Debian12安装DUFS

说明:非常轻量,下载时占用很低,通过DUFS上传的文件可以在系统中正常查看,在系统内创建的文件也会显示在DUFS中,在DUFS中无法看到磁盘使用情况

下载dufs

下载地址https://github.com/sigoden/dufs/releases
文档地址https://github.com/sigoden/dufs/blob/main/README.md#advanced-topics

mkdir -p /app/dufs
cd /app/dufs
wget https://github.com/sigoden/dufs/releases/download/v0.42.0/dufs-v0.42.0-x86_64-unknown-linux-musl.tar.gz
tar -zxvf dufs-*
rm dufs-*

创建哈希密码

DUFS 支持使用 sha-512 哈希密码。
Dufs 仅支持 sha-512 哈希密码,因此请确保密码字符串始终以$6$开头。

apt install whois
mkpasswd -m sha-512

创建配置文件

nano /app/dufs/config.yaml

输入

serve-path: '/html/网盘' #修改存储路径
#bind: 0.0.0.0
port: 5000 #端口
#path-prefix: /dufs
hidden: #设置隐藏文件
  - tmp
  - '*.log'
  - '*.lock'
auth:
  - admin:admin@/:rw #修改用户名和密码
  #- user:pass@/src:rw,/share
  - '@/游客文件夹1,/游客文件夹2'  # According to the YAML spec, quoting is required.给与匿名用户只读权限
#allow-all: false #允许全部权限
allow-upload: true
allow-delete: true
allow-search: true
allow-symlink: false #允许用符号链接到根目录之外的文件/文件夹
allow-archive: true #允许生成压缩包
#enable-cors: true
render-index: false
render-try-index: false
render-spa: false
#assets: ./assets/
#log-format: '$remote_addr "$request" $status $http_user_agent'
#log-file: ./dufs.log
compress: none #设置压缩级别
#tls-cert: tests/data/cert.pem
#tls-key: tests/data/key_pkcs1.pem

开启守护进程

编辑守护进程配置文件

nano /etc/systemd/system/dufs.service
[Unit]
Description=dufs
After=network.target
 
[Service]
ExecStart=/app/dufs/dufs -c /app/dufs/config.yaml
 
[Install]
WantedBy=multi-user.target

更新配置并用守护进程启动

systemctl daemon-reload
systemctl enable dufs.service
systemctl start dufs

申请证书

#nginx -s stop
systemctl stop nginx
apt-get install socat curl cron
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
~/.acme.sh/acme.sh --issue -d www.kkiikk.top --standalone -k ec-256 --force --test
rm -rf ~/.acme.sh/www.kkiikk.top_ecc
以上是测试
~/.acme.sh/acme.sh --issue -d www.kkiikk.top --standalone -k ec-256 --force
mkdir /etc/nginx/ssl/
~/.acme.sh/acme.sh --installcert -d www.kkiikk.top --fullchainpath /etc/nginx/ssl/www.kkiikk.top.crt --keypath /etc/nginx/ssl/www.kkiikk.top.key --ecc --force

配置nginx

nginx.conf配置

nano /etc/nginx/conf/nginx.conf

编辑nginx.conf

user  root;
worker_processes  auto;
error_log  /etc/nginx/error.log warn;
pid        /run/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include       /etc/nginx/conf/mime.types; #注意路径,必须写,否则可能造成css无法加载
    #include       /etc/nginx/mime.types; #注意路径,必须写,否则可能造成css无法加载
    default_type  application/octet-stream;
    log_format  main  '\$remote_addr - \$remote_user [\$time_local] "\$request" '
                      '\$status \$body_bytes_sent "\$http_referer" '
                      '"\$http_user_agent" "\$http_x_forwarded_for"';
    access_log /etc/nginx/access.log main;
    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  120;
    client_max_body_size 20m;
    #gzip  on;
    include /etc/nginx/conf.d/*.conf;
}

dufs.conf配置

nano /etc/nginx/conf.d/dufs.conf

输入

server {
        listen 443 ssl;
        listen [::]:443 ssl; #没有ipv6的话要注释掉这行
        ssl_certificate       /etc/nginx/ssl/www.kkiikk.top.crt;
        ssl_certificate_key   /etc/nginx/ssl/www.kkiikk.top.key;
        ssl_protocols         TLSv1.3;
        ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
        server_name www.kkiikk.top;

        location / {
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_redirect off;
                proxy_pass http://127.0.0.1:5000; #修改端口
        }
        #允许大文件上传
        client_max_body_size 0;
        # Config for 0-RTT in TLSv1.3
        ssl_early_data on;
        ssl_stapling on;
        ssl_stapling_verify on;
        proxy_set_header Early-Data $ssl_early_data;
        add_header Strict-Transport-Security "max-age=31536000";

}

server {
        listen 80;
        listen [::]:80;   #没有ipv6的话要注释掉这行
        server_name www.kkiikk.top;
        return 301 https://www.kkiikk.top$request_uri;
}

server {
        listen 80;
        listen [::]:80;   #没有ipv6的话要注释掉这行
        server_name kkiikk.top;
        return 301 https://www.kkiikk.top$request_uri;
}

重启服务

systemctl restart dufs
systemctl restart nginx
无标签
评论区
头像