -p 6800:6800 \
    -p 6880:80 \
    -p 6888:8080 \
    -v /DOWNLOAD:/data \  # /DOWNLOAD是宿主机目录用于存放下载文件
    -v /CONF:/conf \ # /CONF是宿主机目录用于存放配置文件
    -e SECRET="密码,用于连接aria RPC" \
    xujinkai/aria2-with-webui

  • 配置nginx。示例:

    server {
        server_name aria.lefer.cn;
        charset utf-8;

        location / {
    	proxy_pass        http://127.0.0.1:6880;
          	proxy_set_header   Host             $host;
          	proxy_set_header   X-Real-IP        $remote_addr;
          	proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
         } 

        listen 443 ssl; # managed by Certbot
        ssl_certificate /path/fullchain.pem; # managed by Certbot
        ssl_certificate_key /path/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    }

    server {
        if ($host = aria.lefer.cn) {
            return 301 https://$host$request_uri;
        } # managed by Certbot


        server_name aria.lefer.cn;

        listen 80;
        return 404; # managed by Certbot


    }

  • 配置域名解析(略)

配置https

  • 配置aria2.conf

    # 将fullchain.pem和privkey.pem复制一份到/CONF目录
    cd /CONF
    sudo cp /path/fullchain.pem /CONF
    sudo cp /path/privkey.pem /CONF
    sudo vim aria2.conf 
    # 增加以下内容
    rpc-secure=true  
    rpc-certificate=/conf/fullchain.pem  
    rpc-private-key=/conf/privkey.pem

  • 重启container

  • 在防火墙中开放6800端口。(笔者不需要通过浏览器访问下载目录,所以并未开放6888端口,如果有此需求,可以一并打开防火墙)

    sudo firewall-cmd --zone=public --add-port=6800/tcp --permanent

  • 访问url打开web界面,在设置中配置主机为主域名(如lefer.cn),端口6800,填入RPC凭证。

补充更新

原本使用aria2-with-webui去部署 aria2Web UI,但发现这个UI体验实在太差。所以后续采用单纯的aria2镜像配合AriaNg去实现。

  • 创建相关目录

    # 创建配置文件目录和下载目录
    mkdir /path/config
    mkdir /path/downloads

    # 获取uid gid
    id

    # 更改权限. uid:gid 写上真实值.
    chown -R uid:gid /path/config
    find /path/config -type d -exec chmod 755 {} +
    find /path/config -type f -exec chmod 644 {} +
    chown -R uid:gid /path/downloads
    find /path/downloads -type d -exec chmod 755 {} +
    find /path/downloads -type f -exec chmod 644 {} +

  • fullchain.pem privkey.pem复制到config目录,并在该目录下创建aria2.conf文件,内容示例:

    save-session=/config/aria2.session
    input-file=/config/aria2.session
    save-session-interval=60

    dir=/downloads

    file-allocation=prealloc
    disk-cache=128M

    enable-rpc=true
    rpc-listen-port=6800
    rpc-allow-origin-all=true
    rpc-listen-all=true

    rpc-secret={password}

    auto-file-renaming=false

    max-connection-per-server=16
    min-split-size=1M
    split=16

    rpc-secure=true  
    rpc-certificate=/config/fullchain.pem  
    rpc-private-key=/config/privkey.pem

  • 启动容器

    docker run \
      -d \
      --name aria2 \
      -u=uid:gid \
      -v /path/config:/config \
      -v /path/downloads:/downloads \
      -p 6800:6800 \
      opengg/aria2

END