以前记录过Torrust部署的步骤,最近发现Torrust的变化挺大的,遂重新写一篇新版本的部署文章。
Torrust的架构主要分为两个部分,一个是index一个是tracker。其中index又分为一个前端和后端。
index主要的作用是用来搭建一个可视化的网页,可供用户上传、下载种子文件。
tracker就是一个bt tracker服务器,这个实际上是可以独立运行的,并不依赖于index。
下面我使用Docker来部署一个完整的Torrust服务器(包含index和tracker)
开始前需要准备一个域名,做好两个DNS的A记录解析,一个用于index一个用于tracker,本文示例:pt.example.com (index)、tracker.example.com (tracker)
安装Docker和需要用到的软件包:
apt -y update apt -y install curl nginx python3-certbot-nginx sqlite3 curl -fsSL https://get.docker.com -o get-docker.sh sh get-docker.sh
准备目录:
mkdir -p /opt/torrust && cd /opt/torrust
新建compose文件:
nano docker-compose.yml
写入如下内容:
--- name: torrust services: index-gui: image: torrust/index-gui:develop container_name: index-gui tty: true restart: unless-stopped environment: - USER_ID=2000 - NUXT_PUBLIC_API_BASE=https://pt.example.com/api/v1 - NITRO_HOST=0.0.0.0 - NITRO_PORT=3000 ports: - 3000:3000 volumes: - ./storage/index-gui/log:/var/log/torrust/index-gui:rw logging: options: max-size: "10m" max-file: "10" depends_on: - index - tracker index: image: torrust/index:develop container_name: index tty: true restart: unless-stopped environment: - USER_ID=2000 ports: - 3001:3001 volumes: - ./storage/index/lib:/var/lib/torrust/index:rw - ./storage/index/log:/var/log/torrust/index:rw - ./storage/index/etc:/etc/torrust/index:rw logging: options: max-size: "10m" max-file: "10" depends_on: - tracker tracker: image: torrust/tracker:develop container_name: tracker tty: true restart: unless-stopped environment: - USER_ID=2000 ports: - 6969:6969/udp - 7070:7070 - 1212:1212 volumes: - ./storage/tracker/lib:/var/lib/torrust/tracker:rw - ./storage/tracker/log:/var/log/torrust/tracker:rw - ./storage/tracker/etc:/etc/torrust/tracker:rw logging: options: max-size: "10m" max-file: "10"
[备注1]所有容器的USER_ID环境变量全部都设置成2000。
[备注2]将NUXT_PUBLIC_API_BASE环境变量的URL修改为你自己的域名。
创建index需要用到的数据库目录:
mkdir -p ./storage/index/lib/database
创建空的数据库:
sqlite3 "./storage/index/lib/database/sqlite3.db" "VACUUM;"
创建index需要用到的配置文件目录:
mkdir -p ./storage/index/etc
新建index的配置文件:
nano ./storage/index/etc/index.toml
写入如下内容:
log_level = "info" [website] name = "Torrust" [tracker] url = "https://tracker.example.com/announce" mode = "Private" api_url = "http://tracker:1212" token = "hidden" token_valid_seconds = 7257600 [net] port = 3001 [auth] email_on_signup = "Optional" min_password_length = 6 max_password_length = 64 secret_key = "hidden" [database] connect_url = "sqlite:///var/lib/torrust/index/database/sqlite3.db?mode=rwc" [mail] email_verification_enabled = false from = "example@email.com" reply_to = "noreply@email.com" username = "" password = "" server = "mailcatcher" port = 1025 [image_cache] max_request_timeout_ms = 1000 capacity = 128000000 entry_size_limit = 4000000 user_quota_period_seconds = 3600 user_quota_bytes = 64000000 [api] default_torrent_page_size = 10 max_torrent_page_size = 30 [tracker_statistics_importer] torrent_info_update_interval = 3600 port = 3002
你需要修改上述配置文件中的:
url = "https://tracker.example.com/announce" token = "hidden" secret_key = "hidden"
其他的配置可以保持不变,其中token和secret_key可以使用如下命令生成:
openssl rand -hex 16
同样的,现在我们创建tracker需要用到的数据库目录:
mkdir -p ./storage/tracker/lib/database
创建空的数据库:
sqlite3 "./storage/tracker/lib/database/sqlite3.db" "VACUUM;"
创建tracker需要用到的配置文件目录:
mkdir -p ./storage/tracker/etc
新建tracker的配置文件:
nano ./storage/tracker/etc/tracker.toml
写入如下内容:
announce_interval = 300 db_driver = "Sqlite3" db_path = "/var/lib/torrust/tracker/database/sqlite3.db" external_ip = "0.0.0.0" inactive_peer_cleanup_interval = 600 log_level = "info" max_peer_timeout = 900 min_announce_interval = 300 mode = "private" on_reverse_proxy = true persistent_torrent_completed_stat = true remove_peerless_torrents = true tracker_usage_statistics = true [[udp_trackers]] bind_address = "0.0.0.0:6969" enabled = false [[http_trackers]] bind_address = "0.0.0.0:7070" enabled = true ssl_cert_path = "/var/lib/torrust/tracker/tls/localhost.crt" ssl_enabled = false ssl_key_path = "/var/lib/torrust/tracker/tls/localhost.key" [http_api] bind_address = "0.0.0.0:1212" enabled = true ssl_cert_path = "" ssl_enabled = false ssl_key_path = "" [http_api.access_tokens] admin = "hidden" [health_check_api] bind_address = "127.0.0.1:1313"
你需要修改上述配置文件中的:
admin = "hidden"
此值应与index中的token = “hidden”一致。其他的配置可以保持不变。
[重要]将storage目录的所有者权限改为2000:
chown -R 2000:2000 /opt/torrust/storage
启动:
docker compose up -d
现在需要配置2个反向代理,一个用于index一个用于tracker,先来配置index的,新建Nginx站点配置文件:
nano /etc/nginx/sites-available/index
写入如下内容:
server { listen 80; listen [::]:80; index index.html index.htm; server_name pt.example.com; location /api/v1/proxy { rewrite ^ $request_uri; rewrite ^/api(/.*) $1 break; proxy_pass http://127.0.0.1:3001; } location ^~ /api/ { rewrite ^/api/(.*)$ /$1 break; proxy_pass http://127.0.0.1:3001; } location / { proxy_pass http://127.0.0.1:3000; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
新建tracker的Nginx站点配置文件:
nano /etc/nginx/sites-available/tracker
写入如下内容:
server { listen 80; listen [::]:80; index index.html index.htm; server_name tracker.example.com; location /api/ { proxy_pass http://127.0.0.1:1212; } location / { proxy_pass http://127.0.0.1:7070; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
启用站点:
ln -s /etc/nginx/sites-available/index /etc/nginx/sites-enabled/index ln -s /etc/nginx/sites-available/tracker /etc/nginx/sites-enabled/tracker
申请TLS证书:
certbot --nginx --email example@lala.im --agree-tos --no-eff-email
现在访问你的域名应该能够打开Torrust的网页界面了,第一个注册的账户,默认是管理员:
需要注意的是,在我们刚才的配置中,是将index和tracker配置为了private模式,也就是私有模式,国内一般称之为pt。
在这种模式下,用户必须在index中注册了账户才能下载种子文件,并且tracker也只有注册过的用户才能连接。
Torrust的index和tracker还支持public模式,也就是公共模式,用户无需注册即可下载index中的种子文件,并且tracker可以供任何人使用。如果你想运行public模式,则需要做以下修改:
在index的配置文件中,修改如下配置:
... [tracker] url = "udp://tracker.example.com:6969" mode = "Public" ...
在tracker的配置文件中,修改如下配置:
... mode = "public" ... [[udp_trackers]] bind_address = "0.0.0.0:6969" enabled = true ...
我用qbittorrent做了个种子测试了一下,基本功能可用,但说实话离可以正式运营还有一段距离,主要前端的功能不够完善,当个bt模式来用的话还勉勉强强,pt的话就算了。。其实还有一个sqtracker,如果你想搭一个小的pt站的话,目前sqtracker比torrust更适合。