# Aria2
My Raspi-4B is installed with the official Rasbian, and the flashing process is very simple, download, unzip, and dd three steps to get it done, you can refer to Pi official website. Aria2 downloader is believed to be familiar to everyone, simply install it using apt (remember to change the source).
sudo apt update && sudo apt install aria2
After installation, create various files for aria2 as usual.
Since we need to manage downloaded files through SFTP, SMB, we set aria2 to run under the low privilege user aria.
groupadd -r aria # Add user group aria
useradd -r -g aria -s /usr/sbin/nologin -c "Aria 2" aria # Add user aria
sudo mkdir -p /home/aria/aria2 # Create working directory
touch /home/aria/aria2/aria2.session # Create aria2 progress file
touch /home/aria/aria2/aria2.log # Create aria2 log file
touch /home/aria/aria2/aria2.config # Create aria2 configuration file
chown aria:aria /home/aria/* # Transfer files under the working directory to the aria user
Then edit the configuration file by nano /home/aria/aria2/aria2.config.
Configuration Example
# Download path
dir=/home/pi/Downloads
# Enable disk cache, 0 to disable cache, requires 1.16 or above, default:16M
#disk-cache=32M
# File allocation method, effectively reduces disk fragments, default:prealloc
# Pre-allocation time: none < falloc ? trunc < prealloc
# falloc and trunc require file system and kernel support
# NTFS recommend using falloc, EXT3/4 recommend trunc, MAC needs to comment out this item
file-allocation=trunc
continue=true
## Download connection related ##
# Maximum number of simultaneous download tasks, can be modified at runtime, default:5
max-concurrent-downloads=5
# Number of connections per server, can be specified when adding, default:1
max-connection-per-server=16
# Minimum file chunk size, can be specified when adding, range 1M-1024M, default:20M
# Assume size=10M, for a 20MiB file, use two sources for download; for a 15MiB file, use one source for download
min-split-size=10M
# Maximum threads per task, can be specified when adding, default:5
split=16
# Overall download speed limit, can be modified at runtime, default:0
#max-overall-download-limit=0
# Single task download speed limit, default:0
#max-download-limit=0
# Overall upload speed limit, can be modified at runtime, default:0
max-overall-upload-limit=10K
# Single task upload speed limit, default:0
max-upload-limit=20
# Disable IPv6, default:false
## Progress storage related ##
# Read download tasks from the session file
input-file=/home/aria/aria2/aria2.session
# Save `error/incomplete` download tasks to the session file when Aria2 exits
save-session=/home/aria/aria2/aria2.session
# Periodically save the session, 0 for saving only when exiting, requires 1.16.1 or above, default:0
save-session-interval=60
## RPC related settings ##
# Enable RPC, default:false
enable-rpc=true
# Allow all sources, default:false
rpc-allow-origin-all=true
# Allow non-external access, default:false
rpc-listen-all=true
# Certificate file (.pem/.crt) used for SSL/TLS encryption in RPC service
#rpc-certificate=/etc/letsencrypt/live/aria.wannaexpresso.com/fullchain.pem
# Private key file (.key) used for SSL/TLS encryption in RPC service
#rpc-private-key=/etc/letsencrypt/live/aria.wannaexpresso.com/privkey.pem
# Event polling method, values:[epoll, kqueue, port, poll, select], different default values for different systems
#event-poll=select
# RPC listening port, can be modified if the port is occupied, default:6800
#rpc-listen-port=6800
# RPC authorization token, new function added in v1.18.4, instead of --rpc-user and --rpc-passwd options
#rpc-secret=secret
# RPC access username, this option is deprecated in the newer version, recommend using --rpc-secret option
#rpc-user=<USER>
# RPC access password, this option is deprecated in the newer version, recommend using --rpc-secret option
#rpc-passwd=<PASSWD>
## BT/PT download related ##
# Automatically start BT tasks when downloading a torrent file (ending in .torrent), default:true
#follow-torrent=true
# BT listening port, used when the port is blocked, default:6881-6999
listen-port=51413
# Maximum connections per single torrent, default:55
#bt-max-peers=55
# Enable DHT function, disable for PT, default:true
#enable-dht=false
# Enable IPv6 DHT function, disable for PT
enable-dht6=true
# DHT network listening port, default:6881-6999
#dht-listen-port=6881-6999
# Local node lookup, disable for PT, default:false
#bt-enable-lpd=false
# Torrent exchange, disable for PT, default:true
enable-peer-exchange=true
# Speed limit for each torrent, useful for PT with few seeds, default:50K
#bt-request-peer-speed-limit=50K
# Client disguise, needed for PT
#peer-id-prefix=-TR2770-
#user-agent=Transmission/2.77
# Automatically stop seeding when the share ratio of a torrent reaches this number, 0 for always seeding, default:1.0
#seed-ratio=0
# Force save session, even if the task is completed, default:false
# Newer versions will retain .aria2 file after enabling
#force-save=false
# BT hash check related, default:true
#bt-hash-check-seed=true
# When continuing previous BT tasks, no need to recheck, default:false
bt-seed-unverified=true
# Save magnet link metadata as torrent file (.torrent file), default:false
bt-save-metadata=true
bt-tracker=udp://62.138.0.158:6969/announce,udp://87.233.192.220:6969/announce,udp://111.6.78.96:6969/announce,udp://90.179.64.91:1337/announce,udp://51.15.4.13:1337/announce,udp://151.80.120.113:2710/announce,udp://191.96.249.23:6969/announce,udp://35.187.36.248:1337/announce,udp://123.249.16.65:2710/announce,udp://210.244.71.25:6969/announce,udp://78.142.19.42:1337/announce,udp://173.254.219.72:6969/announce,udp://51.15.76.199:6969/announce,udp://51.15.40.114:80/announce,udp://91.212.150.191:3418/announce,udp://103.224.212.222:6969/announce,udp://5.79.83.194:6969/announce,udp://92.241.171.245:6969/announce,udp://5.79.209.57:6969/announce,udp://82.118.242.198:1337/announceThen create an auto-startup file sudo touch /etc/systemd/system/aria2.service
Update on 2021/02/21: It seems that modifying the permissions of the aria2c binary file cannot guarantee that downloaded files can be modified by other users. I found that using
UMask=in the service file can ensure that the permissions of downloaded files in the future are 777.
# /etc/systemd/system/aria2.service
[Unit]
Description=Aria2 Service
After=network.target
[Service]
User=aria
Group=aria
UMask=0000
ExecStart=/usr/bin/aria2c --conf-path=/home/pi/.config/aria2/aria2.config
ExecStop=/bin/kill $MAINPID
[Install]
WantedBy=multi-user.target
Use the following systemctl commands to start aria2 auto-startup:
sudo systemctl daemon-reload # Reload modified service files
sudo systemctl enable aria2 # Enable auto-startup
sudo systemctl start aria2 # Start the service
sudo systemctl status aria2 # Check the logs
Notes: If any issues occur while checking the logs, you can debug using
sudo -u aria aria2c /home/aria/aria2/aria2.config.
Aria2 is now configured.
# AriaNG
Download Aria2’s frontend AriaNG from GitHub. At this point, on a computer with a graphical interface, you can open the downloaded index.html and try connecting to 127.0.0.1:6800/jsonrpc to check if Aria2 is configured correctly.
If you want to set up a management interface directly on the Raspberry Pi, you will need a wrapper like AriaNG to work with an HTTP server. However, I do not recommend this approach because ISPs may block HTTP/HTTPS ports, making the configuration especially complex, and it becomes difficult to obtain domain certificates, making it hard to use a secure HTTPS connection to the Raspberry Pi; furthermore, hosting an HTTP server without filing may entail the risk of ISPs closing ports.
# Caddy 2
Firstly, use wget to download AriaNG to the Raspberry Pi.
wget https://github.com/mayswind/AriaNg/releases/download/1.2.1/AriaNg-1.2.1-AllInOne.zip # Download AriaNG example
sudo apt install unzip
unzip AriaNg-1.2.1-AllInOne.zip # Unzip
Here, we will use /path/containing/arianghtml to replace the extracted directory.
The HTTP server we will use, Caddy, has been updated to 2.0 (hurray!), so here we will also keep up with the times.
# Install Caddy following the official guide
Download the
*linux_armv7*version of caddy from GitHub, after extraction, copy it to /usr/bin usingsudo mv caddy /usr/bin.Use
caddy versionto verify that the installation was successful.Add the user group
caddy.
groupadd --system caddy
- Create a user named caddy and assign a working directory to them.
useradd --system \
--gid caddy \
--create-home \
--home-dir /var/lib/caddy \
--shell /usr/sbin/nologin \
--comment "Caddy web server" \
caddy
- Download the caddy.service file and copy it to the target directory using
sudo mv caddy.service /etc/systemd/system/caddy.service.
# Ah, you've got yourself a triple!
sudo systemctl daemon-reload
sudo systemctl enable caddy
sudo systemctl start caddy
Run the above commands to keep caddy running in the background permanently. Some other useful commands include:
systemctl status caddy # Check the running status
journalctl -u caddy # Check all logs
sudo systemctl reload caddy # Reload Caddy configuration files
sudo systemctl stop caddy # Stop the service
- Caddy 2’s operation can be controlled through a Caddyfile configuration file or API, here we will use the simpler Caddyfile. The built-in service caddy.service provided by the official invokes the Caddyfile under
/etc/caddy/.
sudo touch /etc/caddy/Caddyfile
sudo nano /etc/caddy/Caddyfile
Edit the content as follows:
Your.Raspberry.Pi.IP{
root * /path/containing/arianghtml
file_server
reverse_proxy /jsonrpc 127.0.0.1:6800
}
Your.Raspberry.Pi.IPis the address of your Raspberry Pi on the home network./path/containing/arianghtmlis the directory where you just unpacked index.html.reverse_proxy /jsonrpc 127.0.0.1:6800indicates reverse proxying the aria2 port to port 443, solving the issue of aria2 not having a certificate and being unable to use it on an https page.
sudo systemctl reload caddy # Reload Caddyfile
Now, open a browser and visit https://Your.Raspberry.Pi.IP, in AriaNG Settings enter Your.Raspberry.Pi.IP:443/jsonrpc, and you can connect to your Raspberry Pi download station.
# Building Aria2 + Caddy 2 Download Station with RaspberryPi
# External Access
For external access, I will just briefly touch on it here. For implementation details, please refer to other resources.
# Solution 1: Public IP + DDNS + Domain Name
Configure DDNS on your router to convert the dynamic IP into a static one through DNS services. Since ISPs tend to block ports 443 and 80 on home networks, you’ll need to host AriaNG on different ports.
A challenge you’ll face is that Caddy requires at least port 443 for automatic certificate acquisition, which isn’t possible. Therefore, you’ll have to manually use DNS Challenge with Certbot to get the certificate.
Note that if you use Cloudflare, the Raspberry Pi Certbot plugin doesn’t support Zone Key yet, so you’ll have to use CF’s Global Key.
Once you have the certificate, you can configure the Caddyfile like this:
Your.Raspberry.Pi.IP, Your.Domain:OtherPorts{
tls /path/to/fullchain.pem /path/to/privkey.pem
root * /path/containing/arianghtml
file_server
reverse_proxy /jsonrpc 127.0.0.1:6800
}
# Solution 2: ZeroTier
Utilize ZeroTier to create a virtual LAN, allowing you to access the Raspberry Pi using the IP provided by ZeroTier. You can also install it on your router, enabling access to the Raspberry Pi using the home network’s IP. The setup process is quite straightforward.
# Other Solutions
There are other solutions such as FRP, Peanut Shell, etc., which you can explore if interested.
# Conclusion
In reality, I don’t download much nowadays. The tinkering is just for the sake of tinkering. Nevertheless, tinkering can still be enjoyable…