5 releases
3.0.0-alpha.11 | Sep 18, 2023 |
---|---|
3.0.0-alpha.10 | Sep 16, 2023 |
3.0.0-alpha.3 | Jul 10, 2023 |
3.0.0-alpha.2 | Apr 13, 2023 |
3.0.0-alpha.1 |
|
#69 in #settings
41 downloads per month
Used in 2 crates
60KB
423 lines
Torrust Tracker Configuration
A library to provide configuration to the Torrust Tracker.
Documentation
License
The project is licensed under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE.
lib.rs
:
Configuration data structures for Torrust Tracker.
This module contains the configuration data structures for the
Torrust Tracker, which is a BitTorrent
tracker server.
The configuration is loaded from a TOML file
tracker.toml
in the project root folder or from an environment variable
with the same content as the file.
When you run the tracker without a configuration file, a new one will be created with the default values, but the tracker immediately exits. You can then edit the configuration file and run the tracker again.
Configuration can not only be loaded from a file, but also from environment
variable TORRUST_TRACKER_CONFIG
. This is useful when running the tracker
in a Docker container or environments where you do not have a persistent
storage or you cannot inject a configuration file. Refer to
Torrust Tracker documentation
for more
information about how to pass configuration to the tracker.
Table of contents
Sections
Each section in the toml structure is mapped to a data structure. For
example, the [http_api]
section (configuration for the tracker HTTP API)
is mapped to the HttpApi
structure.
NOTICE: some sections are arrays of structures. For example, the
[[udp_trackers]]
section is an array ofUdpTracker
since you can have multiple running UDP trackers bound to different ports.
Please refer to the documentation of each structure for more information about each section.
Port binding
For the API, HTTP and UDP trackers you can bind to a random port by using
port 0
. For example, if you want to bind to a random port on all
interfaces, use 0.0.0.0:0
. The OS will choose a random port but the
tracker will not print the port it is listening to when it starts. It just
says Starting Torrust HTTP tracker server on: http://0.0.0.0:0
. It shows
the port used in the configuration file, and not the port the
tracker is actually listening to. This is a planned feature, see issue
186 for more
information.
TSL support
For the API and HTTP tracker you can enable TSL by setting ssl_enabled
to
true
and setting the paths to the certificate and key files.
Typically, you will have a directory structure like this:
storage/
├── database
│ └── data.db
└── tls
├── localhost.crt
└── localhost.key
where you can store all the persistent data.
Alternatively, you could setup a reverse proxy like Nginx or Apache to
handle the SSL/TLS part and forward the requests to the tracker. If you do
that, you should set on_reverse_proxy
to true
in the configuration file. It's out of scope for this
documentation to explain in detail how to setup a reverse proxy, but the
configuration file should be something like this:
For NGINX:
# HTTPS only (with SSL - force redirect to HTTPS)
server {
listen 80;
server_name tracker.torrust.com;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name tracker.torrust.com;
ssl_certificate CERT_PATH
ssl_certificate_key CERT_KEY_PATH;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://127.0.0.1:6969;
}
}
For Apache:
# HTTPS only (with SSL - force redirect to HTTPS)
<VirtualHost *:80>
ServerAdmin webmaster@tracker.torrust.com
ServerName tracker.torrust.com
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</IfModule>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@tracker.torrust.com
ServerName tracker.torrust.com
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPreserveHost On
ProxyRequests Off
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
ProxyPassReverse / http://tracker.torrust.com/
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
ErrorLog ${APACHE_LOG_DIR}/tracker.torrust.com-error.log
CustomLog ${APACHE_LOG_DIR}/tracker.torrust.com-access.log combined
SSLCertificateFile CERT_PATH
SSLCertificateKeyFile CERT_KEY_PATH
</VirtualHost>
</IfModule>
Generating self-signed certificates
For testing purposes, you can use self-signed certificates.
Refer to Let's Encrypt - Certificates for localhost for more information.
Running the following command will generate a certificate (localhost.crt
)
and key (localhost.key
) file in your current directory:
openssl req -x509 -out localhost.crt -keyout localhost.key \
-newkey rsa:2048 -nodes -sha256 \
-subj '/CN=localhost' -extensions EXT -config <( \
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
You can then use the generated files in the configuration file:
[[http_trackers]]
enabled = true
...
ssl_cert_path = "./storage/tracker/lib/tls/localhost.crt"
ssl_key_path = "./storage/tracker/lib/tls/localhost.key"
[http_api]
enabled = true
...
ssl_cert_path = "./storage/tracker/lib/tls/localhost.crt"
ssl_key_path = "./storage/tracker/lib/tls/localhost.key"
Default configuration
The default configuration is:
log_level = "info"
mode = "public"
db_driver = "Sqlite3"
db_path = "./storage/tracker/lib/database/sqlite3.db"
announce_interval = 120
min_announce_interval = 120
max_peer_timeout = 900
on_reverse_proxy = false
external_ip = "0.0.0.0"
tracker_usage_statistics = true
persistent_torrent_completed_stat = false
inactive_peer_cleanup_interval = 600
remove_peerless_torrents = true
[[udp_trackers]]
enabled = false
bind_address = "0.0.0.0:6969"
[[http_trackers]]
enabled = false
bind_address = "0.0.0.0:7070"
ssl_enabled = false
ssl_cert_path = ""
ssl_key_path = ""
[http_api]
enabled = true
bind_address = "127.0.0.1:1212"
ssl_enabled = false
ssl_cert_path = ""
ssl_key_path = ""
[http_api.access_tokens]
admin = "MyAccessToken"
Dependencies
~2.7–3.5MB
~75K SLoC