说明:非常轻量,下载时占用很低,通过DUFS上传的文件可以在系统中正常查看,在系统内创建的文件也会显示在DUFS中,在DUFS中无法看到磁盘使用情况
下载dufs
下载地址https://github.com/sigoden/dufs/releases
文档地址https://github.com/sigoden/dufs/blob/main/README.md#advanced-topics
mkdir -p /app/dufs
cd /app/dufs
wget https://github.com/sigoden/dufs/releases/download/v0.42.0/dufs-v0.42.0-x86_64-unknown-linux-musl.tar.gz
tar -zxvf dufs-*
rm dufs-*
创建哈希密码
DUFS 支持使用 sha-512 哈希密码。
Dufs 仅支持 sha-512 哈希密码,因此请确保密码字符串始终以$6$开头。
apt install whois
mkpasswd -m sha-512
创建配置文件
nano /app/dufs/config.yaml
输入
serve-path: '/html/网盘' #修改存储路径
#bind: 0.0.0.0
port: 5000 #端口
#path-prefix: /dufs
hidden: #设置隐藏文件
- tmp
- '*.log'
- '*.lock'
auth:
- admin:admin@/:rw #修改用户名和密码
#- user:pass@/src:rw,/share
- '@/游客文件夹1,/游客文件夹2' # According to the YAML spec, quoting is required.给与匿名用户只读权限
#allow-all: false #允许全部权限
allow-upload: true
allow-delete: true
allow-search: true
allow-symlink: false #允许用符号链接到根目录之外的文件/文件夹
allow-archive: true #允许生成压缩包
#enable-cors: true
render-index: false
render-try-index: false
render-spa: false
#assets: ./assets/
#log-format: '$remote_addr "$request" $status $http_user_agent'
#log-file: ./dufs.log
compress: none #设置压缩级别
#tls-cert: tests/data/cert.pem
#tls-key: tests/data/key_pkcs1.pem
开启守护进程
编辑守护进程配置文件
nano /etc/systemd/system/dufs.service
[Unit]
Description=dufs
After=network.target
[Service]
ExecStart=/app/dufs/dufs -c /app/dufs/config.yaml
[Install]
WantedBy=multi-user.target
更新配置并用守护进程启动
systemctl daemon-reload
systemctl enable dufs.service
systemctl start dufs
申请证书
#nginx -s stop
systemctl stop nginx
apt-get install socat curl cron
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
~/.acme.sh/acme.sh --issue -d www.kkiikk.top --standalone -k ec-256 --force --test
rm -rf ~/.acme.sh/www.kkiikk.top_ecc
以上是测试
~/.acme.sh/acme.sh --issue -d www.kkiikk.top --standalone -k ec-256 --force
mkdir /etc/nginx/ssl/
~/.acme.sh/acme.sh --installcert -d www.kkiikk.top --fullchainpath /etc/nginx/ssl/www.kkiikk.top.crt --keypath /etc/nginx/ssl/www.kkiikk.top.key --ecc --force
配置nginx
nginx.conf配置
nano /etc/nginx/conf/nginx.conf
编辑nginx.conf
user root;
worker_processes auto;
error_log /etc/nginx/error.log warn;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/conf/mime.types; #注意路径,必须写,否则可能造成css无法加载
#include /etc/nginx/mime.types; #注意路径,必须写,否则可能造成css无法加载
default_type application/octet-stream;
log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for"';
access_log /etc/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 120;
client_max_body_size 20m;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
dufs.conf
配置
nano /etc/nginx/conf.d/dufs.conf
输入
server {
listen 443 ssl;
listen [::]:443 ssl; #没有ipv6的话要注释掉这行
ssl_certificate /etc/nginx/ssl/www.kkiikk.top.crt;
ssl_certificate_key /etc/nginx/ssl/www.kkiikk.top.key;
ssl_protocols TLSv1.3;
ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
server_name www.kkiikk.top;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://127.0.0.1:5000; #修改端口
}
#允许大文件上传
client_max_body_size 0;
# Config for 0-RTT in TLSv1.3
ssl_early_data on;
ssl_stapling on;
ssl_stapling_verify on;
proxy_set_header Early-Data $ssl_early_data;
add_header Strict-Transport-Security "max-age=31536000";
}
server {
listen 80;
listen [::]:80; #没有ipv6的话要注释掉这行
server_name www.kkiikk.top;
return 301 https://www.kkiikk.top$request_uri;
}
server {
listen 80;
listen [::]:80; #没有ipv6的话要注释掉这行
server_name kkiikk.top;
return 301 https://www.kkiikk.top$request_uri;
}
重启服务
systemctl restart dufs
systemctl restart nginx