Skip to content

Instantly share code, notes, and snippets.

@GAS85
Last active July 8, 2024 00:16
Show Gist options
  • Save GAS85/79849bfd09613067a2ac0c1a711120a6 to your computer and use it in GitHub Desktop.
Save GAS85/79849bfd09613067a2ac0c1a711120a6 to your computer and use it in GitHub Desktop.
Aria2 + Ubuntu 18.04 + Apache2 + Web UI
OS: Ubuntu 18.04 Apache/2.4.18 1.0.2g-1ubuntu4.10
Aim: to install Aria2 with WebUI and secure Token.
IP Addr of your Aria2 server is 192.168.0.111
Your local IP network is 192.168.0.0/24

Aria 2

1. Installation

Install aria2 package:

sudo apt install aria2

2.Configuration

a. create Token:

openssl rand -base64 32

b. Create and edit configuration file (I created it in user folder /home/user/.aria2/aria.conf file, at least few lines must be added:

# Or other directory to save downloads
dir=/home/user/torrents
rpc-secret=YOUR_TOKEN_FROM_ABOVE
enable-rpc=true
rpc-listen-all=true
daemon=true
# Your Certificate file
rpc-certificate=/usr/local/etc/aria2/aria2.pfx
# Enable encryption
rpc-secure=true

Optional:

# For Web UI
rpc-listen-port=6800
# For torrents
listen-port=6801
dht-listen-port=6801

c. Create PFX certificate. Please, leave "Password" field empty when it's prompted:

cd /usr/local/etc/aria2
sudo openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout aria2.pem -out aria2.pem
sudo openssl pkcs12 -export -out aria2.pfx -in aria2.pem -name "Aria2 Certificate"
sudo chmod 604 aria2.pfx

My full configuration looks as following:

dir=/home/user/torrent
file-allocation=trunc
continue=true
daemon=true
## Logs
log=/home/user/.aria2/aria2.log
console-log-level=warn
log-level=notice
## Some Limits
max-concurrent-downloads=5
max-connection-per-server=5
min-split-size=20M
split=4
disable-ipv6=true
##
input-file=/home/user/.aria2/aria2.session
save-session=/home/user/.aria2/aria2.session
save-session-interval=30
## RPC
enable-rpc=true
rpc-allow-origin-all=true
rpc-listen-all=true
# Port for JSON RPC
rpc-listen-port=6800
rpc-secret=YOUR_TOKEN_FROM_ABOVE
# Your Certificate file
rpc-certificate=/usr/local/etc/aria2/aria2.pfx
# Enable encryption
rpc-secure=true
## Torrents Settings
follow-torrent=mem
follow-metalink=mem
enable-dht6=false
peer-id-prefix=-TR2770-
user-agent=Transmission/2.77
seed-time=0
#seed-ratio=1.0
bt-seed-unverified=true
bt-save-metadata=true
bt-force-encryption=true
# Torrent TCP port
listen-port=6801
# Torrent UDP port
dht-listen-port=6801

If you whant to use it, please create file /home/user/.aria2/aria2.session with correct ownership otherwise Aria will not be able to start.

d. If you have iptables add something like this:

iptables -I INPUT -p tcp -m tcp --dport 6800:6801 -j ACCEPT
iptables -I INPUT -p udp -m udp --dport 6801 -j ACCEPT

e. Start Aria2 and set configuration location:

aria2c --conf-path="/home/user/.aria2/aria2.conf"

3 Firefox denies to use self-signed certificate

you have to add it to the trusted list. Point browser to https://YOUR_SERVER_IP:6800/jsonrpc, e.g.:

https://192.168.0.111:6800/jsonrpc

and click "add this site to trusted, permanently".

4. You can use Aria2 with Letsencrypt Certificate

just make changes in config:

# Comment out your PFX if you created it as written above
# Your Certificate file
#rpc-certificate=/usr/local/etc/aria2/aria2.pfx	
rpc-certificate=/etc/letsencrypt/live/YourDomain/fullchain.pem
rpc-private-key=/etc/letsencrypt/live/YourDomain/privkey.pem
rpc-secure=true

Please be aware that user set in point 7 below (or user that running Aria2) should have an access to those files. You can check if user has an access via command

sudo -u user ls -la /etc/letsencrypt/live/YourDomain/privkey.pem
#OR
sudo -u user test -r /etc/letsencrypt/live/YourDomain/privkey.pem && echo YES || echo NO

Web UI

1. Download it from Github:

cd /tmp
wget https://github.com/ziahamza/webui-aria2/archive/master.zip
unzip master.zip -d /var/www/

2. Edit configuration:

sudo nano /var/www/webui-aria2-master/configuration.js

change following lines:

host: location.protocol.startsWith('https') ? location.hostname : '192.168.0.111',
path: '/jsonrpc',
port: 6800,
encrypt: true,
auth: {                          // either add the token field or the user and pass field, not both.
// token: '$YOUR_TOKEN_FROM_ABOVE$'

3. Create Apache2 configuration for webIU:

cd /etc/apache2/sites-available/
sudo nano 002-aria2.conf

with following text to enable you local LAN only:

<IfModule alias_module>
    Alias /webui-aria2 /var/www/webui-aria2-master
    <Directory "/var/www/webui-aria2-master">
        AllowOverride None
        Options None
        Order deny,allow
        Allow from 192.168.0.0/24 localhost 127.0.0.1
        Deny from all
    </Directory>
</IfModule>

4. Enable config:

sudo ln -s 002-aria2.conf ../sites-enabled

or

sudo a2ensite 002-aria2.conf

5. Restart Apache2

sudo service apache2 restart

6 Use it

You can call your Aria WebUI under e.g. http(s)://192.168.0.111/webui-aria2

Read how to enable reverse aria2 Proxy here https://gist.github.com/GAS85/d5ff9443a3b2fdb39b7b67fac2f7eff4

7 You can create a service to make it easier:

sudo nano /lib/systemd/system/aria2.service

with following text:

[Unit]
Description=Aria2c download manager
Requires=network.target
After=dhcpcd.service

[Service]
Type=forking
User=user
Group=samegroup
ExecStart=/usr/bin/aria2c --conf-path=/home/user/.aria2/aria2.conf
WorkingDirectory=/home/user/torrents
ExecReload=/usr/bin/kill -HUP $MAINPID
RestartSec=1min
Restart=on-failure

[Install]
WantedBy=multi-user.target
@justintrann
Copy link

Does anyone run it successfully ?

@GAS85
Copy link
Author

GAS85 commented Jul 1, 2021

For me it works. What exactly is problem.
Check logs if aria2 starts, it is very bounded to the configuration. Start from small basic config and then increase it slowly with check each time if it still works with changes.

@Focshole
Copy link

Weird issue, don't add inline comments as shown here

rpc-secret=YOUR TOKEN FROM ABOVE
rpc-certificate=/usr/local/etc/aria2/aria2.pfx	#your Certificate file
rpc-secure=true									#enable encryption

If inlined, it may read a wrong input. In the error log I had found

aria2c[16676]: Exception: [AbstractOptionHandler.cc:69] errorCode=28 We encountered a problem while processing the option '--listen-port'.
aria2c[16676]:   -> [util.cc:643] errorCode=1 Bad range 9852  #for torrents
``

@GAS85
Copy link
Author

GAS85 commented Sep 28, 2021

That's could be the case, those comments are only add for this gist. I do check my current configuration and there is no those comments.

@P0oOOOo0YA
Copy link

Inline comments are not allowed in aria2 conf file. Comments have to be on their own lines.

@GAS85
Copy link
Author

GAS85 commented Mar 15, 2022

You Right, I made update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment