PHP Code:
Setup Linux
Torrent auto uploader by Janhouse can probably be used on any Linux distribution (and it has been tested on CentOS, various Debian and Ubuntu versions and ArchLinux) but this guide explains setup on Debian based distributions (Debian and Ubuntu). If you are experienced enough, you can probably set it up on other distributions as well. Dependencies
While the Torrent Uploader (Tuper) depends on Perl and various Perl modules, some bittorrent client is needed for actual downloading and uploading, and web server with PHP is required to use Web panel and browser plugin. Uploader is made to work better with rTorrent bittorrent client. And for the sake of simpleness of the setup, Apache2 will be used as the web server.
If you are on a freshly installed box, make sure you first install sudo as user root.
apt-get update apt-get install sudo
Then install other dependencies that will be needed to compile rtorrent and perl modules.
If some of the following packages doesn't exist (e.g. mktorrent or rar, you can remove them from the list and continue on, they are needed only for auto extract feature). While all of them should be there for later Ubuntu versions, Debian needs to have non-free and contrib repositories enabled. You can Google how to do it, or use this How To .
If you are on older Debian version, like Debian Lenny, PHP 5.3 won't be in the package list. In this case you can use Dotdeb repository. Insturctions on adding it are here .
sudo apt-get update sudo apt-get install subversion build-essential libtool automake openssl libsigc++-2.0-dev libncurses5-dev libncursesw5-dev libcurl4-openssl-dev libcppunit-dev irssi screen apache2 libapache2-mod-php5 php5 php5-sqlite libapache2-mod-scgi php5-xmlrpc git-core rar mktorrent libxml-parser-perl libexpat1-dev unzip
Install Perl modules using cpan.
Uploader needs these Perl modules: Config::Tiny Convert::Bencode Date:arse DBI DBD::SQLite Digest::SHA1 HTML::Strip IO::Async IO::Async::SSL JSON::XS Net::BitTorrent::File PAR URI::Escape WWW::Curl XML::RPC XML::Simple String::CRC32 Encode LWP LWP::UserAgent LWP:rotocol::https HTTP::Cookies HTTP::Cookies::Netscape HTTP::Request HTTP::Request::Common URI Net::RTorrent::Socket XML:arser
First time starting cpan it will ask if you want it to configure automatically. Just press enter to accept default value (yes).
cpan
After it successfully configures cpan, cpan shell will open.
cpan[1]>
In it, execute the following command. It will keep asking if it should connect to the internet or install some additional modules. Just accept the default values by pressing enter.
force install Config::Tiny Convert::Bencode Date:arse DBI DBD::SQLite Digest::SHA1 HTML::Strip IO::Async IO::Async::SSL JSON::XS Net::BitTorrent::File PAR URI::Escape WWW::Curl XML::RPC XML::Simple String::CRC32 Encode LWP LWP::UserAgent LWP:rotocol::https HTTP::Cookies HTTP::Cookies::Netscape HTTP::Request HTTP::Request::Common URI Net::RTorrent::Socket
To quit cpan shell, after everything is installed, use "quit" command.
Compiling rTorrent
Let's make source directory
cd ~/ mkdir src
Following are instructions for compiling rTorrent with xmlrpc-c from SVN. If errors come up during the setup, instead of SVN version, try using the stable version that can be downloaded from rTorrent web page . Or you could use pyroscope setup script that will get all the dependencies and install rTorrent with some additional patches for the user that executes the script. (This could help for older outdated distribution versions). Guide can be found here .
Installing stable rTorrent:
Install libtorrent
wget http://libtorrent.rakshasa.no/...orrent-0.12.9.tar.gz tar zxvf libtorrent-0.12.9.tar.gz cd libtorrent-0.12.9 ./autogen.sh ./configure make sudo make install cd ../
Install xmlrpc-c
svn co https://xmlrpc-c.svn.sourcefor...oot/xmlrpc-c/stable/ xmlrpc-c-svn cd xmlrpc-c-svn ./configure --disable-cplusplus make sudo make install cd ../
Install rtorrent with xmlrpc-c support
wget http://libtorrent.rakshasa.no/...torrent-0.8.9.tar.gz tar zxvf rtorrent-0.8.9.tar.gz cd rtorrent-0.8.9 ./autogen.sh ./configure --with-xmlrpc-c make sudo make install echo "include /usr/local/lib" | sudo tee -a /etc/ld.so.conf sudo ldconfig cd ../
Apache (web panel)
Enable mod_scgi by executing following command.
sudo a2enmod scgi
Add SGCI mounts to /etc/apache2/httpd.conf
SCGIMount /rt1 127.0.0.1:5000 SCGIMount /rt2 127.0.0.1:5001
Create user that will be running Tuper and rTorrent. You can use whatever username and home directory you like but default configuration files use user "tup" with home directory /home/tup/ .
sudo adduser tup
Add Apache alias to default virtualhost by editing /etc/apache2/sites-available/default . Web files will be located in /home/tup/www/ directory. Add the following lines after "DocumentRoot" line.
Alias /auto/ "/home/tup/www/" <Directory "/home/tup/www/"> Options Indexes MultiViews FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory>
Create the web directory and set up permissions. Since Apache2 on Debian and Ubuntu runs from user www-data, chown it to that user.
sudo mkdir -p /home/tup/www sudo chown www-data:tup /home/tup/www sudo chmod g+rxw /home/tup/www
Restart Apache2. See if any errors come up. If there are errors, fix them and repeat the command.
sudo /etc/init.d/apache2 restart
If you now navigate to http://YOUR_HOST/auto/ , you should see empty directory index.
Edit /etc/sudoers file, to allow www-data to execute rTorrent and Tuper status scripts as user tup without entering password.
www-data ALL=(tup) NOPASSWD: /home/tup/tuper/status.sh, /home/tup/tuper/start-screen.sh
Getting Tuper from SVN
Login as user tup (you can switch to it quickly by doing "sudo -i -u tup").
Check out tuper, web_panel and browse_plugin folders from SVN. SVN client will ask for password for user "tup". Do not enter it and press enter, it will then ask for different username. Enter your SVN username and password.
cd /home/tup svn co https://svn.janhouse.lv/repos/tuper-v3/trunk/tuper/ tuper/ svn co https://svn.janhouse.lv/repos/tuper-v3/trunk/web_panel/ www/web_panel/ svn co https://svn.janhouse.lv/repos/tuper-v3/trunk/browser_plugin/ www/browser_plugin/
Configuring Tuper
Create needed directories and configuration files.
For Tuper to store .torrent files, .nfo, database and cookiejar:
mkdir -p storage/store
Session directories for rtorrent, downloads and watch directories:
mkdir .session1 mkdir .session2 mkdir downloads mkdir storage/watch1 mkdir storage/watch2
... must finish.
cd tuper mv default.tuper.conf tuper.conf mv default.tuper.db ../storage/tuper.db mv default.tuper.filter.conf tuper.filter.conf
cd ../www/web_panel mv default.config.inc.php config.inc.php
cd ../browser_plugin mv default.upload_plugin_config.php upload_plugin_config.php
Add username and key in /home/tup/tuper/tuper.conf and you should be able to run it.
Ok you dont need a pin or anything for this .. All you need is to make sure those keys ( pin ) match in the browser plugin an the tup.config an if you need help ask I will sort it out I used it an have all the details
second guide
PHP Code:
This guide assumes a few things: - Ubuntu 10.04 - You are connecting via Putty - After you are done editing via nano you know to hit Ctrl-O, Enter, Ctrl-X - This is on a remote server by OVH, Leasweb, etc... and you have root access - You are not retarded and can follow insructions :) - You know this will not setup all configurations for your specific site and/or your sources. This is a stepping stone. - You do not have to do all of the things in this guide if you do not want to. Pick and choose if youd like. This guide shows you how to setup and configure for: - Setup root password, Delete Authorized Keys, Update System - Add user tup, Set visudo permissions - SSH setup - Windows Auto Logon SSH Tunnel - Install Packages - Setup tinyproxy (Proxy server to hide your IP, and this setup does so as Anonymous) - Ubuntu Desktop - Gnome No Recommended Packages - FreeNX - CPAN (for tuper client) - Tuper Client - rTorrent - libtorrent - xmlrpc - ruTorrent - Apache - Webmin - FTP (SFTP only) - Linux Firewall - Fail2Ban - This guide is just an edit to a thread I made on T-I, I just added Jans Wiki to it for the auto uploader. - This guide is for those having troubles understanding how servers work and/or are new to Linux. - There are many, many ways to configure a server with the packages in this guide. If you have a better/newer/easier way for any of them leave a comment and maybe it will replace mine. - ...and lastly I hope this helps most n00bs in setting up thier servers and getting that much closer to learning how tuper works. - I lied....and now lastly....Thank You Jans for the awesome uploader, and to dent and all other who help out as well in forums in problem solving/reporting. :) Now....On with the show.... #Setup root password, Delete Authorized Keys, Update System - sudo passwd - ls .ssh/authorized_keys2 - rm .ssh/authorized_keys2 - apt-get update && apt-get upgrade - apt-get clean && apt-get autoclean #Add user tup, Set visudo permissions - adduser tup - visudo root ALL=(ALL) ALL tup ALL=(ALL) NOPASSWD: ALL www-data ALL=(ALL) NOPASSWD: ALL nx ALL=(ALL) NOPASSWD: ALL #SSH setup - sudo nano /etc/ssh/sshd_config Port 22002 Protocol 2 PermitRootLogin no X11Forwarding no UseDNS no AllowUsers tup - sudo service ssh reload #Windows Auto Logon SSH Tunnel - MyEnTunnel On your Windows machine open your internet browser and go to http://nemesis2.qx.net/pages/MyEnTunnel Scroll down and download the latest Stable version. -Install it as Windows Service -Open MyEnTunnel -Click the settings tab -Set your settings as if it were Putty SSH Server = <Server IP address> SSH Port = <Servers SSH Port> Username = <Your Normal User on the Server> Passphrase = <Your Normal User's Password on the Server> Port = <Whatever port you want your tunnel to be under. I set mine to the same as the SSH Port on the server for less confusion> -Check mark whatever boxes youd like. Enable Dynamic Socks MUST be checked. Other notable ones would be: Connect on Startup Reconnect on Failure Infinite Retry Attempts -Click Connect, and after it has connected click Save, and then Hide. Now it is in your systray, and will always auto reconnect if dropped. -Any program you want to use this tunnel (Firefox, uTorrent, mIRC, etc...) you must set it to use a SOCKS5 proxy with the IP address of 127.0.0.1 and the Port for whatever you chose MyEnTunnel to use. #Install Packages - sudo apt-get update && sudo apt-get upgrade - sudo apt-get clean && sudo apt-get autoclean - sudo apt-get install apache2 apache2.2-common apache2-utils aptitude apt-show-versions autoconf automake autotools-dev binutils build-essential bzip2 ca-certificates comerr-dev cpp cpp-4.1 curl dpkg-dev fail2ban file firestarter g++ g++-4.1 gawk gcc gcc-4.1 git-core htop irssi libapache2-mod-php5 libapache2-mod-scgi libapr1 libaprutil1 libapt-pkg-perl libauthen-pam-perl libc6-dev libcppunit-dev libcurl3 libcurl4-openssl-dev libexpat1 libexpat1-dev libidn11 libidn11-dev libkdb5-4 libgssrpc4 libkrb5-dev libmagic1 libncurses5 libncurses5-dev libncursesw5-dev libneon26 libnet-ssleay-perl libpam-runtime libio-pty-perl libpcre3 libpq5 libsigc++-2.0-dev libsqlite0 libsqlite3-0 libssl-dev libssp0-dev libstdc++6-4.1-dev libsvn1 libtool libwww-perl libxml2 libxml-parser-perl linux-libc-dev lynx m4 make mktorrent mime-support ntp ntpdate openssl patch perl perl-base perl-modules php5 php5-cgi php5-cli php5-common php5-curl php5-dev php5-geoip php5-sqlite php5-xmlrpc pkg-config python python-minimal python-scgi rar screen sqlite ssl-cert subversion tinyproxy ucf unrar unzip zlib1g-dev #Setup tinyproxy - sudo apt-get update && sudo apt-get upgrade - sudo apt-get clean && sudo apt-get autoclean - sudo nano /etc/tinyproxy.conf Port 32002 BindSame yes ErrorFile 404 "/usr/share/tinyproxy/404.html" ErrorFile 400 "/usr/share/tinyproxy/400.html" ErrorFile 503 "/usr/share/tinyproxy/503.html" ErrorFile 403 "/usr/share/tinyproxy/403.html" ErrorFile 408 "/usr/share/tinyproxy/408.html" LogLevel Critical XTinyproxy No Allow 127.0.0.1 Allow XXX.XXX.XXX.XXX DisableViaHeader Yes #ConnectPort 443 #ConnectPort 563 - sudo service tinyproxy start #Ubuntu Desktop - Gnome No Recommended Packages - sudo apt-get update && sudo apt-get upgrade - sudo apt-get clean && sudo apt-get autoclean - sudo aptitude install --without-recommends ubuntu-desktop #FreeNX - sudo apt-get update && sudo apt-get upgrade - sudo apt-get clean && sudo apt-get autoclean - sudo add-apt-repository ppa:freenx-team - sudo apt-get install python-software-properties - sudo apt-get install freenx - wget https://bugs.launchpad.net/freenx-server/+bug/576359/+attachment/1378450/+files/nxsetup.tar.gz - tar xvf nxsetup.tar.gz sudo cp nxsetup /usr/lib/nx/nxsetup - sudo /usr/lib/nx/nxsetup --install Now install NXclient on your home machine and connect through your SSH port #Unlimited Open Files - su root - nano /etc/pam.d/su session required pam_limits.so - nano /etc/security/limits.conf soft nofile 100000 hard nofile 100000 -reboot #CPAN -sudo cpan Hit Enter when asked to accept defaults -force install Config::Tiny Convert::Bencode Date::Parse DBI DBD::SQLite Digest::SHA1 HTML::Strip IO::Async IO::Async::SSL JSON::XS Net::BitTorrent::File PAR URI::Escape WWW::Curl XML::RPC XML::Simple String::CRC32 Encode LWP LWP::UserAgent LWP::Protocol::https HTTP::Cookies HTTP::Cookies::Netscape HTTP::Request HTTP::Request::Common URI Net::RTorrent::Socket ExtUtils::Constant Socket Hit Enter to accept and install and other dependency modules when asked -exit #Tuper Client - cd /home/tup - svn co https://svn.janhouse.lv/repos/tuper-v3/trunk/tuper/ tuper/ - svn co https://svn.janhouse.lv/repos/tuper-v3/trunk/web_panel/ www/web_panel/ - svn co https://svn.janhouse.lv/repos/tuper-v3/trunk/browser_plugin/ www/browser_plugin/ When asked for SVN user and pass enter them. Store them if youd like as well. - mkdir storage - cd storage && mkdir store watch1 watch2 && cd ~ - mkdir .session1 .session2 downloads - cd tuper - mv default.tuper.conf tuper.conf - mv default.tuper.db ../storage/tuper.db - mv default.tuper.filter.conf tuper.filter.conf - cd ../www/web_panel - mv default.config.inc.php config.inc.php - cd ../browser_plugin - mv default.upload_plugin_config.php upload_plugin_config.php - nano upload_plugin_config.php Change the password to something storng, for example: $access_key="EK&fY308VfdP"; - nano /home/tup/tuper/tuper.conf Add your username and key given to you by Jans: username= key= #rTorrent - libtorrent - xmlrpc - cd ~ && mkdir apps && cd apps - svn co https://xmlrpc-c.svn.sourceforge.net/svnroot/xmlrpc-c/advanced xmlrpc-c - wget http://libtorrent.rakshasa.no/downloads/libtorrent-0.13.2.tar.gz - wget http://libtorrent.rakshasa.no/downloads/rtorrent-0.9.2.tar.gz - tar zxfv libtorrent-0.13.2.tar.gz - tar zxfv rtorrent-0.9.2.tar.gz - cd xmlrpc-c - ./configure && make && sudo make install - cd ../libtorrent-0.13.2 - ./configure && make && sudo make install - cd ../rtorrent-0.9.2 - ./configure --with-xmlrpc-c && make && sudo make install - sudo ldconfig && cd .. - rm *.tar.gz - cd ~ && mkdir rtorrent && cd rtorrent - mkdir .session downloads torrents - cd ~ && nano .rtorrent.rc #bind = 127.0.0.1 #ip = 127.0.0.1 encryption=allow_incoming,try_outgoing,enable_retry upload_rate = 30000 download_rate = 95000 use_udp_trackers = no min_peers = 500 max_peers = 500 min_peers_seed = 100 max_peers_seed = 500 max_uploads = 300 directory = /home/tup/downloads/ session = /home/tup/.session1/ schedule = watch_directory,5,5,load_start=/home/tup/storage/watch1/*.torrent schedule = tied_directory,5,5,start_tied= schedule = untied_directory,5,5,close_untied= system.method.set_key = event.download.inserted_new,mark_start,"execute=/home/tup/tuper/tuper.sh,astatus,started,$d.get_hash=" system.method.set_key = event.download.finished,mark_fin,"execute=/home/tup/tuper/tuper.sh,astatus,uploaded,$d.get_hash=" system.method.set_key = event.download.finished,notify_me,"execute=/home/tup/tuper/tuper.sh,aupload,$d.get_hash=" system.method.set_key = event.download.erased,mark_erase,"execute=/home/tup/tuper/tuper.sh,adel,down,$d.get_hash=" port_range = 21006-21010 check_hash = no encryption = allow_incoming,enable_retry,prefer_plaintext #hash_read_ahead = 8 #hash_max_tries = 5 #hash_interval = 10 Enable the default ratio group. ratio.enable= Change the limits, the defaults should be sufficient. ratio.min.set=120 ratio.max.set=200 ratio.upload.set=20M Changing the command triggered when the ratio is reached. system.method.set = group.seeding.ratio.command, d.erase= scgi_port = localhost:5000 #scgi_local = /home/tup/rpc.socket dht = disable peer_exchange = no - nano .rtorrent2.rc #bind = 127.0.0.1 #ip = 127.0.0.1 encryption=allow_incoming,try_outgoing,enable_retry upload_rate = 95000 download_rate = 15000 use_udp_trackers = no min_peers = 500 max_peers = 500 min_peers_seed = 500 max_peers_seed = 500 max_uploads = 500 directory = /home/tup/downloads/ session = /home/tup/.session2/ schedule = watch_directory,5,5,load_start=/home/tup/storage/watch2/*.torrent schedule = tied_directory,5,5,start_tied= schedule = untied_directory,5,5,close_untied= system.method.set_key = event.download.inserted_new,mark_seeded,"execute=/home/tup/tuper/tuper.sh,astatus,seeded,$d.get_hash=" system.method.set_key = event.download.erased,mark_erase,"execute=/home/tup/tuper/tuper.sh,adel,up,$d.get_hash=" port_range = 21001-21005 check_hash = no encryption = allow_incoming,enable_retry,prefer_plaintext #hash_read_ahead = 8 #hash_max_tries = 5 #hash_interval = 10 Enable the default ratio group. #ratio.enable= Change the limits, the defaults should be sufficient. ratio.min.set=850 ratio.max.set=1200 ratio.upload.set=250M Changing the command triggered when the ratio is reached. system.method.set = group.seeding.ratio.command, d.erase= scgi_port = localhost:5001 #scgi_local = /home/tup/rpc.socket dht = disable peer_exchange = no - screen dmS rtorrent1 rtorrent -n -o import=~/.rtorrent.rc screen -dmS rtorrent2 rtorrent -n -o import=~/.rtorrent2.rc #ruTorrent - cd ~ && mkdir www && cd www - sudo svn co http://rutorrent.googlecode.com/svn/trunk/rutorrent - mv rutorrent rtorrent1 - sudo svn co http://rutorrent.googlecode.com/svn/trunk/rutorrent - mv rutorrent rtorrent2 - cd rtorrent1/plugins - sudo svn co http://rutorrent.googlecode.com/svn/trunk/plugins/throttle - sudo svn co http://rutorrent.googlecode.com/svn/trunk/plugins/ratio - sudo svn co http://rutorrent.googlecode.com/svn/trunk/plugins/Diskspace - sudo svn co http://rutorrent.googlecode.com/svn/trunk/plugins/Source - sudo svn co http://rutorrent.googlecode.com/svn/trunk/plugins/Data - sudo svn co http://rutorrent.googlecode.com/svn/trunk/plugins/Cpuload - sudo svn co http://rutorrent.googlecode.com/svn/trunk/plugins/Theme - sudo svn co http://rutorrent.googlecode.com/svn/trunk/plugins/Data - cd ../ && cp -R plugins /home/tup/www/rtorrent2/ #Set permissions - cd ~ && sudo chown R tup:tup /home/tup cd ~ && sudo chown -R www-data:www-data www && sudo chmod -R 777 rutorrent #Apache - sudo a2enmod ssl - sudo a2enmod auth_digest - sudo a2enmod scgi - sudo nano /etc/apache2/apache2.conf Add these lines lines at the end: SCGIMount /rt1 127.0.0.1:5000 SCGIMount /rt2 127.0.0.1:5001 servername localhost - openssl req $@ new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem chmod 600 /etc/apache2/apache.pem - sudo htdigest c /etc/apache2/passwords gods tup sudo nano /etc/apache2/sites-available/default Replace all instances of <servername or IP> with your real servername or IP <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /home/tup/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /home/tup/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/apache2/error.log Possible values include: debug, info, notice, warn, error, crit, alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> <Location /rtorrent1> AuthType Digest AuthName "gods" AuthDigestDomain /home/tup/www/rtorrent1/ http://<servername or IP>/rtorrent1 AuthDigestProvider file AuthUserFile /etc/apache2/passwords Require valid-user SetEnv R_ENV "/home/tup/www/rtorrent1" </Location> <Location /rtorrent2> AuthType Digest AuthName "gods" AuthDigestDomain /home/tup/www/rtorrent2/ http://<servername or IP>/rtorrent2 AuthDigestProvider file AuthUserFile /etc/apache2/passwords Require valid-user SetEnv R_ENV "/home/tup/www/rtorrent2" </Location> <Location /web_panel> AuthType Digest AuthName "gods" AuthDigestDomain /home/tup/www/web_panel/ http://<servername or IP>/web_panel AuthDigestProvider file AuthUserFile /etc/apache2/passwords Require valid-user SetEnv R_ENV "/home/tup/www/web_panel" </Location> <Location /browser_plugin> AuthType Digest AuthName "gods" AuthDigestDomain /home/tup/www/browser_plugin/ http://<servername or IP>/browser_plugin AuthDigestProvider file AuthUserFile /etc/apache2/passwords Require valid-user SetEnv R_ENV "/home/tup/www/browser_plugin" </Location> </VirtualHost> <VirtualHost *:443> ServerAdmin webmaster@localhost SSLEngine on SSLCertificateFile /etc/apache2/apache.pem DocumentRoot /home/tup/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /home/tup/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/apache2/error.log Possible values include: debug, info, notice, warn, error, crit, alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> <Location /rtorrent1> AuthType Digest AuthName "gods" AuthDigestDomain /home/tup/www/rtorrent1/ http://<servername or IP>/rtorrent1 AuthDigestProvider file AuthUserFile /etc/apache2/passwords Require valid-user SetEnv R_ENV "/home/tup/www/rtorrent1" </Location> <Location /rtorrent2> AuthType Digest AuthName "gods" AuthDigestDomain /home/tup/www/rtorrent2/ http://<servername or IP>/rtorrent2 AuthDigestProvider file AuthUserFile /etc/apache2/passwords Require valid-user SetEnv R_ENV "/home/tup/www/rtorrent2" </Location> <Location /web_panel> AuthType Digest AuthName "gods" AuthDigestDomain /home/tup/www/web_panel/ http://<servername or IP>/web_panel AuthDigestProvider file AuthUserFile /etc/apache2/passwords Require valid-user SetEnv R_ENV "/home/tup/www/web_panel" </Location> <Location /browser_plugin> AuthType Digest AuthName "gods" AuthDigestDomain /home/tup/www/browser_plugin/ http://<servername or IP>/browser_plugin AuthDigestProvider file AuthUserFile /etc/apache2/passwords Require valid-user SetEnv R_ENV "/home/tup/www/browser_plugin" </Location> </VirtualHost> - sudo a2ensite default-ssl - sudo service apache2 reload Check that everything is working by opening a browser and going to: http://<servername or IP>/rtorrent1 http://<servername or IP>/rtorrent2 http://<servername or IP>/web_panel #Webmin - sudo nano /etc/apt/sources.list deb http://download.webmin.com/download/repository sarge contrib - wget http://www.webmin.com/jcameron-key.asc - sudo apt-key add jcameron-key.asc - sudo apt-get update - sudo apt-get install webmin https://<servername or IP>:10000 #SFTP Connect via your FTP client. Set it to use SFTP and connect through your SSH, just like you would with Putty. #Linux Firewall Now it is time to set up the linux firewall to close all the ports other than the ones we need. This is where the GUI will come in handy for those who do not understand IPTables. - sudo apt-get update && sudo apt-get upgrade - sudo apt-get clean && sudo apt-get auto-clean Connect with your NX client on your windows machine. - System > Administration > Firestarter - When you launch firestarter for the first time, it will take you through a setup wizard. -Click forward, and you will be able to select the network device. This device you must choose correctly. There may be a list of them. On almost all setups you will chose eth0. -Select eth0 -Do not check the other boxes. -Click Forward, and then click Forward again. -Uncheck to start the Firewall now. You must uncheck this or it will lock out all ports when you click Save. -Click the Policy tab -Make sure that Editing is set to Inboud Traffic Policy -Right click under Allow Service, and you will do this individually for all your ports you need open. Port = 32002, 80, 443, 10000, 57001 Anyone should be set for 57001 All others are to be set to your IP, unless you have a Dynamic IP address in which case you should set all of these ports to Anyone. #Fail2Ban - su root - apt-get update && apt-get upgrade - apt-get clean && apt-get autoclean - nano /etc/fail2ban/jail.conf ignoreip = 127.0.0.1 Your_Home_IP EX : ignoreip = 127.0.0.1 24.127.*.* 192.168.1.* You can use as many IP's as you want. Just use a space in between each IP address. If you have a Dynamic IP, it would be a good idea to accept the whole range like i gave in the example above. [ssh] enabled = true port = ssh maxretry = 3 [Apache] All Apache modules should be changed to yes. Scroll to the bottom of jail.conf and add these lines to monitor Webmin [webmin-auth] enabled = true port = 10000 filter = webmin-auth logpath = /var/log/auth.log maxretry = 3 - service fail2ban restart To delete 1 rules: - iptables -F fail2ban-ssh To delete just 1 IP rule: - iptables -D fail2ban-ssh host-name/ip DROP #Update/Upgrade and Reboot - apt-get update && apt-get upgrade - apt-get clean && apt-get autoclean - reboot ...and you're done Replies (2) Comment RE: Server setup for n00bs - Added by Janhouse 18 days ago Nice, this looks quite good. :) I didn't like the server setup part about visudo and the NOPASSWD. (!) Comment RE: Server setup for n00bs - Added by voidale 18 days ago Installing the script seems to be easy the hard part is to setup download/upload scripts no good guides for it :( but nice work nonetheless (1-2/2)
|