Open johnnysong-cc opened 1 year ago
Maybe these can point you in the right direction, would be interested to know if it works for you:
https://github.com/mayswind/AriaNg/issues/681 https://kingtam.win/archives/aria2-jsonrpc.html
you can read this article https://developer.chrome.com/blog/private-network-access-update/
Have you tried setting the RPC port to 443 inside AriaNg? It works for me with the following nginx config (using nginx-proxy-manager):
#ARIA2
location /jsonrpc {
proxy_pass http://$server:$port/jsonrpc;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
Hi, probably you are using the wrong port on stream.
I've aria2 running on the same VM that hosts aria2ng behind nginx. Aria2ng responds on port 443, and aria2 is listening on 127.0.0.1:6800.
My nginx config is similar to this :
server {
listen 80;
root /home/aria2/aria2ng;
server_name aria2.myserver.org;
return 307 https://$server_name$request_uri;
## MANAGE CERTIFICATE REQUEST WITH acme.sh AND letsencrypt
location ^~ /.well-known/acme-challenge/ {
default_type "text/plain";
alias /home/aria2/cert/.well-known/acme-challenge/;
}
# hiding .well-known directory
location = /.well-known/ {
return 404;
}
}
server {
listen 443 ssl http2;
autoindex off;
server_name aria2.myserver.org;
root /home/aria2/aria2ng;
# logs
access_log /home/aria2/logs/aria2ng.log;
error_log /home/aria2/logs/error_aria2ng.log warn;
error_log /var/log/nginx/error.log warn;
# SSL
ssl_certificate /home/aria2/.acme.sh/aria2.myserver.org_ecc/aria2.myserver.org.cer;
ssl_certificate_key /home/aria2/.acme.sh/aria2.myserver.org_ecc/aria2.myserver.org.key;
# SSL timeout
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
# Setting TLS version
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
# CYPHER
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384>
# Enable OSCP Stapling for Nginx web server
# If you're using the SSL from Letsencrypt,
# use the 'chain.pem' certificate
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /home/aria2/.acme.sh/aria2.myserver.org_ecc/fullchain.cer;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Nginx protection against XSS and HSTS
# add_header X-Frame-Options DENY;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
add_header X-Robots-Tag none;
# add Strict-Transport-Security to prevent man in the middle attacks
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
# LOCATIONS (using http_auth to a minimum interface protection)
location / {
auth_basic "Area2 admin area";
auth_basic_user_file /etc/nginx/httpauth/.aria2;
try_files $uri $uri/ =404;
}
location /jsonrpc {
# Proxy jsonrpc to local aria2c server, since https page can't make "http" and "ws" connection.
# To connect, simply connect to wss://DOMAIN_NAME:443/jsonrpc
auth_basic off;
# use the standard ubuntu server proxy file rules
include ./conf.d/proxy.conf;
proxy_pass http://127.0.0.1:6800;
}
location /files {
# Aria2c download folder
auth_basic "Area2 admin area";
auth_basic_user_file /etc/nginx/httpauth/.aria2;
# destination directory where the files are downloaded
alias /mnt/share/aria2;
autoindex on;
}
}
When configure RPC alias inside the Aria2NG settings, you need to configure in this manner the url :
wss://aria2.myserver.org:443/jsonrpc
otherwise the proxy mode of nginx don't works correctly to redirect the request to the port on the server.
I hope that this resolve your problem.
Running Context
Aria2 RPC Server is running on 192.168.1.99:6800 AriaNg client is running on 192.168.1.254:6880 They work fine together. However when I tried to put AriaNg behind Nginx reverse proxy with the following configuration:
Symptom
When accessing via "https://aria.mydomain.com" in the browser, the AriaNg client is still accessible but it can't connect to the RPC server via 192.168.1.99:6800 anymore.
Here are the problems beyond my reach
On the RPC Server settings, "http" and "websocket" can't be used and options were confined to "https" and "wss". However, I tried to use the certificates for "aria.mydomain.com" issued by LetsEncrypt with Aria2 RPC Server but it doesn't accept them.
There are many jsonrpc errors in the Network tab of Chrome DevTools. I have tried to use
proxy_set_header
to change the Origin and Referer headers as shown in the configuration but they remain unchanged as "https://aria.mydomain.com"