[How-To]Install rutorrent with lighttpd

[FlyingPersian]

Hi

After switching back to rutorrent from deluge I decided to try it out with lighttpd instead of an apache server, because lighttpd is lighter (duh) and since I'm not that big of a poweruser I thought it'd be enough to use lighttpd. Since it was not that easy to install and people might be interested I decided to share a short tutorial on how I did it. These are my following sources for installing it to a jail:

1. First off my own tutorial on how to install rutorrent in a jail
2. Secondly DrKK’s Definitive Guide to Installing OwnCloud in FreeNAS (or FreeBSD), which helped me in setting up lighttpd
3. Thridly this Blogger’s tutorial

My goals here are to install rtorrent + rutorrent with lighttpd, secure it with SSL and add a password to the WebGUI. I'm no expert on security, so if there're any suggestions feel free to tell me/post them.

There are some basic things I’m not going to go over with you since they’re pretty basic (creating jail, adding user etc.). There needs to be a user you want to run rtorrent as and an according jail obviously (refer to the "adduser" command). I’ll do everything as root here since you can just destroy the jail and redo it.

1. We update ports and pkg

Code:

portsnap fetch
portsnap extract
pkg update
pkg upgrade
cd /usr/ports/ports-mgmt/portmaster
make install clean
echo 'WITH_PKGNG=yes' >> /etc/make.conf
pkg2ng
portmaster -avB
<accept all of the defaults>

2. We install nano, screen & lighttpd

I prefer to use nano as my text editor, but feel free to use anything you like. Screen is needed to run rtorrent.

Code:

pkg install nano
pkg install lighttpd
cd /usr/ports/sysutils/screen
make install clean

3. We install rtorrent

Accept all defaults

Code:

cd /usr/ports/net-p2p/rtorrent
make install clean

4. We install php

Accept all defaults

Code:

cd /usr/ports/lang/php53
make install clean

5. We install php53-extensions

Here we don't install just the defaults. First do

Code:

cd /usr/ports/lang/php53-extensions
make install clean

Then check all the following points. Some might not exist, others but be already checked.

Code:

BZ2,  CTYPE, CURL, DOM, FILEINFO, FILTER, GD, HASH, ICONV, JSON, MBSTRING, MBCRYPT, MYSQL, MYSQLI MHASH, OPENSSL, PCRE, PDO, PDO_SQLITE, POSIX, SESSION, SIMPLEXML, SOCKETS, SPL, SQLITE, TOLKENIZER, XML, XMLREADER, XMLRPC, XMLWRITER, ZIP

You'll have to confirm a lot of stuff. Don't change anything then, just hit enter to confirm everything.

6. We copy over a php.ini

Code:

cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini

7. We copy over a .rtorrent.rc into the home dir of the user we created. I'll stick to the user "admin"

Code:

cp /usr/local/share/examples/rtorrent/rtorrent.rc /home/admin/.rtorrent.rc
chown admin:admin .rtorrent.rc

8. We create a bunch of folders needed for rtorrent

Code:

cd /home/admin/
mkdir rtorrent
cd rtorrent/
mkdir .session
mkdir downloads
mkdir watch
chown -R admin:admin /home/admin/

9. We edit the .rtorrent.rc

Code:

nano /home/admin/.rtorrent.rc
--Change the following lines--

# Default directory to save the downloaded torrents.
directory = /home/admin/rtorrent/watch/

# Default session directory. Make sure you don't run multiple instance
# of rtorrent using the same session directory. Perhaps using a
# relative path?
session = /home/admin/rtorrent/.session/

--The port range should be something above 50.000 I think, just chose whatever you want and forward the port from your router to the jail's IP--
port_range = 50001-50001

--We add the following line to the end of the file
scgi_port = 127.0.0.1:5001

--Press ctrl + x, hit y to confirm, hit enter to confirm the name. It's now saved and you left nano.

The thing I recommend here is just to read through it once completely. For people who used torrent clients before most of the stuff is self explanatory. The settings are quite basic and universal accross most other clients. Standard things are to disable DHT and peer-exchange, change the encryption accordingly to your needs and set a descent amount of uploadslots and peers to connect to, so that your router doesn't crash.

10. We then download rutorrent & plugins

Code:

cd /usr/local/www/
wget --no-certificate-check https://bintray.com/artifact/download/novik65/generic/rutorrent-3.6.tar.gz
wget --no-certificate-check https://bintray.com/artifact/download/novik65/generic/plugins-3.6.tar.gz
tar -xfvz rutorrent-3.6.tar.gz
tar -xfvz plugins-3.6.tar.gz
mv plugins rutorrrent/
rm *.gz

The download may fail, then just download it with your windows machine and move it over by adding storage to the jail (e.g. into the /media/ folder).

11. We then edit the lighttpd.conf. Never forget to remove the # in front of a line to actually activate it.

Code:

nano /usr/local/etc/lighttpd/lighttpd.conf
--I don't want to use http, only https, so I hashed out (added a #) this line:
#server.port = 80

--I also disabled IPv6--
#server.use-ipv6 = "enable"

--change--
server.document-root = "/usr/local/www/data/"
--to--
server.document-root = "/usr/local/www/rutorrent/

--add these lines for SSL--
server.port                 = 443
ssl.engine                  = "enable"
ssl.pemfile                 = "/usr/local/etc/lighttpd/certs/lighttpd.pem"

--add these lines for password protection of the WebGUI--
auth.backend = "htpasswd"
auth.backend.htpasswd.userfile = "/etc/private/.htpasswd"
auth.require = (
    "/RPC2" => (
        "method" => "basic",
        "realm" => "My ruTorrent web site",
        "require" => "user=admin",
    ),
    "/" => (
        "method" => "basic",
        "realm" => "My ruTorrent web site",
        "require" => "valid-user",
    )
)

--Save it--

12. We create a .pem file for SSL

Code:

mkdir -p /usr/local/etc/lighttpd/certs/
cd /usr/local/etc/lighttpd/certs/
openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 3650 -nodes
chmod 400 lighttpd.pem
chown -R www:www /usr/local/etc/lighttpd/

13. We create a .htpasswd file which is used to verify the login credentials

htpasswd comes with apache, but not with lighttpd. You can use the following website to create the neccessary line for the file. Use your user (admin in my case) and secure password. The file has to be stored somewhere outside the webspace. I chose /etc/private/. If for any reason you want to store it somewhere else you have to edit the "auth.backend.htpasswd.userfile = "/etc/private/.htpasswd"" line in the lighttpd.conf which we added at the very end.

Code:

http://www.engr.sjsu.edu/daluu/scripts/htpasswd.php

At the bottom you see a line like this:

Code:

admin:c3Q1dT1i56d6I

Copy that line and do the following:

Code:

mkdir -p /etc/private/
cd /etc/private/
nano .htpasswd
--Paste the line you just copied and save it.

chown www:www .htpasswd
chmod 400 .htpasswd

14. We configure lighttpd to use the FastCGI module

Code:

nano /usr/local/etc/lighttpd/modules.conf

--Change--
#  "mod_auth",
--to--
"mod_auth",

#include "conf.d/fastcgi.conf"
--which is somewhere at the bottom, to--
include "conf.d/fastcgi.conf"

The weird thing is here that the auth.conf only has to be imported, but nothing has to be changed there. The lines neccessary for authentication are in the lighttpd.conf, which we did earlier. I've no idea why that is, but it works this way.
Then we add the following line to the fastcgi.conf

Code:

nano /usr/local/etc/lighttpd/conf.d/fastcgi.conf

--add to the bottom--
fastcgi.server = ( ".php" => ((
                    "bin-path" => "/usr/local/bin/php-cgi",
                    "socket" => "/tmp/php.socket",
                    "max-procs" => 1,
                    "bin-environment" => (
                      "PHP_FCGI_CHILDREN" => "3",
                      "PHP_FCGI_MAX_REQUESTS" => "1000"
                    ),
                    "bin-copy-environment" => (
                      "PATH", "SHELL", "USER"
                    ),
                    "broken-scriptfilename" => "enable"
                )))

15. We change the scgi port in the rutorrent config

Code:

nano /usr/local/www/rutorrent/conf/config.php

--Change--
$scgi_port = 5000;
--to--
$scgi_port = 5001;

16. We make lighttpd start automatically

Code:

sysrc lighttpd_enable=yes

I haven't figured out how to make screen start automatically on system boot, but I'll work on that and add the lines.

17. Start up everything

Code:

--Make lighttpd start/stop/restart--
service lighttpd onestart/onestop/onerestart

--Start rtorrent--
su admin
screen rtorrent
--Press and hold ctrl, then press a and then d to detach from screen. Now it runs in the background. Release a before pressing d and do it quickly--

I think we're done here. If you run into any issues let me know! If you've suggestions post them!!

 

[Thadius Miller]

Following up from the previous thread and the changes we've made so far.

Just went back to create a second user after-the-fact and ran into a bump that prevented it from working.

If you've used or taken snippets from any of the recommended .rtorrent.rc files across the interwebs (and why wouldn't you?), and you've added:

Code:

log.execute = /tmp/exec.log    (or some other path)

...then each user's log needs to be unique. rtorrent attempts to lock this file while it is running, so two clients can't share a log (not would you want them to).

I would also suggest adding to your .rtorrent.rc file:

Code:

log.open_file = "rtorrent", ~/rtorrent.log
log.add_output = "debug", "rtorrent"

This way, you can always go back and look at rtorrent.log in your home directory to help diagnose any problems that arise. It takes a few more kb to store the text, but it's worth it.

Edit: Great job on this! I think I'll stick with Apache 2.2 for the time being, but you've really cataloged some great steps here.

 

[FlyingPersian]

I figured out how to get rtorrent to start at boot. I'm using a small script I wrote + crontab.

1. Create a script, I decided to put it into the home dir of the user running rutorrent

Code:

cd /home/admin/
nano rtorrent.sh

--Paste these line and save it and exit--

#!/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin

#run rtorrent
/usr/local/bin/screen -d -m -S rtorrent /usr/local/bin/rtorrent

2. Change owner and make it executeable

Code:

chmod +x rtorrent.sh
chown admin:admin rtorrent.sh

3. "su" allows you to work as a certain user in a jail. We do this to edit the user's crontab.

Code:

su admin

--I hate the editor vi, which is used to edit crontab, so I'll change the editor it's opened with. Keep in mind that this setting will be resetted once you leave the editor--

export EDITOR=/usr/local/bin/nano

crontab -e

--Paste these lines, then save it and exit--

SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin

#start rtorrent
@reboot /home/admin/rtorrent.sh

4. Exit the jail and restart it via the WebGUI. rtorrent should be running.

I first had issues with rtorrent not being able to access all the binary files, but I fixed that by adding the appropriate PATH to the script.
Let me know if you run into any issues.

 

[melt7777]

Thank you so much for writing this guide! Just wanted to throw a few cents in the mix.

Notes I found... I am using 9.3 stable.

In Steps 2,4,5:
I installed screen, php5, and php5-extensions using pkg install instead of compiling ports for them (php5 was having trouble compiling from port.)

Will post some more updates as they come in. Thanks again!!

 

[melt7777]

I also wanted to use multi-user mode so I could have two separate groups of torrents (one for stuff going to plex with autodl, and one for my personal things.)

Step 1: add another user (in this example, first user is admin and second user is named plex)
Step 2: copy the .rtorrent.rc and rtorrent.sh (screen launcher) file into their home folder (/home/plex)
Step 3: mkdir /home/plex/rtorrent && mkdir /home/plex/rtorrent/.session && chown -R plex:plex /home/plex
Step 4: add a crontab for plex user following steps above in OP.
Step 5: add another RPC into /usr/local/etc/lighttpd/lighttpd.conf such as this:

auth.backend = "htpasswd"
auth.backend.htpasswd.userfile = "/etc/private/.htpasswd"
auth.require = (
"/RPCadmin" => (
"method" => "basic",
"realm" => "My ruTorrent web site",
"require" => "user=admin",
),
"/RPCplex" => (
"method" => "basic",
"realm" => "My ruTorrent web site",
"require" => "user=plex",
),
"/" => (
"method" => "basic",
"realm" => "ruTorrent user",
"require" => "valid-user",
)

)

Then service lighttpd restart

Step 6: Add another line into /etc/private/.htpasswd for plex just like the first line. Use the htpasswd generator from above.
Step 7: make the dir structure and /usr/local/www/rutorrent/conf/users/admin and /usr/local/www/rutorrent/conf/users/plex
Step 8: copy /usr/local/www/rutorrent/conf/config.php to /usr/local/www/rutorrent/conf/users/admin and /usr/local/www/rutorrent/conf/users/plex
Step 9: modify /usr/local/www/rutorrent/conf/users/plex/config.php to change port and mount. example:
$scgi_port = 5002;
$XMLRPCMountPoint = "/RPCplex";

Step 10: su plex
Step 11: ~/rtorrent.sh to launch plex's rtorrent
Step 12: go to same ip of your admin user and login as plex instead.

Step 13: Thank the OP and other commenters for getting me this far and then https://code.google.com/p/rutorrent/wiki/Config for a little more information I needed to troubleshoot! See you guys in #freenas IRC!

 

[FlyingPersian]

Glad I could help! This is a lot of trying out and figuring out, but you'll get there!

 

[Fish]

Not sure if this is the best place to post this, but I'm getting some errors after installing. I followed the instructions and now I get 2 errors in ruTorrent:

Bad response from server: (500 [error,getplugins])
Bad response from server: (500 [error,getuisettings])

Any tips? I've run through a ton of Google results to no avail.

 

[FlyingPersian]

Hi
I upgraded via pkg upgrade yesterday and I'm having this issue as well. I'm looking into this.

Edit: I was having two issues:

1. Bad response from server: (500 [error,getplugins])
2. Some long 200 error (like 10 lines) I solved it by setting ";always_populate_raw_post_data = on" to "always_populate_raw_post_data = -1". I'll see if I can get rid of the 500 error.

 

[Fish]

That would be awesome if you could. I should say that I was following your older howto and then found this one and jumped ship mid-way through so that may have done it.

 

[FlyingPersian]

Not sure if it has anything to do with it, but this is from the lighttpd error log:

Code:

2015-06-16 20:20:26: (mod_fastcgi.c.2695) FastCGI-stderr: PHP Warning:  disk_total_space(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (/home/:/tmp/:/usr/local/www/:/usr/bin) in /usr/local/www/rutorrent/plugins/diskspace/init.php on line 6

2015-06-16 20:20:26: (mod_fastcgi.c.2695) FastCGI-stderr: PHP Fatal error:  Call to undefined function json_encode() in /usr/local/www/rutorrent/plugins/lookat/lookat.php on line 60

 

[FlyingPersian]

I think the error occurred because php53 doesn't exist any more in ports. Only php56 :x

Edit: Fixed it! Removed all php packages, updates ports, reinstalled php56 and php56-extensions with all the settings I posted above and restarted lighttpd. Et voila it worked.

 

[Fish]

I think the error occurred because php53 doesn't exist any more in ports. Only php56 :x

Edit: Fixed it! Removed all php packages, updates ports, reinstalled php56 and php56-extensions with all the settings I posted above and restarted lighttpd. Et voila it worked.

I'm pretty new to using any package manager besides apt-get, could you explain a little more how you fixed it?

 

[FlyingPersian]

Yes.

1. List versions of installed packages, find php and remove it:

Code:

pkg version
--find php, copy the exact name listed and remove it--
pkg remove phpXX-xxx

This should also remove phpXX-extensions (XX is the version, I updated my installed packages, so php53 was replaced by php56. In my case I had to remove php56-xxx, where xxx is the exact version nummer)

2. Update ports

Code:

portsnap fetch update

It should update ports and extract everything. If it isn't extracting, do this:

Code:

portsnap extract

3. Then go to the php56 folder.

Code:

cd /usr/local/ports/lang/php56/

You can see in /usr/local/ports/lang that there is no php53 anymore.

4. Install it and leave the standard settings

Code:

make install clean

I don't remember, you might have to confirm some stuff, but that should go really quick.

5. Install php56-extensions

Code:

cd /usr/local/ports/lang/php56-extensions
make install clean

Select all the options I posted in the first post for php53-extenstions. Some might be missing, but that doesn't matter

6. Your old php.ini will most likely still be there. To be save rename it and copy over a new one

Code:

cd /usr/local/etc/
mv php.ini php.ini.old
cp php.ini-production php.ini

7. Restart lighttpd and give it a try. It should be working now. rtorrent has to be running of course, but you don't need to stop it before you do any of this

Code:

service lighttpd onerestart

I Hope I didn't miss anything, I did this from memory. Let me know if it worked.

 

[wrath]

10. We then download rutorrent & plugins

Code:

cd /usr/local/www/
wget --no-certificate-check https://bintray.com/artifact/download/novik65/generic/rutorrent-3.6.tar.gz
wget --no-certificate-check https://bintray.com/artifact/download/novik65/generic/plugins-3.6.tar.gz
tar -xfvz rutorrent-3.6.tar.gz
tar -xfvz plugins-3.6.tar.gz
mv plugins rutorrrent/
rm *.gz

Shouldn't /usr/local/www/rtorrent be www user/group?

 

[FlyingPersian]

Do you mean owned by the user/group "www"? If yes not neccessarily, at least I didn't do that and it's running fine. I'm not sure if subfolders in /usr/local/www have to be owned by "www" at all, but I'm not an expert on this.

 

[wrath]

I figured it out. You probabbly have rutorrent folder 755, i had it 750 and changed the ownership to www group and admin user (or the user that you run rtorrent as). and it worked find with permission 750. Changing user to root, gives permission denied error if it chmod 750.


chmod -R 750 /usr/local/www/rutorrent
chown -R www:admin /usr/local/www/rutorrent

edit: also there is a typo in list of php56-extentions:
it should be MCRYPT not MBCRYPT

more changes in extentions:
Updated:
MBCRYPT -> MCRYPT
SQLITE -> SQLITE3
MHASH -> HASH

Always enabled (no checkbox):
PCRE
SPL

New Checked By Default:
OPCACHE
PHAR

edit2:
you can also make htpasswd file with:

Code:

 perl -le 'print crypt("your-password", "salt-hash")'

also for wget:

Code:

cd /usr/ports/ftp/wget
make install clean

and for rutorrent:

Code:

wget --local-encoding=UTF-8 https://bintray.com/artifact/download/novik65/generic/ruTorrent-3.7.zip 

then

Code:

unzip ruTorrent-3.7.zip
mv ruTorrent-master rutorrent 

 

[Fredde]

Hi. Thanks for nice howto!

I only got/have 1 problem. And that is when im trying to login on rutorrent on chrome is that when i hit "login" after i've enter the hypasswd details i get "404 error page"

I think this is a permission issue on the www/rutorrent dir. What is the correct owner/utser permissions? I have www:www now. The .hypasswd setup seems to work i think cause the https://IP asks me for login and password. But i really Dont know :P

Have good day/night

 

[FlyingPersian]

Hi
sorry for the late response, I've been quite busy lately. The folder "www" is owned by root, and the folder rutorrent by the user running rtorrent. I gave the rutorrent folder 777 permissions, no idea how unsafe this is though. This goes only for the folder though, not for the content. So do "chmod 777 rutorrent", NOT "chmod -R 777 rutorrent". Also the plugins + share folder have 777.

 

[DearestDreamer]

Any idea how to fix this in ruTorrent:

rss: Some functionality will be unavailable. Webserver user can't access external program (curl).

I realize it's a permissions problem, since I made sure curl is in the PATH and that's where it gets the path, according to the config file. I'm not sure what the best practice is here. curl is owned by root:wheel, but it has -rwx r-x r-x permissions set, so anyone should be able to execute/read it which makes me wonder why that error occurs in the first place? I can use it with my 'admin' user after all.

I also seem to be getting these errors:
Bad response from server: (403 [error,gethistory]) <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>403 - Forbidden</title> </head> <body> <h1>403 - Forbidden</h1> </body> </html>
Bad response from server: (403 [error,list]) <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>403 - Forbidden</title> </head> <body> <h1>403 - Forbidden</h1> </body> </html>

Seems like permission issues but I can't say where? Any suggestions? Thanks for the great guide, everything else worked like a charm.

 

[Fish]

Any idea how to fix this in ruTorrent:

rss: Some functionality will be unavailable. Webserver user can't access external program (curl).

I realize it's a permissions problem, since I made sure curl is in the PATH and that's where it gets the path, according to the config file. I'm not sure what the best practice is here. curl is owned by root:wheel, but it has -rwx r-x r-x permissions set, so anyone should be able to execute/read it which makes me wonder why that error occurs in the first place? I can use it with my 'admin' user after all.

I also seem to be getting these errors:
Bad response from server: (403 [error,gethistory]) <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>403 - Forbidden</title> </head> <body> <h1>403 - Forbidden</h1> </body> </html>
Bad response from server: (403 [error,list]) <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>403 - Forbidden</title> </head> <body> <h1>403 - Forbidden</h1> </body> </html>

Seems like permission issues but I can't say where? Any suggestions? Thanks for the great guide, everything else worked like a charm.

Make sure your rTorrent user is the owner of the plugin folder.

Code:

chown -R rtorrentUser /usr/local/www/rutorrent/plugins

The 403 Forbidden errors mean you probably mixed up something between steps 11 and 13.