Latest flood WebUI with rTorrent, and Apache on ArchLinux

So ruTorrent is the past! Now is flood on the way… Here my setup for the Apache proxy and rTorrent.

First we install flood-git, rTorrent, certbot, and Apache over AUR

yay -S flood-git rtorrent apache certbot

We configure rTorrent with SystemD and save it!

vim /etc/systemd/system/rtorrent.service 

[Unit]
Description=rTorrent System Daemon
After=network.target

[Service]
Type=simple
User=rtorrent
Group=rtorrent
# Modify the next 2 lines to use absolute paths
ExecStartPre=-/bin/rm -f /home/data/rtorrent/session/rtorrent.lock
ExecStart=/usr/bin/rtorrent -o import=/etc/rtorrent.conf
Restart=on-failure
RestartSec=3

[Install]
WantedBy=multi-user.target

Make rtorrent user with home directory on your preferred RAID/Disks

useradd -r -G rtorrent -s /usr/bin/nologin rtorrent
usermod -d /home/data/rtorrent -m rtorrent

Configure your rtorrent.conf

vim /etc/rtorrent.conf 

#############################################################################
# This is an (old) example resource file for rTorrent.
# Copy to ~/.rtorrent.rc and enable/modify the options as needed.
# Remember to uncomment the options you wish to enable.
#
# See 'rtorrent.rc-example' for a newer, basic configuration.
#
#   Sample: https://github.com/rakshasa/rtorrent/wiki/CONFIG-Template
# Complete: https://rtorrent-docs.readthedocs.io/en/latest/cmd-ref.html
#   Useful: https://rtorrent-docs.readthedocs.io/en/latest/use-cases.html
#   Manual: https://rtorrent-docs.readthedocs.io/en/latest/
#  Convert: https://github.com/rakshasa/rtorrent/wiki/rTorrent-0.9-Comprehensive-Command-list-(WIP)
# Handbook: https://media.readthedocs.org/pdf/rtorrent-docs/latest/rtorrent-docs.pdf
#     File: https://github.com/rakshasa/rtorrent/blob/master/doc/rtorrent.rc
#############################################################################

# Maximum and minimum number of peers to connect to per torrent.
#
#throttle.min_peers.normal.set = 40
#throttle.max_peers.normal.set = 100

# Same as above but for seeding completed torrents.
# "-1" = same as downloading.
#
#throttle.min_peers.seed.set = 10
#throttle.max_peers.seed.set = 50

# Maximum number of simultaneous uploads per torrent.
#
#throttle.max_uploads.set = 15

# Global upload and download rate in KiB.
# "0" for unlimited.
#
#throttle.global_down.max_rate.set_kb = 0
#throttle.global_up.max_rate.set_kb = 0

# Default directory to save the downloaded torrents.
#
directory.default.set = /home/data/rtorrent/

# Default session directory. Make sure you don't run multiple instance
# of rTorrent using the same session directory. Perhaps using a
# relative path?
#
session.path.set =/home/data/rtorrent/session

# Watch a directory for new torrents, and stop those that have been
# deleted.
#
schedule2 = watch_directory,5,5,load.start=/home/data/rtorrent/watch/*.torrent

# Close torrents when disk-space is low.
#
schedule2 = low_diskspace,5,60,close_low_diskspace=100M

# The IP address reported to the tracker.
#
#network.local_address.set = 127.0.0.1
#network.local_address.set = rakshasa.no

# The IP address the listening socket and outgoing connections is
# bound to.
#
#network.bind_address.set = 127.0.0.1
#network.bind_address.set = rakshasa.no

# Port range to use for listening.
#
network.port_range.set = 55000-55111

# Start opening ports at a random position within the port range.
#
#network.port_random.set = no

# Check hash for finished torrents. Might be useful until the bug is
# fixed that causes lack of disk-space not to be properly reported.
#
#pieces.hash.on_completion.set = no

# Set whether the client should try to connect to UDP trackers.
#
trackers.use_udp.set = yes

# Alternative calls to bind and IP that should handle dynamic IP's.
#
#schedule2 = ip_tick,0,1800,ip=rakshasa
#schedule2 = bind_tick,0,1800,bind=rakshasa

# Encryption options, set to none (default) or any combination of the following:
# allow_incoming, try_outgoing, require, require_RC4, enable_retry, prefer_plaintext
#
# The example value allows incoming encrypted connections, starts unencrypted
# outgoing connections but retries with encryption if they fail, preferring
# plain-text to RC4 encryption after the encrypted handshake.
#
# protocol.encryption.set = allow_incoming,enable_retry,prefer_plaintext

# Enable DHT support for trackerless torrents or when all trackers are down.
# May be set to "disable" (completely disable DHT), "off" (do not start DHT),
# "auto" (start and stop DHT as needed), or "on" (start DHT immediately).
# The default is "off". For DHT to work, a session directory must be defined.
#
dht.mode.set = auto

# UDP port to use for DHT.
#
dht.port.set = 6881

# Enable peer exchange (for torrents not marked private).
#
#protocol.pex.set = yes

# Set download list layout style ("full", "compact").
#
#ui.torrent_list.layout.set = "full"

# Run rTorrent as a daemon, controlled via XMLRPC.
#
system.daemon.set = true
system.umask.set = 002
 
# SCGI Connectivity (for alternative rtorrent interfaces, XMLRPC)
# Use a IP socket with scgi_port, or a Unix socket with scgi_local.
# schedule can be used to set permissions on the unix socket.
#
network.scgi.open_port = "127.0.0.1:5000"
#network.scgi.open_local = (cat,(session.path),/rpc.sock)
#schedule2 = socket_chmod, 0, 0, "execute.nothrow=chmod,770,(cat,(session.path),/rpc.sock)"

Give the properties, user – and grouprights for rTorrent and that recursiv

chmod 755 -R /home/data/rtorrent 
chown -R rtorrent:rtorrent /home/data/rtorrent 

Make a vhost and proxy with apache

vim /etc/httpd/conf/vhosts/flood.conf
 
<VirtualHost *:80>
        DocumentRoot "/usr/lib/flood/assets"

        #Umleitung von tung http zu https
        ServerName flood.yourdomain.com
        ServerAdmin mail@joelmueller.ch

        <Directory "/usr/lib/flood/assets">
         Options Indexes FollowSymLinks
         AllowOverride All   
         Order allow,deny
         Allow from all	
        </Directory>
        <FilesMatch \.php$>
          # For Apache version 2.4.10 and above, use SetHandler to run PHP as a fastCGI process server
          SetHandler "proxy:unix:/run/php-fpm/php-fpm.sock|fcgi://localhost"
        </FilesMatch>

        RewriteEngine On
        RewriteCond %{SERVER_NAME} =flood.joelmueller.ch
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
        DocumentRoot "/usr/lib/flood/assets" 
  
        ServerName flood.yourdomain.com
        ServerAdmin mail@joelmueller.ch
        
  	<Directory "/usr/lib/flood/assets">
  	  Options Indexes FollowSymLinks
  	  AllowOverride All   
  	  Order allow,deny
  	  Allow from all	
        </Directory>

	
	SSLEngine on

        SSLHonorCipherOrder on
        SSLProtocol all -SSLv2 -SSLv3 -TLSv1
        SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!3DES:!aNULL:!MD5
        SetEnvIf User-Agent ".*MSIE.*"nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
            
        SSLProxyEngine On
        
        RewriteEngine on
        RewriteCond ${HTTP:UPGRADE} ^WebSocket$ [NC]
        RewriteCond ${HTTP:CONNECTION} ^Upgrade$ [NC]
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
        ProxyPass / http://127.0.0.1:3000/
        ProxyPassReverse / http://127.0.0.1:3000/
	
        ProxyRequests off
	Include /etc/letsencrypt/options-ssl-apache.conf
	<FilesMatch \.php$>
      	 # For Apache version 2.4.10 and above, use SetHandler to run PHP as a fastCGI process server
         SetHandler "proxy:unix:/run/php-fpm/php-fpm.sock|fcgi://localhost"
	</FilesMatch>

SSLCertificateFile /etc/letsencrypt/live/flood.joelmueller.ch/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/flood.joelmueller.ch/privkey.pem
</VirtualHost>

You must include the vhost on httpd.conf

vim /etc/httpd/conf/httpd.conf

....
#Sites vhosts
Include conf/vhosts/flood.conf

...

Make a SystemD service for flood

vim/etc/systemd/system/flood.service 

[Unit]
Description=Flood rTorrent Web UI
After=network.target

[Service]
User=rtorrent
Group=http
EnvironmentFile=/etc/conf.d/flood
ExecStart=/usr/bin/node --use_strict /usr/lib/flood/index.js --rundir /var/lib/flood $FLOOD_ARGS

[Install]
WantedBy=multi-user.target

Enable flood

systemctl enable flood

Change userrights to user rtorrent and group http for flood floder

chown -R rtorrent:http /usr/lib/flood

Add rtorrent to http group

gpasswd -a rtorrent http

Start rtrorrent and flood

systemctl start {rtorrent,flood}

Restart apache and php-fpm

systemctl restart {http,php-fpm}

You can create a login at flood.yourdomain.com and choose TCP as connection, IP is 127.0.0.1 and the port is 5000

Have fun!