Difference between revisions of "Transmission"

Warning:

These instructions were only tested on Debian. It will probably work for other Linux distributions, but you might need to adapt the provided instructions.

In this guide, we will install the BitTorrent client transmission an use it through the web interface.

Install

# apt install transmission-daemon

Configure

Listen Address

By default transmission listen on all addresses. Let’s change that and make it listen only on local address.

Edit file /etc/transmission-daemon/settings.json and change this line:

"rpc-bind-address": "127.0.0.1",

And make sure that the change is taken into account

# systemctl reload transmission-daemon.service

Webserver

1. Create the config file /etc/nginx/sites-available/transmission.example.org

   server {
       include snippets/listen-http.conf;
       server_name transmission.example.org;
   
       access_log /var/log/nginx/transmission.example.org.access.log;
       error_log /var/log/nginx/transmission.example.org.error.log info;
   
       include snippets/acme-challenge.conf;
       include snippets/https-permanent-redirect.conf;
   }
   
   server {
       include snippets/listen-https.conf;
       server_name transmission.example.org;
   
       access_log /var/log/nginx/transmission.example.org.access.log;
       error_log /var/log/nginx/transmission.example.org.error.log info;
   
       include snippets/acme-challenge.conf;
       #include snippets/ssl.conf;
       #ssl_certificate      /etc/letsencrypt/live/transmission.example.org/fullchain.pem;
       #ssl_certificate_key  /etc/letsencrypt/live/transmission.example.org/privkey.pem;
       #more_set_headers "Strict-Transport-Security: max-age=31536000";
   
       location / {
           include proxy_params;
           proxy_request_buffering off;
           proxy_http_version 1.1;
           proxy_pass http://127.0.0.1:9091;
       }
       location /downloads {
           auth_basic            "You shall not pass!";
           auth_basic_user_file  /etc/nginx/generic.htpasswd;
           root /var/lib/transmission-daemon;
           autoindex on;
       }
   

2. Activate the configuration with

   $ sudo nginx_modsite -e transmission.example.org
   Would you like to reload the Nginx configuration now? (Y/n) Y
   

3. Edit file /usr/local/etc/certmanage/main.json and add the following to the list

   {
       "domains": ["transmission.example.org"],
       "reload": [["/bin/systemctl", "reload", "nginx.service"]]
   }
   

4. Get your certificate

   $ sudo /usr/local/sbin/certmanage
   Renewing certificate for transmission.example.org that will expire on 0001-01-01
   
   Saving debug log to /var/log/letsencrypt/letsencrypt.log
   Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
   Obtaining a new certificate
   Performing the following challenges:
   http-01 challenge for transmission.example.org
   Using the webroot path /var/www/acme-challenge for all unmatched domains.
   Waiting for verification...
   Cleaning up challenges
   Generating key (2048 bits): /etc/letsencrypt/keys/1764_key-certbot.pem
   Creating CSR: /etc/letsencrypt/csr/1764_csr-certbot.pem
   
   IMPORTANT NOTES:
    - Congratulations! Your certificate and chain have been saved at
      /etc/letsencrypt/live/transmission.example.org/fullchain.pem. Your cert
      will expire on 2025-02-19. To obtain a new or tweaked version of
      this certificate in the future, simply run certbot again. To
      non-interactively renew *all* of your certificates, run "certbot
      renew"
    - If you like Certbot, please consider supporting our work by:
   
      Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
      Donating to EFF:                    https://eff.org/donate-le
   
   Restarting services:
   systemctl reload nginx.service
   

5. Uncomment the ssl related lines in /etc/nginx/sites-available/transmission.example.org and run

   $ sudo systemctl reload nginx.service
   

   }