0%

懒人党的福音--顶级全自动化影音系统全方位深入剖析

懒人党的福音–顶级全自动化影音系统全方位深入剖析

首先,为什么我们需要影音系统?

想象这样一个场景:

打开一个网页,点开搜索框输入想看的电影/电视剧/音乐/书籍,点一个按钮,过几分钟对应的高清资源已经呈现在你的Emby影视库中,刮削完毕,字幕配好,你什么都不需要干,只需要找个舒服的地方开开心心地享受就行。

flow

观影、追剧、刮削、字幕,下载全部自动化,爽不爽?牛不牛逼?开不开心?想不想学?

那么本文就教你如何在VPS或NAS上实现这一整套流程以及这一切的背后究竟是怎么实现的。

转载请标注出处。

TL;DR

  1. Emby负责影片的播放,刮削
  2. Ombi是一个搜索前端
  3. Sonarr,Radarr,Lidarr,Readarr负责资源的请求和整理
  4. Prowlarr/Jackett负责indexers的管理和维护
  5. Bazarr/Chinesesubfinder负责字幕的获取,整理,升级和维护
  6. qBittorrent和NZBget负责资源的实际下载工作

硬件需求

最低:

  • CPU: 2 Cores 2 Threads
  • Ram: 4 GB
  • Storage: 200 GB

建议:

  • CPU: 4 Cores 8 Threads
  • Ram: 8 GB
  • Storage: 10 TB

巧妇难为无米之炊

那么,首先最重要的问题:巧妇难为无米之炊,我们要怎么获取这些影视资源呢?

摆在我们面前的有三条道路:BT/PT/Usenet,条条道路通罗马。

以下部分资料来源于Lei Shi

  1. BT

相信大部分人对BT并不陌生,相较于中心化的下载服务器,BT利用P2P(Peer-to-Peer)技术,使每个在P2P网络中的用户都成为了资源的提供方;而资源则以分块的形式,散落在每个人的硬盘中,除非拿到种子文件,否则任何人都不(太)可能从网络中拿到完整的文件。正是这些特性,使得BT自一发布就流行至今。本文中使用的qBittorrent即是一款BT下载器,另外比较常用的还有Transmission/Deluge/uTorrent/aria2等。

比较常用的公网BT影视资源站有:

  • Pirate Bay,大名鼎鼎的海盗湾
  • RARBG,主要是影视资源,质量参差不齐
  • Nyaa,主要是动漫类资源,追番必备
  • dmhy,动漫花园,同上

优势:

  • 新内容多且下载速度快
  • 无入门门槛,免费

劣势:

  • 旧内容(一般指大于3个月)下载速度相当慢
  • 国内有迅雷吸血的问题(我用qbt加强版解决此问题)
  • 需要公网IP以实现最大下载上传速度
  1. PT

PT(Private Tracker)在技术与BT并无本质不同,唯一的区别是,BT连接的是公开的Tracker,而PT通常需要邀请注册,并且用自己密钥才能连上Tracker。PT相比BT,入门有一定的门槛,高质量的站点要么只通过熟人间口口相传,要么需要捐赠注册,价格从几十到几百不等。拥有帐号后还需要一定的设备和动手能力来保持帐号的活跃。新入门PT建议从PT吧或者Reddit起步,从开放注册的PT站点或者有人大量发放的新手站点玩起,慢慢熟悉规则,再逐步进入更好的站点。

优势:

  • 不论新旧下载速度都相当不错
  • 没有迅雷吸血的问题

劣势

  • 资源数量及质量取决于PT站本身
  • 有入门门槛且需要一定技术知识
  • 需要公网IP以实现最大下载上传速度
  1. Usenet

Usenet是早期的一种互联网形式,它甚至比现在的互联网www更早。在早期的语境中,Usenet一般指新闻组,类似于BBS论坛。在本文中提到的Usenet,指的是利用Usenet网络,存储和分发大容量二进制内容(即各种影视资源)的特性。

相对于BT资源的良莠不齐,PT的高不可攀,Usenet兼具高质量资源和低门槛(有不少人不间断地从topsite/PT下载资源上传到Usenet),你只要有钱就行,并且也不是很多钱(大约$40+/年),同时还不需要像PT一样维护帐号活跃/长时间做种。

事实上,如果仅从影视资源角度,Usenet上的资源比任何一个顶级PT都要多、全,甚至有不少玩PT的人,使用Usenet完全是为了下载上面的资源再上传到PT上去;Usenet另一大优势是极快的下载速度,不像BT/PT,资源的下载速度严重依赖于做种人数的多少,Usenet的资源存在服务器上,几乎任何时刻你都可以跑满你的大部分带宽。

Usenet需要以下3个模块共同协作来下载资源:

Indexer,类似于种子搜索网站,提供下载Usenet资源需要的nzb文件。Indexer有免费的,有收费的,也有类似于PT一样进入门槛很高的,本文不作推荐,新手可以从免费的玩起,熟悉流程后再寻找质量更高的Indexer。

Provider,负责提供连接Usenet的帐号。Usenet的内容存储是分布式的,但是你需要一个Provider才能连上Usenet网络,Provider大部分收费,月付费$3-$5左右,这是使用Usenet最大的花销。

nzb下载软件,一般用nzbget即可。

优势

  • 资源齐全且无论新旧都有极高的下载速度
  • 不需要公网IP

劣势

  • 没有中文
  • 有入门门槛且付费
  • NZBGet在国内需要配合透明代理使用,有较高的技术门槛

Usenet Indexer 列表 Usenet Index Sites – 来自 Reddit ,本文不做推荐。

Usenet Provider优惠 Usenet Service Provider Deals – 来自 Reddit ,本文不做推荐

化零为整

有了资源还不够,这些资源是零散的,并不利于我们进行搜索。因此我们需要能将这些资源整合起来方便我们查询的软件。于是就有了 Prowlarr Jackett 以及 FlareSolverr。

prowlarr

Prowlarr 是建立在流行的 *arr .net/reactjs 基础堆栈上的索引器管理器/代理,可与您的各种 PVR 应用程序集成。 Prowlarr 支持 Torrent Tracker 和 Usenet Indexer 的管理。 它与 Lidarr、Mylar3、Radarr、Readarr 和 Sonarr 无缝集成,提供对您的索引器的完整管理,无需为每个应用程序设置索引器(我们全部完成)。 – 来自 Prowlarr Github Repo

jackett

Jackett 充当代理服务器:它将来自应用程序(Sonarr、Radarr、SickRage、CouchPotato、Mylar3、Lidarr、DuckieTV、qBittorrent、Nefarious 等)的查询转换为特定于跟踪器站点的 http 查询,解析 html 或 json 响应,以及 然后将结果发送回请求软件。 这允许获取最近的上传(如 RSS)和执行搜索。 Jackett 是维护索引器抓取和翻译逻辑的单一存储库 - 消除了其他应用程序的负担。 – 来自 Jackett Github Repo

Prowlarr相当于Jackett的升级版,不仅可以让我们进行手动搜索,也可以全自动化地将配置同步给Sonarr Radarr Lidarr Readarr,省去了使用Jackett时必需手动配置与同步indexers的步骤。

FlareSolverr用于过CF的5秒盾。

化整为零

由于各种资源的分类不同,因此我们需要使用专门的软件去查询专门的分类以实现资源的最大化利用以及效率的最优解。因此这就有了 Sonarr 用于查询并下载电视剧,动画片等有集数的内容;Radarr 电影;Lidarr: 音乐;Readarr:电子书。

sonarr

Sonarr 是供 Usenet 和 BitTorrent 用户使用的 PVR(其实就是一个电视剧管理器)。 它可以监控多个 RSS 源以获取您最喜欢的节目的新剧集,并全自动化地抓取、排序和重命名它们。 它还可以配置为在质量更好的格式可用时自动升级已下载文件的质量。 – 来自 Sonarr Github Repo

radarr

Radarr 是 Usenet 和 BitTorrent 用户的电影收藏管理器。 它可以监控新电影的多个 RSS 提要,并将与客户端和索引器交互以全自动化地抓取、排序和重命名它们。 它还可以配置为在质量更好的格式可用时自动升级库中现有文件的质量。 – 来自 Radarr Github Repo

lidarr

Lidarr 是 Usenet 和 BitTorrent 用户的音乐收藏管理器。 它可以监控多个 RSS 提要以获取您最喜欢的艺术家的新曲目,并全自动化地抓取、排序和重命名它们。 它还可以配置为在质量更好的格式可用时自动升级已下载文件的质量。 – 来自 Lidarr Github Repo

readarr

Readarr 是 Usenet 和 BitTorrent 用户的电子书和有声读物收藏管理器。 它可以监控来自您最喜欢的作者的新书的多个 RSS 提要,并全自动化地抓取、排序和重命名它们。 请注意,仅支持给定书籍的一种类型。 如果您想要给定书籍的有声读物和电子书,则需要多个实例。 – 来自 Readarr Github Repo

化零为整

但是作为用户,我们并不关心软件的具体分类,因此就有了 Ombi 来整合 Sonarr Radarr 以及 Lidarr 的搜索功能 (暂时不支持 Readarr),让我们可以用一个前端完成所有的搜索工作。

ombi

Ombi 是您友好的媒体请求工具,可自动与您的媒体服务器同步! 别担心,它对奶奶很友好,更重要的是; 有老婆认可证😂 – 来自 Ombi Github Repo

无中生有

当我们确定了需要的内容后,我们就需要软件来从网络中下载需要的资源到本地。因此我们就有了 qBittorrent(BT/PT) 以及 NZBGet(Usenet)。

qbt

qBittorrent 是一个用 C++/Qt 编程的 bittorrent 客户端,它使用 Arvid Norberg 的 libtorrent(有时称为 libtorrent-rasterbar)。它旨在成为所有其他 bittorrent 客户端的良好替代品。 qBittorrent 快速、稳定并提供 unicode 支持以及许多功能。 – 来自 qBittorrent Github Repo

NZBGet

NZBGet 是一个二进制下载器,它根据 nzb-files 中给出的信息从 Usenet 下载文件。NZBGet 是用 C++ 编写的,以其性能和效率而闻名。 – 来自 NZBGet Github Repo

锦上添花

在拿到了需要的资源后,很多时候它们并没有附带我们所需要的字幕,因此我们就需要从网络中下载字幕的软件。于是就有了 Bazarr 以及 Chinesesubfinder。

bazarr

Bazarr 是 Sonarr 和 Radarr 的配套应用程序。 它根据您的要求管理和下载字幕。 您可以通过电视节目或电影定义您的偏好,Bazarr 会为您处理一切。 – 来自 Bazarr Github Repo

chinesesubfinder

本项目的初衷仅仅是想自动化搞定限定条件下 中文 字幕下载。 – 来自 Chinesesubfinder Github Repo

放飞自我

一切都就绪了,是时候开始享受了。拿瓶快乐水,躺在沙发上,打开 Emby 。远离现实的嘈杂,开始欣赏属于另一个世界的故事吧!

emby

流程总结

那么现在让我们换个角度,从我们作为用户的角度出发总结一下发生了什么。

我们在Ombi(或者Sonarr等)中搜索了想要的内容,点击了添加至库存,等了一段时间,哇,Emby里面出现了!是不是很神奇?

千里之行始于足下

工作是为了躺平,现在让我们开始搭建吧。

以下案例中所有的代码均可在 这里 找到并复制黏贴。

本文使用 Debian Linux 操作系统以及 root 用户作为示范。默认用户名为admin,密码为adminadmin

1
password1="adminadmin"

文件架构

所有文件都需要放在同一个/data目录下以启用硬链接,更多内容请看 这个链接

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
data
├── torrents
│ ├── Movies
│ ├── Series
│ ├── Music
│ └── Books
│ └── XXX
│ └── Others
├── usenet
│ ├── Movies
│ ├── Series
│ ├── Music
│ └── Books
│ └── XXX
│ └── Others
└── media
├── Movies
├── Series
├── Music
├── Books
├── XXX
└── Others

新建文件夹

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
## 一级子目录(sonarr,radarr,lidarr,readarr Docker卷)
mkdir /data/
## 二级子目录(qbt,emby,bazarr Docker卷)
mkdir /data/torrents/
mkdir /data/usenet/
mkdir /data/media/
## BT/PT qBittorrent 下载位置
mkdir /data/torrents/Movies/
mkdir /data/torrents/Series/
mkdir /data/torrents/Music/
mkdir /data/torrents/Books/
mkdir /data/torrents/XXX/
mkdir /data/torrents/Others/
## Usenet NZBGet 下载位置
mkdir /data/usenet/Movies/
mkdir /data/usenet/Series/
mkdir /data/usenet/Music/
mkdir /data/usenet/Books/
mkdir /data/usenet/XXX/
mkdir /data/usenet/Others/
## Sonarr Radarr Lidarr Readarr Rootfolder
mkdir /data/media/Movies/
mkdir /data/media/Series/
mkdir /data/media/Music/
mkdir /data/media/Books/
mkdir /data/media/XXX/
mkdir /data/media/Others/

## 安装后面配置需要的软件

apt-get install xml-twig-tools lsb-release unzip sqlite3 jq sudo -y

## 新建软件配置文件夹

mkdir /usr/share/nginx/nzbget
mkdir /usr/share/nginx/nzbget/config
mkdir /usr/share/nginx/sonarr
mkdir /usr/share/nginx/sonarr/config
mkdir /usr/share/nginx/radarr
mkdir /usr/share/nginx/radarr/config
mkdir /usr/share/nginx/lidarr
mkdir /usr/share/nginx/lidarr/config
mkdir /usr/share/nginx/readarr
mkdir /usr/share/nginx/readarr/config
mkdir /usr/share/nginx/prowlarr
mkdir /usr/share/nginx/prowlarr/config
mkdir /usr/share/nginx/jackett
mkdir /usr/share/nginx/jackett/config
mkdir /usr/share/nginx/bazarr
mkdir /usr/share/nginx/bazarr/config
mkdir /usr/share/nginx/chinesesubfinder
mkdir /usr/share/nginx/chinesesubfinder/app/
mkdir /usr/share/nginx/chinesesubfinder/app/cache
mkdir /usr/share/nginx/chinesesubfinder/config
mkdir /usr/share/nginx/ombi
mkdir /usr/share/nginx/ombi/config

# DDNS 专用
mkdir /usr/share/nginx/ddclient

Nginx

因为没有人会想去记各个应用的端口号,因此我们需要安装Nginx并配置子目录以及反向代理。

安装Nginx

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
apt-get update
apt-get install ca-certificates lsb-release -y
apt-get install gnupg2 -y
touch /etc/apt/sources.list.d/nginx.list
cat > '/etc/apt/sources.list.d/nginx.list' << EOF
deb https://nginx.org/packages/mainline/debian/ $(lsb_release -cs) nginx
EOF
curl -fsSL https://nginx.org/keys/nginx_signing.key | apt-key add -
apt-get update
apt-get install nginx -y
cat > '/lib/systemd/system/nginx.service' << EOF
[Unit]
Description=The NGINX HTTP and reverse proxy server
Before=netdata.service trojan.service
After=syslog.target network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/usr/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT \$MAINPID
PrivateTmp=true
LimitNOFILE=65536
Restart=always
RestartSec=3s

[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload

配置NGINX主配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
  cat > '/etc/nginx/nginx.conf' << EOF
user nginx;
worker_processes auto;

error_log /var/log/nginx/error.log warn;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 65536;
use epoll;
multi_accept on;
}

http {

autoindex_exact_size off;
http2_push_preload on;
aio threads;
charset UTF-8;
tcp_nodelay on;
tcp_nopush on;
server_tokens off;

proxy_intercept_errors on;
proxy_http_version 1.1;
proxy_ssl_protocols TLSv1.2 TLSv1.3;
proxy_set_header Host \$http_host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;

include /etc/nginx/mime.types;
default_type application/octet-stream;

access_log /var/log/nginx/access.log;

log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
'\$status \$body_bytes_sent "\$http_referer" '
'"\$http_user_agent" "\$http_x_forwarded_for"';

sendfile on;
gzip on; # 本地Nas可以考虑把这个关掉节省CPU资源
gzip_proxied any;
gzip_types *;
gzip_comp_level 1;

include /etc/nginx/conf.d/default.conf;
}
EOF

启动Nginx

1
systemctl enable nginx --now

配置子目录以及反向代理

新建NGINX配置

1
2
rm /etc/nginx/conf.d/*.conf # 删除旧配置
touch /etc/nginx/conf.d/default.conf

写入新配置

1
nano /etc/nginx/conf.d/default.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
server {
listen 80 fastopen=20 reuseport default_server so_keepalive=on;
server_name _;
location / {
root /usr/share/nginx/html/;
}
location /qbt/ {
#access_log off;
proxy_pass http://127.0.0.1:8080/;
client_max_body_size 0;
proxy_set_header X-Forwarded-Host $http_host;
}
location /emby/ {
#access_log off;
proxy_pass http://127.0.0.1:8096/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_buffering off;
}
location /sonarr/ {
#access_log off;
proxy_pass http://127.0.0.1:8989/sonarr/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /radarr/ {
#access_log off;
proxy_pass http://127.0.0.1:7878/radarr/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /lidarr/ {
#access_log off;
proxy_pass http://127.0.0.1:8686/lidarr/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /readarr/ {
#access_log off;
proxy_pass http://127.0.0.1:8787/readarr/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /bazarr/ {
#access_log off;
proxy_pass http://127.0.0.1:6767/bazarr/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /chinesesubfinder/ {
#access_log off;
proxy_pass http://127.0.0.1:19035/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /prowlarr/ {
#access_log off;
proxy_pass http://127.0.0.1:9696/prowlarr/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /jackett/ {
#access_log off;
proxy_pass http://127.0.0.1:9117/jackett/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /ombi/ {
#access_log off;
proxy_pass http://127.0.0.1:3579/ombi/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /nzbget/ {
#access_log off;
proxy_pass http://127.0.0.1:6789/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
#proxy_buffering off;
}
location /rsshub/ {
proxy_redirect off;
proxy_pass http://127.0.0.1:1200/;
}
}

修改NGINX默认前端页面以方便进入

1
nano /usr/share/nginx/html/index.html

写入以下配置

2022.3.25 更新:新增Resilio Sync配置。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<h2>前端</h2>
<a href="http://10.0.0.1:80/emby/" target="_blank" rel="noreferrer">Emby</a>
<a href="http://10.0.0.1:80/ombi/" target="_blank" rel="noreferrer">Ombi</a>
<a href="http://10.0.0.1:8888" target="_blank" rel="noreferrer">Resilio-sync</a>
<h2>中间层</h2>
<a href="http://10.0.0.1:80/sonarr/" target="_blank" rel="noreferrer">Sonarr</a>
<a href="http://10.0.0.1:80/radarr/" target="_blank" rel="noreferrer">Radarr</a>
<a href="http://10.0.0.1:80/lidarr/" target="_blank" rel="noreferrer">Lidarr</a>
<a href="http://10.0.0.1:80/readarr/" target="_blank" rel="noreferrer">Readarr</a>
<h2>字幕</h2>
<a href="http://10.0.0.1:80/bazarr/" target="_blank" rel="noreferrer">Bazarr</a>
<a href="http://10.0.0.1:80/chinesesubfinder/" target="_blank" rel="noreferrer">Chinesesubfinder</a>
<h2>索引器</h2>
<a href="http://10.0.0.1:80/prowlarr/" target="_blank" rel="noreferrer">Prowlarr</a>
<a href="http://10.0.0.1:80/jackett/" target="_blank" rel="noreferrer">Jackett</a>
<a href="http://10.0.0.1:80/rsshub/" target="_blank" rel="noreferrer">Rsshub</a>
<h2>下载器</h2>
<a href="http://10.0.0.1:80/qbt/" target="_blank" rel="noreferrer">Qbittorrent</a>
<a href="http://10.0.0.1:80/nzbget/" target="_blank" rel="noreferrer">Nzbget</a>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

10.0.0.1 替换成你自己 Nas/VPS 的IP,效果图如下

nginx

  1. 使配置生效
1
nginx -t && nginx -s reload
  1. VPS请记得去自行配置SSL证书并修改NGINX配置。

Docker

安装Docker

1
2
3
4
5
6
apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
#apt-key fingerprint 0EBFCD88
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io -y

安装Docker-compose

1
2
3
dockerver=$(curl --retry 5 -s "https://api.github.com/repos/docker/compose/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/') # 获取最新版Docker-compose
sudo curl --retry 5 -L "https://github.com/docker/compose/releases/download/${dockerver}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

Emby

安装Emby

1
2
3
4
apt install -y apt-transport-https
curl --retry 5 -LO https://github.com/MediaBrowser/Emby.Releases/releases/download/4.7.0.32/emby-server-deb_4.7.0.32_amd64.deb
dpkg -i emby-server*.deb
rm emby-server-*.deb

qBittorrent

安装 qBittorrent 加强版

有些 PT 站可能指名不得使用这个版本,如遇此情况,请用原版。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
mkdir /root/qbt
cd /root/qbt
qbtver=$(curl --retry 5 -s "https://api.github.com/repos/c0re100/qBittorrent-Enhanced-Edition/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
curl --retry 5 -LO https://github.com/c0re100/qBittorrent-Enhanced-Edition/releases/download/${qbtver}/qbittorrent-enhanced-nox_x86_64-linux-musl_static.zip
unzip -o qb*.zip
rm qb*.zip
cp -f qb* /usr/bin/
chmod +x /usr/bin/qbittorrent-nox
cd /root
rm -rf /root/qbt
cat > '/etc/systemd/system/qbittorrent.service' << EOF
[Unit]
Description=qBittorrent Daemon Service
Documentation=https://github.com/c0re100/qBittorrent-Enhanced-Edition
Wants=network-online.target
After=network-online.target nss-lookup.target

[Service]
Type=simple
User=root
RemainAfterExit=yes
ExecStart=/usr/bin/qbittorrent-nox --profile=/usr/share/nginx/
TimeoutStopSec=infinity
LimitNOFILE=65536
Restart=always
RestartSec=3s

[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable qbittorrent.service

下载mmdb这样peer的国旗才会显示

1
2
3
4
5
6
mkdir /usr/share/nginx/qBittorrent/
mkdir /usr/share/nginx/qBittorrent/data/
mkdir /usr/share/nginx/qBittorrent/data/GeoIP/
cd /usr/share/nginx/qBittorrent/data/GeoIP/
curl -LO --progress-bar https://raw.githubusercontent.com/johnrosen1/vpstoolbox/master/binary/GeoLite2-Country.mmdb
systemctl restart qbittorrent

修改性能设置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

cpu_thread_count=$(nproc --all)
io_thread=$((${cpu_thread_count}*4))

qbtcookie=$(curl -i --header 'Referer: http://127.0.0.1:8080' --data 'username=admin&password=adminadmin' http://127.0.0.1:8080/api/v2/auth/login | grep -i set-cookie | cut -c13-48) # adminadmin 为 webui 默认密码

curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22auto_delete_mode%22:1%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22async_io_threads%22:${io_thread}%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22preallocate_all%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22customize_trackers_list_url%22:%22https:%2f%2ftrackerslist.com%2fall.txt%22%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22auto_update_trackers_enabled%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22idn_support_enabled%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22enable_multi_connections_from_same_ip%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22add_trackers_enabled%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22announce_to_all_tiers%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22announce_to_all_trackers%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22announce_to_all_trackers%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22limit_utp_rate%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22limit_tcp_overhead%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22limit_lan_peers%22:false%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22enable_os_cache%22:false%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22alternative_webui_enabled%22:false%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22web_ui_upnp%22:false%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22alternative_webui_path%22:%22%2fusr%2fshare%2fnginx%2fqBittorrent%2fweb%2f%22%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22max_connec%22:-1%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22max_connec_per_torrent%22:-1%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22web_ui_address%22:%22127.0.0.1%22%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22validate_https_tracker_certificate%22:false%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22peer_tos%22:0%7D --cookie "${qbtcookie}"
## 设置自动管理以及默认下载位置
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22auto_tmm_enabled%22:true%7D --cookie "${qbtcookie}"
curl http://127.0.0.1:8080/api/v2/app/setPreferences?json=%7B%22save_path%22:%22%2fdata%2fmedia%2f%22%7D --cookie "${qbtcookie}"

新增分类及对应的下载位置

1
2
3
4
5
6
curl -X POST -F 'category=Series' -F 'savePath=/data/torrents/Series/' http://127.0.0.1:8080/api/v2/torrents/createCategory --cookie "${qbtcookie}"
curl -X POST -F 'category=Movies' -F 'savePath=/data/torrents/Movies/' http://127.0.0.1:8080/api/v2/torrents/createCategory --cookie "${qbtcookie}"
curl -X POST -F 'category=Music' -F 'savePath=/data/torrents/Music/' http://127.0.0.1:8080/api/v2/torrents/createCategory --cookie "${qbtcookie}"
curl -X POST -F 'category=Bookes' -F 'savePath=/data/torrents/Books/' http://127.0.0.1:8080/api/v2/torrents/createCategory --cookie "${qbtcookie}"
curl -X POST -F 'category=XXX' -F 'savePath=/data/torrents/XXX/' http://127.0.0.1:8080/api/v2/torrents/createCategory --cookie "${qbtcookie}"
curl -X POST -F 'category=Others' -F 'savePath=/data/torrents/Others/' http://127.0.0.1:8080/api/v2/torrents/createCategory --cookie "${qbtcookie}"

Docker-compose配置文件及命令行配置

命令行配置是为了解决我作为用户每次都要去网页上手动配置的痛点而开发的。使用 Docker-compose 主要是为了方便部署,更新与维护。

Rsshub为可选项,主要用于爬取不提供RSS/API的网站。

2022.3.22 更新:由于官方版本的 NZBGet 不支援 TLS1.3,所以我自己构建了一个 Docker image 以支援 TLS1.3

2022.3.25 更新:新增Resilio Sync可选项。

2022.3.31 更新:新增Autoheal用于全自动重启掉线容器。

2022.4.6 更新: 新增ddclient内容。

写入Docker-compose配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
cd /data/ # 放在同一个目录下方便管理
cat > "docker-compose.yml" << EOF
version: "3.8"
services:
nzbget:
# 6789
network_mode: host
image: johnrosen/nzbget:latest
container_name: nzbget
environment:
- PUID=0
- PGID=0
- TZ=Asia/Shanghai
volumes:
- /usr/share/nginx/nzbget/config:/config
- /data/usenet:/data/usenet:rw
- /ssd:/ssd:rw
restart: always
sonarr:
# 8989
network_mode: host
image: lscr.io/linuxserver/sonarr
container_name: sonarr
environment:
- PUID=0
- PGID=0
- TZ=Asia/Shanghai
volumes:
- /usr/share/nginx/sonarr/config:/config
- /data:/data
- /ssd:/ssd
restart: always
radarr:
# 7878
network_mode: host
image: lscr.io/linuxserver/radarr
container_name: radarr
environment:
- PUID=0
- PGID=0
- TZ=Asia/Shanghai
volumes:
- /usr/share/nginx/radarr/config:/config
- /data:/data
- /ssd:/ssd
restart: always
lidarr:
# 8686
network_mode: host
image: lscr.io/linuxserver/lidarr
container_name: lidarr
environment:
- PUID=0
- PGID=0
- TZ=Asia/Shanghai
volumes:
- /usr/share/nginx/lidarr/config:/config
- /data:/data
- /ssd:/ssd
restart: always
readarr:
# 8787
network_mode: host
image: lscr.io/linuxserver/readarr:develop
container_name: readarr
environment:
- PUID=0
- PGID=0
- TZ=Asia/Shanghai
volumes:
- /usr/share/nginx/readarr/config:/config
- /data:/data
- /ssd:/ssd
restart: always
prowlarr:
# 9696
network_mode: host
image: lscr.io/linuxserver/prowlarr:develop
container_name: prowlarr
environment:
- PUID=0
- PGID=0
- TZ=Asia/Shanghai
volumes:
- /usr/share/nginx/prowlarr/config:/config
restart: always
# jackett:
# #9117
# network_mode: host
# image: lscr.io/linuxserver/jackett
# container_name: jackett
# environment:
# - PUID=0
# - PGID=0
# - TZ=Asia/Shanghai
# volumes:
# - /usr/share/nginx/jackett/config:/config
# restart: always
flaresolverr:
# 8191
network_mode: host
image: flaresolverr/flaresolverr
container_name: flaresolverr
environment:
- LOG_LEVEL=${LOG_LEVEL:-info}
- LOG_HTML=${LOG_HTML:-false}
- CAPTCHA_SOLVER=${CAPTCHA_SOLVER:-none}
- TZ=Asia/Shanghai
restart: always
bazarr:
# 6767
network_mode: host
image: lscr.io/linuxserver/bazarr
container_name: bazarr
environment:
- PUID=0
- PGID=0
- TZ=Asia/Shanghai
volumes:
- /usr/share/nginx/bazarr/config:/config
- /data/media/:/data/media
restart: always
chinesesubfinder:
# 19035
network_mode: host
image: allanpk716/chinesesubfinder:latest
container_name: chinesesubfinder
environment:
- PUID=0
- PGID=0
- TZ=Asia/Shanghai
volumes:
- /usr/share/nginx/chinesesubfinder/app/cache:/app/cache
- /usr/share/nginx/chinesesubfinder/config:/config
- /data:/data
restart: always
ombi:
# 3579
network_mode: host
image: lscr.io/linuxserver/ombi
container_name: ombi
environment:
- PUID=0
- PGID=0
- TZ=Asia/Shanghai
- BASE_URL=/ombi
volumes:
- /usr/share/nginx/ombi/config:/config
restart: always
# resilio-sync:
# # 8888
# network_mode: host
# image: lscr.io/linuxserver/resilio-sync
# container_name: resilio-sync
# environment:
# - PUID=0
# - PGID=0
# - TZ=Asia/Shanghai
# volumes:
# - /usr/share/nginx/resilio/config:/config
# - /data/resilio/downloads:/data/resilio/downloads
# - /data/resilio:/data/resilio
# - /ssd:/ssd
# restart: always
# miniflux:
# # 8288
# image: miniflux/miniflux:latest
# container_name: miniflux
# restart: always
# ports:
# - "8288:8080"
# depends_on:
# - postgresql
# environment:
# - DATABASE_URL=postgres://miniflux:[email protected]/miniflux?sslmode=disable
# - RUN_MIGRATIONS=1
# - CREATE_ADMIN=1
# - ADMIN_USERNAME=admin
# - ADMIN_PASSWORD=adminadmin
# postgresql:
# image: postgres:latest
# container_name: postgresql
# restart: always
# environment:
# - POSTGRES_USER=miniflux
# - POSTGRES_PASSWORD=adminadmin
# volumes:
# - miniflux-db:/var/lib/postgresql/data
# healthcheck:
# test: [ "CMD", "pg_isready", "-U", "miniflux" ]
# interval: 10s
# start_period: 30s
# rsshub:
# # 1200
# network_mode: host
# image: diygod/rsshub
# container_name: rsshub
# environment:
# # PROXY_URI: 'http://127.0.0.1:8080'
# NODE_ENV: production
# CACHE_TYPE: redis
# REDIS_URL: 'redis://127.0.0.1:6379/'
# PUPPETEER_WS_ENDPOINT: 'ws://browserless:3000'
# depends_on:
# - browserless
# restart: always
# browserless:
# # 3000
# network_mode: host
# image: browserless/chrome
# container_name: browserless
# restart: always
# ipfs:
# # 4001 5001 8788
# network_mode: host
# image: ipfs/go-ipfs
# container_name: ipfs
# restart: always
# volumes:
# - ipfs_path:/ssd/ipfs
# - ipfs_fuse:/ssd/ipfs
# - ipns_fuse:/ssd/ipfs/ipns
# - /ssd:/ssd
# environment:
# - IPFS_PATH=/ssd/ipfs
# photoprism:
# # 2342
# ports:
# - "2342:2342"
# image: photoprism/photoprism:latest
# container_name: photoprism
# depends_on:
# - mariadb
# restart: always
# security_opt:
# - seccomp:unconfined
# - apparmor:unconfined
# environment:
# PHOTOPRISM_ADMIN_PASSWORD: "adminadmin" # !!! PLEASE CHANGE YOUR INITIAL "admin" PASSWORD !!!
# PHOTOPRISM_SITE_URL: "http://0.0.0.0:2342/" # public server URL incl http:// or https:// and /path, :port is optional
# PHOTOPRISM_ORIGINALS_LIMIT: 50 # file size limit for originals in MB (increase for high-res video)
# PHOTOPRISM_HTTP_COMPRESSION: "none" # improves transfer speed and bandwidth utilization (none or gzip)
# PHOTOPRISM_DEBUG: "false" # run in debug mode (shows additional log messages)
# PHOTOPRISM_PUBLIC: "false" # no authentication required (disables password protection)
# PHOTOPRISM_READONLY: "false" # don't modify originals directory (reduced functionality)
# PHOTOPRISM_EXPERIMENTAL: "false" # enables experimental features
# PHOTOPRISM_DISABLE_CHOWN: "false" # disables storage permission updates on startup
# PHOTOPRISM_DISABLE_WEBDAV: "false" # disables built-in WebDAV server
# PHOTOPRISM_DISABLE_SETTINGS: "false" # disables Settings in Web UI
# PHOTOPRISM_DISABLE_TENSORFLOW: "false" # disables all features depending on TensorFlow
# PHOTOPRISM_DISABLE_FACES: "false" # disables facial recognition
# PHOTOPRISM_DISABLE_CLASSIFICATION: "false" # disables image classification
# PHOTOPRISM_DARKTABLE_PRESETS: "false" # enables Darktable presets and disables concurrent RAW conversion
# PHOTOPRISM_DETECT_NSFW: "false" # flag photos as private that MAY be offensive (requires TensorFlow)
# PHOTOPRISM_UPLOAD_NSFW: "true" # allows uploads that MAY be offensive
# PHOTOPRISM_DATABASE_DRIVER: "mysql" # use MariaDB 10.5+ or MySQL 8+ instead of SQLite for improved performance
# PHOTOPRISM_DATABASE_SERVER: "mariadb:3306" # MariaDB or MySQL database server (hostname:port)
# PHOTOPRISM_DATABASE_NAME: "photoprism" # MariaDB or MySQL database schema name
# PHOTOPRISM_DATABASE_USER: "photoprism" # MariaDB or MySQL database user name
# PHOTOPRISM_DATABASE_PASSWORD: "adminadmin" # MariaDB or MySQL database user password
# PHOTOPRISM_SITE_TITLE: "PhotoPrism"
# PHOTOPRISM_SITE_CAPTION: "AI-Powered Photos App"
# PHOTOPRISM_SITE_DESCRIPTION: ""
# PHOTOPRISM_SITE_AUTHOR: ""
# ## Run/install on first startup (options: update, gpu, tensorflow, davfs, nano, clean):
# PHOTOPRISM_INIT: "gpu tensorflow"
# ## Hardware video transcoding config (optional)
# PHOTOPRISM_FFMPEG_BUFFERS: "64" # FFmpeg capture buffers (default: 32)
# # PHOTOPRISM_FFMPEG_BITRATE: "32" # FFmpeg encoding bitrate limit in Mbit/s (default: 50)
# # PHOTOPRISM_FFMPEG_ENCODER: "h264_v4l2m2m" # use Video4Linux for AVC transcoding (default: libx264)
# PHOTOPRISM_FFMPEG_ENCODER: "h264_qsv" # use Intel Quick Sync Video for AVC transcoding (default: libx264)
# HOME: "/photoprism"
# devices:
# - "/dev/dri:/dev/dri"
# working_dir: "/photoprism"
# volumes:
# - "/data:/photoprism/originals"
# - "/ssd/photoprism:/photoprism/storage"
# mariadb:
# restart: always
# image: mariadb:latest
# container_name: mariadb
# security_opt:
# - seccomp:unconfined
# - apparmor:unconfined
# command: mysqld --innodb-buffer-pool-size=1G --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120
# volumes:
# - "/ssd/mariadb:/var/lib/mysql"
# environment:
# MYSQL_ROOT_PASSWORD: adminadmin
# MYSQL_DATABASE: photoprism
# MYSQL_USER: photoprism
# MYSQL_PASSWORD: adminadmin
alist:
# 5244
network_mode: host
image: xhofe/alist:latest
container_name: alist
restart: always
devices:
- "/dev/dri:/dev/dri"
volumes:
- /etc/alist:/opt/alist/data
- /onedrive:/onedrive
- /ssd:/ssd
# ddclient:
# image: lscr.io/linuxserver/ddclient
# container_name: ddclient
# environment:
# - PUID=0
# - PGID=0
# - TZ=Asia/Shanghai
# volumes:
# - /usr/share/nginx/ddclient:/config
# restart: always
# dashy:
# image: lissy93/dashy
# container_name: Dashy
# volumes:
# - /root/.config/dashy/conf.yml:/app/public/conf.yml
# ports:
# - 4000:80
# environment:
# - NODE_ENV=production
# - UID=0
# - GID=0
# restart: always
# healthcheck:
# test: [ 'CMD', 'node', '/app/services/healthcheck' ]
# interval: 1m30s
# timeout: 10s
# retries: 3
# start_period: 40s
# uptime-kuma:
# image: louislam/uptime-kuma:latest
# container_name: uptime-kuma
# volumes:
# - /usr/share/nginx/uptime:/app/data
# ports:
# - 3001:3001
# environment:
# - UPTIME_KUMA_CLOUDFLARED_TOKEN=
# restart: always
autoheal:
image: willfarrell/autoheal
container_name: autoheal
restart: always
environment:
- AUTOHEAL_CONTAINER_LABEL=all
volumes:
- /var/run/docker.sock:/var/run/docker.sock
watchtower:
image: containrrr/watchtower
container_name: watchtower
environment:
- TZ=Asia/Shanghai
volumes:
- /var/run/docker.sock:/var/run/docker.sock
command: --cleanup --schedule "0 0 3 * * *"
restart: always
volumes:
miniflux-db:
ipfs_path:
ipfs_fuse:
ipns_fuse:

EOF

我不想管烦人的权限问题,所以全部用 root (PUID=0) 运行。

Docker watchtower 用于全自动化地更新所有 Docker image。

拉取Docker images并等待60秒让程序初始化。

1
docker-compose up -d && sleep 60s

关闭所有程序进行配置

1
docker-compose down

配置 NZBGet

2022.3.20 更新:修改 NZBGet 可用下载队列为最大值;新增程序写入缓存配置。

2022.3.22 更新:修正 Server1.Cpiher , 更换 SSLv3 协议为 TLS1.2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# 修改下载位置
sed -i "s/MainDir=\/downloads/MainDir=\/data\/usenet\//g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/DestDir=\${MainDir}\/completed/DestDir=\${MainDir}/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/ControlIP=0.0.0.0/ControlIP=127.0.0.1/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/ControlUsername=nzbget/ControlUsername=admin/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/FormAuth=no/FormAuth=yes/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/AuthorizedIP=127.0.0.1/AuthorizedIP=/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/ControlPassword=tegbzn6789/ControlPassword=${password1}/g" /usr/share/nginx/nzbget/config/nzbget.conf
# 修改Usenet Server相关信息
sed -i "s/Server1.Port=119/Server1.Port=563/g" /usr/share/nginx/nzbget/config/nzbget.conf
# 已更新为 TLS1.2
sed -i "s/Server1.Cipher=/Server1.Cipher=ECDHE-ECDSA-AES128-GCM-SHA256/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/Server1.Encryption=no/Server1.Encryption=yes/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/Server1.Connections=4/Server1.Connections=50/g" /usr/share/nginx/nzbget/config/nzbget.conf
# 单文件连接数上限,建议为 1。
sed -i "s/UrlConnections=4/UrlConnections=1/g" /usr/share/nginx/nzbget/config/nzbget.conf
# 新增分类
sed -i "s/Category4.Name=Software/Category4.Name=Books/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i '/^Category4.Name=Books/a Category5.Name=XXX' /usr/share/nginx/nzbget/config/nzbget.conf
sed -i '/^Category5.Name=XXX/a Category6.Name=Others' /usr/share/nginx/nzbget/config/nzbget.conf
# 修改可用下载队列为最大值。
sed -i "s/PostStrategy=sequential/PostStrategy=rocket/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/PostStrategy=balanced/PostStrategy=rocket/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/PostStrategy=aggressive/PostStrategy=rocket/g" /usr/share/nginx/nzbget/config/nzbget.conf
# 提升下载效率
sed -i "s/DirectUnpack=no/DirectUnpack=yes/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/DirectRename=no/DirectRename=yes/g" /usr/share/nginx/nzbget/config/nzbget.conf
# 修改写入缓存大小(程序缓存)
sed -i "s/ArticleCache=0/ArticleCache=200/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/WriteBuffer=0/WriteBuffer=1024/g" /usr/share/nginx/nzbget/config/nzbget.conf
# 修改重试次数
sed -i "s/ArticleRetries=3/ArticleRetries=99/g" /usr/share/nginx/nzbget/config/nzbget.conf
sed -i "s/UrlRetries=3/UrlRetries=99/g" /usr/share/nginx/nzbget/config/nzbget.conf

配置 Sonarr

配置项目及内容大同小异,因此雷同注释仅标注一次。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
# 修改baseurl
sed -i "s/<UrlBase><\/UrlBase>/<UrlBase>\/sonarr\/<\/UrlBase>/g" /usr/share/nginx/sonarr/config/config.xml
sed -i '$d' /usr/share/nginx/sonarr/config/config.xml
# 关闭信息收集
echo ' <AnalyticsEnabled>False</AnalyticsEnabled>' >> /usr/share/nginx/sonarr/config/config.xml
echo '</Config>' >> /usr/share/nginx/sonarr/config/config.xml
# 新增根目录
sqlite3 /usr/share/nginx/sonarr/config/sonarr.db "insert into RootFolders values ('1','/data/media/Series/');"
# 开启刮削
sqlite3 /usr/share/nginx/sonarr/config/sonarr.db "DELETE FROM Metadata WHERE Id = 1;"
sqlite3 /usr/share/nginx/sonarr/config/sonarr.db "insert into Metadata values ('1','1','Kodi (XBMC) / Emby','XbmcMetadata','{
\"seriesMetadata\": true,
\"seriesMetadataUrl\": false,
\"episodeMetadata\": true,
\"seriesImages\": true,
\"seasonImages\": true,
\"episodeImages\": true,
\"isValid\": true
}','XbmcMetadataSettings');"
# 修改语言为简体中文,繁体中文以及英文
sqlite3 /usr/share/nginx/sonarr/config/sonarr.db "DELETE FROM LanguageProfiles WHERE Id = 1;"
sqlite3 /usr/share/nginx/sonarr/config/sonarr.db "insert into LanguageProfiles values ('1','Chinese','[
{
\"language\": 0,
\"allowed\": false
},
{
\"language\": 13,
\"allowed\": false
},
{
\"language\": 17,
\"allowed\": false
},
{
\"language\": 14,
\"allowed\": false
},
{
\"language\": 3,
\"allowed\": false
},
{
\"language\": 11,
\"allowed\": false
},
{
\"language\": 18,
\"allowed\": false
},
{
\"language\": 12,
\"allowed\": false
},
{
\"language\": 15,
\"allowed\": false
},
{
\"language\": 24,
\"allowed\": false
},
{
\"language\": 21,
\"allowed\": false
},
{
\"language\": 5,
\"allowed\": false
},
{
\"language\": 9,
\"allowed\": false
},
{
\"language\": 22,
\"allowed\": false
},
{
\"language\": 27,
\"allowed\": false
},
{
\"language\": 23,
\"allowed\": false
},
{
\"language\": 20,
\"allowed\": false
},
{
\"language\": 4,
\"allowed\": false
},
{
\"language\": 2,
\"allowed\": false
},
{
\"language\": 19,
\"allowed\": false
},
{
\"language\": 16,
\"allowed\": false
},
{
\"language\": 7,
\"allowed\": false
},
{
\"language\": 6,
\"allowed\": false
},
{
\"language\": 25,
\"allowed\": false
},
{
\"language\": 28,
\"allowed\": false
},
{
\"language\": 26,
\"allowed\": false
},
{
\"language\": 8,
\"allowed\": true
},
{
\"language\": 1,
\"allowed\": true
},
{
\"language\": 10,
\"allowed\": true
}
]','10','0');"
# 开启重命名
sqlite3 /usr/share/nginx/sonarr/config/sonarr.db "DELETE FROM NamingConfig WHERE Id = 1;"
sqlite3 /usr/share/nginx/sonarr/config/sonarr.db "insert into NamingConfig values ('1','0','1','{Series Title} - S{season:00}E{episode:00} - {Episode Title} {Quality Full}','{Series Title} - {Air-Date} - {Episode Title} {Quality Full}','Season {season}','{Series Title}','{Series Title} - S{season:00}E{episode:00} - {Episode Title} {Quality Full}','1','Specials');"
# 新增qBittorrent 下载客户端
sqlite3 /usr/share/nginx/sonarr/config/sonarr.db "insert into DownloadClients values ('1','1','qBittorrent_Series','QBittorrent','{
\"host\": \"127.0.0.1\",
\"port\": 8080,
\"useSsl\": false,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"tvCategory\": \"Series\",
\"recentTvPriority\": 0,
\"olderTvPriority\": 0,
\"initialState\": 0,
\"sequentialOrder\": false,
\"firstAndLast\": false
}','QBittorrentSettings','1','1','1');"
# 新增NZBGet 下载客户端
sqlite3 /usr/share/nginx/sonarr/config/sonarr.db "insert into DownloadClients values ('2','1','NZBGet_Series','Nzbget','{
\"host\": \"127.0.0.1\",
\"port\": 6789,
\"useSsl\": false,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"tvCategory\": \"Series\",
\"recentTvPriority\": 0,
\"olderTvPriority\": 0,
\"addPaused\": false
}','NzbgetSettings','1','1','1');"
# 获取Sonarr api,后面要用到
sonarr_api=$(xml_grep 'ApiKey' /usr/share/nginx/sonarr/config/config.xml --text_only)

配置 Radarr

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
sed -i "s/<UrlBase><\/UrlBase>/<UrlBase>\/radarr\/<\/UrlBase>/g" /usr/share/nginx/radarr/config/config.xml
sed -i '$d' /usr/share/nginx/radarr/config/config.xml
echo ' <AnalyticsEnabled>False</AnalyticsEnabled>' >> /usr/share/nginx/radarr/config/config.xml
echo '</Config>' >> /usr/share/nginx/radarr/config/config.xml
sqlite3 /usr/share/nginx/radarr/config/radarr.db "insert into RootFolders values ('1','/data/media/Movies/');"
sqlite3 /usr/share/nginx/radarr/config/radarr.db "insert into Config values ('6','movieinfolanguage','10');"
sqlite3 /usr/share/nginx/radarr/config/radarr.db "insert into Config values ('7','uilanguage','10');"
sqlite3 /usr/share/nginx/radarr/config/radarr.db "UPDATE Metadata SET Enable = 1 WHERE Id = 1;"
sqlite3 /usr/share/nginx/radarr/config/radarr.db "DELETE FROM Metadata WHERE Id = 1;"
sqlite3 /usr/share/nginx/radarr/config/radarr.db "insert into Metadata values ('1','1','Kodi (XBMC) / Emby','XbmcMetadata','{
\"movieMetadata\": true,
\"movieMetadataURL\": false,
\"movieMetadataLanguage\": 10,
\"movieImages\": true,
\"useMovieNfo\": false,
\"isValid\": true
}','XbmcMetadataSettings');"
sqlite3 /usr/share/nginx/radarr/config/radarr.db "DELETE FROM NamingConfig WHERE Id = 1;"
sqlite3 /usr/share/nginx/radarr/config/radarr.db "insert into NamingConfig values ('1','0','1','{Movie Title} ({Release Year}) {Quality Full}','{Movie Title} ({Release Year})','0','1');"
sqlite3 /usr/share/nginx/radarr/config/radarr.db "insert into DownloadClients values ('1','1','qBittorrent','QBittorrent','{
\"host\": \"127.0.0.1\",
\"port\": 8080,
\"useSsl\": false,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"movieCategory\": \"Movies\",
\"recentTvPriority\": 0,
\"olderTvPriority\": 0,
\"initialState\": 0
}','QBittorrentSettings','1','1','1');"

sqlite3 /usr/share/nginx/radarr/config/radarr.db "insert into DownloadClients values ('2','1','NZBGet','Nzbget','{
\"host\": \"127.0.0.1\",
\"port\": 6789,
\"useSsl\": false,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"movieCategory\": \"Movies\",
\"recentMoviePriority\": 0,
\"olderMoviePriority\": 0,
\"addPaused\": false
}','NzbgetSettings','1','1','1');"
radarr_api=$(xml_grep 'ApiKey' /usr/share/nginx/radarr/config/config.xml --text_only)

配置Lidarr

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
sed -i "s/<UrlBase><\/UrlBase>/<UrlBase>\/lidarr\/<\/UrlBase>/g" /usr/share/nginx/lidarr/config/config.xml
sed -i '$d' /usr/share/nginx/lidarr/config/config.xml
echo ' <AnalyticsEnabled>False</AnalyticsEnabled>' >> /usr/share/nginx/lidarr/config/config.xml
echo '</Config>' >> /usr/share/nginx/lidarr/config/config.xml
sqlite3 /usr/share/nginx/lidarr/config/lidarr.db "insert into RootFolders values ('1','/data/media/Music/','music','1','1','0','[]');"
sqlite3 /usr/share/nginx/lidarr/config/lidarr.db "DELETE FROM Metadata WHERE Id = 1;"
sqlite3 /usr/share/nginx/lidarr/config/lidarr.db "insert into Metadata values ('1','1','Kodi (XBMC) / Emby','XbmcMetadata','{
\"artistMetadata\": true,
\"albumMetadata\": true,
\"artistImages\": true,
\"albumImages\": true,
\"isValid\": true
}','XbmcMetadataSettings');"
sqlite3 /usr/share/nginx/lidarr/config/lidarr.db "DELETE FROM NamingConfig WHERE Id = 1;"
sqlite3 /usr/share/nginx/lidarr/config/lidarr.db "insert into NamingConfig values ('1','1','{Artist Name}','1','{Album Title} ({Release Year})/{Artist Name} - {Album Title} - {track:00} - {Track Title}','{Album Title} ({Release Year})/{Medium Format} {medium:00}/{Artist Name} - {Album Title} - {track:00} - {Track Title}');"
sqlite3 /usr/share/nginx/lidarr/config/lidarr.db "insert into DownloadClients values ('1','1','qBittorrent','QBittorrent','{
\"host\": \"127.0.0.1\",
\"port\": 8080,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"musicCategory\": \"Music\",
\"recentTvPriority\": 0,
\"olderTvPriority\": 0,
\"initialState\": 0,
\"useSsl\": false
}','QBittorrentSettings','1');"

sqlite3 /usr/share/nginx/lidarr/config/lidarr.db "insert into DownloadClients values ('2','1','NZBGet','Nzbget','{
\"host\": \"127.0.0.1\",
\"port\": 6789,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"musicCategory\": \"Music\",
\"recentTvPriority\": 0,
\"olderTvPriority\": 0,
\"addPaused\": false,
\"useSsl\": false
}','NzbgetSettings','1');"
lidarr_api=$(xml_grep 'ApiKey' /usr/share/nginx/lidarr/config/config.xml --text_only)

配置 Readarr

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
sed -i "s/<UrlBase><\/UrlBase>/<UrlBase>\/readarr\/<\/UrlBase>/g" /usr/share/nginx/readarr/config/config.xml
sed -i '$d' /usr/share/nginx/readarr/config/config.xml
echo ' <AnalyticsEnabled>False</AnalyticsEnabled>' >> /usr/share/nginx/readarr/config/config.xml
echo '</Config>' >> /usr/share/nginx/readarr/config/config.xml
# sqlite3 /usr/share/nginx/readarr/config/readarr.db "insert into RootFolders values ('1','/data/media/Books/','Books','1','1','0','[]','0','','0');"
sqlite3 /usr/share/nginx/readarr/config/readarr.db "DELETE FROM NamingConfig WHERE Id = 1;"
sqlite3 /usr/share/nginx/readarr/config/readarr.db "insert into NamingConfig values ('1','1','{Author Name}','1','{Book Title}/{Author Name} - {Book Title}{ (PartNumber)}');"
sqlite3 /usr/share/nginx/readarr/config/readarr.db "insert into Config values ('6','uilanguage','10');"
sqlite3 /usr/share/nginx/readarr/config/readarr.db "insert into DownloadClients values ('1','1','qBittorrent','QBittorrent','{
\"host\": \"127.0.0.1\",
\"port\": 8080,
\"useSsl\": false,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"musicCategory\": \"Books\",
\"recentTvPriority\": 0,
\"olderTvPriority\": 0,
\"initialState\": 0
}','QBittorrentSettings','1');"

sqlite3 /usr/share/nginx/readarr/config/readarr.db "insert into DownloadClients values ('2','1','NZBGet','Nzbget','{
\"host\": \"127.0.0.1\",
\"port\": 6789,
\"useSsl\": false,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"musicCategory\": \"Books\",
\"recentTvPriority\": 0,
\"olderTvPriority\": 0,
\"addPaused\": false
}','NzbgetSettings','1');"
readarr_api=$(xml_grep 'ApiKey' /usr/share/nginx/readarr/config/config.xml --text_only)

配置 prowlarr

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
sed -i "s/<UrlBase><\/UrlBase>/<UrlBase>\/prowlarr\/<\/UrlBase>/g" /usr/share/nginx/prowlarr/config/config.xml
sed -i '$d' /usr/share/nginx/prowlarr/config/config.xml
echo ' <AnalyticsEnabled>False</AnalyticsEnabled>' >> /usr/share/nginx/prowlarr/config/config.xml
echo '</Config>' >> /usr/share/nginx/prowlarr/config/config.xml
# 将prowlarr与Sonarr等链接以实现indexers同步
add_prowlarr_sonarr_radarr_lidarr_readarr(){
cat > "add1.sh" << "EOF"
#!/usr/bin/env bash
sqlite3 /usr/share/nginx/prowlarr/config/prowlarr.db "insert into Applications values ('1','Sonarr','Sonarr','{
\"prowlarrUrl\": \"http://127.0.0.1:9696\",
\"baseUrl\": \"http://127.0.0.1:8989/sonarr\",
\"apiKey\": \"adminadmin\",
\"syncCategories\": [
5000,
5010,
5020,
5030,
5040,
5045,
5050
],
\"animeSyncCategories\": [
5070
]
}','SonarrSettings','2','[]');"
EOF
sed -i "s/adminadmin/${sonarr_api}/g" add1.sh
bash add1.sh
rm add1.sh

cat > "add2.sh" << "EOF"
#!/usr/bin/env bash
sqlite3 /usr/share/nginx/prowlarr/config/prowlarr.db "insert into Applications values ('2','Radarr','Radarr','{
\"prowlarrUrl\": \"http://127.0.0.1:9696\",
\"baseUrl\": \"http://127.0.0.1:7878/radarr\",
\"apiKey\": \"adminadmin\",
\"syncCategories\": [
2000,
2010,
2020,
2030,
2040,
2045,
2050,
2060,
2070,
2080
]
}','RadarrSettings','2','[]');"
EOF
sed -i "s/adminadmin/${radarr_api}/g" add2.sh
bash add2.sh
rm add2.sh

cat > "add3.sh" << "EOF"
#!/usr/bin/env bash
sqlite3 /usr/share/nginx/prowlarr/config/prowlarr.db "insert into Applications values ('3','Lidarr','Lidarr','{
\"prowlarrUrl\": \"http://127.0.0.1:9696\",
\"baseUrl\": \"http://127.0.0.1:8686/lidarr\",
\"apiKey\": \"adminadmin\",
\"syncCategories\": [
3000,
3010,
3030,
3040,
3050,
3060
]
}','LidarrSettings','2','[]');"
EOF
sed -i "s/adminadmin/${lidarr_api}/g" add3.sh
bash add3.sh
rm add3.sh

cat > "add4.sh" << "EOF"
#!/usr/bin/env bash
sqlite3 /usr/share/nginx/prowlarr/config/prowlarr.db "insert into Applications values ('4','Readarr','Readarr','{
\"prowlarrUrl\": \"http://127.0.0.1:9696\",
\"baseUrl\": \"http://127.0.0.1:8787/readarr\",
\"apiKey\": \"adminadmin\",
\"syncCategories\": [
3030,
7000,
7010,
7020,
7030,
7040,
7050,
7060
]
}','ReadarrSettings','2','[]');"
EOF
sed -i "s/adminadmin/${readarr_api}/g" add4.sh
bash add4.sh
rm add4.sh
}
add_prowlarr_sonarr_radarr_lidarr_readarr
sqlite3 /usr/share/nginx/prowlarr/config/prowlarr.db "insert into Tags values ('1','flaresolverr');"
sqlite3 /usr/share/nginx/prowlarr/config/prowlarr.db "insert into IndexerProxies values ('1','FlareSolverr','{
\"host\": \"http://127.0.0.1:8191/\",
\"requestTimeout\": 60
}','FlareSolverr','FlareSolverrSettings','[
1
]');"
sqlite3 /usr/share/nginx/prowlarr/config/prowlarr.db "insert into Config values ('6','uilanguage','10');"
sqlite3 /usr/share/nginx/prowlarr/config/prowlarr.db "insert into DownloadClients values ('1','1','qBittorrent','QBittorrent','{
\"host\": \"127.0.0.1\",
\"port\": 8080,
\"useSsl\": false,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"category\": \"Others\",
\"priority\": 0,
\"initialState\": 0
}','QBittorrentSettings','1');"

sqlite3 /usr/share/nginx/prowlarr/config/prowlarr.db "insert into DownloadClients values ('2','1','NZBGet','Nzbget','{
\"host\": \"127.0.0.1\",
\"port\": 6789,
\"useSsl\": false,
\"username\": \"admin\",
\"password\": \"adminadmin\",
\"category\": \"Others\",
\"priority\": 0,
\"addPaused\": false
}','NzbgetSettings','1');"

配置 Jackett

1
2
3
4
5
6
7
8
9
10
11
12
# 配置 BaseUrl
cat '/usr/share/nginx/jackett/config/Jackett/ServerConfig.json' | jq '.BasePathOverride |= "/jackett/"' >> /usr/share/nginx/jackett/config/Jackett/tmp.json
cp -f /usr/share/nginx/jackett/config/Jackett/tmp.json /usr/share/nginx/jackett/config/Jackett/ServerConfig.json
rm /usr/share/nginx/jackett/config/Jackett/tmp.json
# 因为我们用反向代理,所以关掉这个选项不会有事情
cat '/usr/share/nginx/jackett/config/Jackett/ServerConfig.json' | jq '.AllowExternal |= false' >> /usr/share/nginx/jackett/config/Jackett/tmp.json
cp -f /usr/share/nginx/jackett/config/Jackett/tmp.json /usr/share/nginx/jackett/config/Jackett/ServerConfig.json
rm /usr/share/nginx/jackett/config/Jackett/tmp.json
# 配置 FlareSolverr Url
cat '/usr/share/nginx/jackett/config/Jackett/ServerConfig.json' | jq '.FlareSolverrUrl |= "http://127.0.0.1:8191"' >> /usr/share/nginx/jackett/config/Jackett/tmp.json
cp -f /usr/share/nginx/jackett/config/Jackett/tmp.json /usr/share/nginx/jackett/config/Jackett/ServerConfig.json
rm /usr/share/nginx/jackett/config/Jackett/tmp.json

配置 Bazarr

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# 配置 BaseUrl
sed -i "0,/base_url \=/s//base_url \= \/bazarr/g" /usr/share/nginx/bazarr/config/config/config.ini
sed -i '/^\[sonarr\]$/,/^\[/ s/^base_url = \//base_url = \/sonarr\//' /usr/share/nginx/bazarr/config/config/config.ini
# 将Sonarr,Radarr与Bazarr链接
sed -i "/^\[sonarr\]$/,/^\[/ s/^apikey =/apikey = ${sonarr_api}/" /usr/share/nginx/bazarr/config/config/config.ini
sed -i '/^\[radarr\]$/,/^\[/ s/^base_url = \//base_url = \/radarr\//' /usr/share/nginx/bazarr/config/config/config.ini
sed -i "/^\[radarr\]$/,/^\[/ s/^apikey =/apikey = ${radarr_api}/" /usr/share/nginx/bazarr/config/config/config.ini
sed -i '/^\[analytics\]$/,/^\[/ s/^enabled = True/enabled = False/' /usr/share/nginx/bazarr/config/config/config.ini
sed -i "s/use_sonarr = False/use_sonarr = True/g" /usr/share/nginx/bazarr/config/config/config.ini
sed -i "s/use_radarr = False/use_radarr = True/g" /usr/share/nginx/bazarr/config/config/config.ini
sed -i "s/serie_default_enabled = False/serie_default_enabled = True/g" /usr/share/nginx/bazarr/config/config/config.ini
sed -i "s/serie_default_profile =/serie_default_profile = 1/g" /usr/share/nginx/bazarr/config/config/config.ini
sed -i "s/movie_default_enabled = False/movie_default_enabled = True/g" /usr/share/nginx/bazarr/config/config/config.ini
sed -i "s/movie_default_profile =/movie_default_profile = 1/g" /usr/share/nginx/bazarr/config/config/config.ini
sed -i '/^\[assrt\]$/,/^\[/ s/^token =/token = oHwtSNdY1aQe1qwRSZVo70SqNW0Pu1AM/' /usr/share/nginx/bazarr/config/config/config.ini # Assrt站API 5次/分钟
sed -i '/^\[betaseries\]$/,/^\[/ s/^token =/token = ecd1f45f3036/' /usr/share/nginx/bazarr/config/config/config.ini # Betaseries API
# 设置开启的字幕源
sed -i "s/enabled_providers = \[\]/enabled_providers = \['zimuku', 'assrt', 'yifysubtitles', 'betaseries', 'opensubtitlescom', 'supersubtitles', 'tvsubtitles', 'subscenter'\]/g" /usr/share/nginx/bazarr/config/config/config.ini
# 设置字幕语言为简体中文,繁体中文以及英文
sqlite3 /usr/share/nginx/bazarr/config/db/bazarr.db "insert into table_languages_profiles values ('1','','[{\"id\": 1, \"language\": \"zh\", \"audio_exclude\": \"False\", \"hi\": \"False\", \"forced\": \"False\"}, {\"id\": 2, \"language\": \"zt\", \"audio_exclude\": \"False\", \"hi\": \"False\", \"forced\": \"False\"}, {\"id\": 3, \"language\": \"en\", \"audio_exclude\": \"False\", \"hi\": \"False\", \"forced\": \"False\"}]','Chinese','[]','[]');"

配置 Ombi

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
add_sonarr_ombi(){
cat > "add.sh" << "EOF"
#!/usr/bin/env bash
sqlite3 /usr/share/nginx/ombi/config/OmbiSettings.db "insert into GlobalSettings values ('2','{\"Enabled\":true,\"ApiKey\":\"adminadmin\",\"QualityProfile\":\"1\",\"SeasonFolders\":false,\"RootPath\":\"1\",\"QualityProfileAnime\":\"1\",\"RootPathAnime\":\"2\",\"AddOnly\":false,\"V3\":true,\"LanguageProfile\":2,\"LanguageProfileAnime\":2,\"ScanForAvailability\":false,\"Ssl\":false,\"SubDir\":\"/sonarr\",\"Ip\":\"127.0.0.1\",\"Port\":8989,\"Id\":0}','SonarrSettings');"
EOF
sed -i "s/adminadmin/${sonarr_api}/g" add.sh
bash add.sh
rm add.sh
}

add_radarr_ombi(){
cat > "add.sh" << "EOF"
#!/usr/bin/env bash
sqlite3 /usr/share/nginx/ombi/config/OmbiSettings.db "insert into GlobalSettings values ('3','{\"Enabled\":true,\"ApiKey\":\"adminadmin\",\"DefaultQualityProfile\":\"1\",\"DefaultRootPath\":\"/data/media/movies\",\"AddOnly\":false,\"MinimumAvailability\":\"Announced\",\"ScanForAvailability\":false,\"Ssl\":false,\"SubDir\":\"/radarr\",\"Ip\":\"127.0.0.1\",\"Port\":7878,\"Id\":0}','RadarrSettings');"
EOF
sed -i "s/adminadmin/${radarr_api}/g" add.sh
bash add.sh
rm add.sh
}

add_lidarr_ombi(){
cat > "add.sh" << "EOF"
#!/usr/bin/env bash
sqlite3 /usr/share/nginx/ombi/config/OmbiSettings.db "insert into GlobalSettings values ('4','{\"Enabled\":true,\"ApiKey\":\"adminadmin\",\"DefaultQualityProfile\":\"1\",\"DefaultRootPath\":\"/data/media/Music/\",\"AlbumFolder\":true,\"MetadataProfileId\":1,\"AddOnly\":false,\"Ssl\":false,\"SubDir\":\"/lidarr\",\"Ip\":\"127.0.0.1\",\"Port\":8686,\"Id\":0}','LidarrSettings');"
EOF
sed -i "s/adminadmin/${lidarr_api}/g" add.sh
bash add.sh
rm add.sh
}
# 将Sonarr Radarr Lidarr与Ombi链接
add_sonarr_ombi
add_radarr_ombi
add_lidarr_ombi
# 关闭信息收集并设置语言为中文
sqlite3 /usr/share/nginx/ombi/config/OmbiSettings.db "DELETE FROM GlobalSettings WHERE Id = 1;"
sqlite3 /usr/share/nginx/ombi/config/OmbiSettings.db "insert into GlobalSettings values ('1','{\"BaseUrl\":\"/ombi\",\"CollectAnalyticData\":false,\"Wizard\":false,\"ApiKey\":\"dfbcab4789604b4289b3cdc71aa41bf6\",\"DoNotSendNotificationsForAutoApprove\":false,\"HideRequestsUsers\":false,\"DisableHealthChecks\":false,\"DefaultLanguageCode\":\"zh\",\"AutoDeleteAvailableRequests\":false,\"AutoDeleteAfterDays\":0,\"Branch\":0,\"HasMigratedOldTvDbData\":false,\"Set\":false,\"Id\":1}','OmbiSettings');"

启动系统

命令行配置已完成,是时候启动系统进行图形界面配置了。

1
2
cd /data
docker-compose up -d

等待几秒钟,然后使用浏览器,访问 VPS/NAS 的 IP/域名,逐一访问页面中的链接,确定都能打开再继续。

nginx

配置 Emby

打开链接,进行初始化,文件夹路径按照图中设置即可。

建议电视节目文件夹将 The Movie DB 设为首选。

emby_db

启用 NFO
emby_nfo

勾选这个选项
emby_check

新建 电视节目 文件夹
emby_serise

新建 电影 文件夹
emby_movies

新建 音乐 文件夹
emby_music

新建 书籍 文件夹
emby_books

新建 Emby API
emby_api

配置 Ombi

打开链接,进行初始化,Emby API复制黏贴即可,其余设置如图所示。

ombi_emby

检查 Sonarr 配置

逐一检查配置是否正确,以下图片为正确配置。

2022.3.21 更新:新增影片质量配置。

重命名配置
sonarr_naming

根目录配置
sonarr_rootfolder

下载客户端配置
sonarr_download

刮削配置
sonarr_metadata

影片质量配置
sonarr1

我比较懒,所以只使用一个Any的配置。

检查 Radarr 配置

逐一检查配置是否正确,以下图片为正确配置。

2022.3.21 更新:新增影片质量配置。

重命名配置
radarr_naming

根目录配置
radarr_rootfolder

下载客户端配置
radarr_download

刮削配置
radarr_metadata

影片质量配置
radarr1

我比较懒,所以只使用一个Any的配置。

检查 Lidarr 配置

逐一检查配置是否正确,以下图片为正确配置。

重命名以及根目录配置
lidarr_naming

下载客户端配置
lidarr_download

刮削配置
lidarr_metadata

音乐质量配置
lidarr1

我比较懒,所以只使用一个Any的配置。

检查 Readarr 配置

逐一检查配置是否正确,以下图片为正确配置。

Readarr根目录有Bug,无法命令行配置,请手动配置。

重命名以及根目录配置
Readarr_naming

仅需填入名称以及路径,其他不用改。
readarr_config

下载客户端配置
readarr_download

书籍质量配置
readarr1

检查 Bazarr 配置

逐一检查配置是否正确,以下图片为正确配置。

字幕语言配置
bazarr_chinese

默认字幕语言配置
bazarr_default

下载字幕源
bazarr_providers

检查 Chinesesubfinder 配置

逐一检查配置是否正确,以下图片为正确配置。

2022.3.19更新:测试证明 Chinesesubfinder 也需要在 Docker-compose 配置文件中将卷目录挂载为 /data 才能正常工作(上文已修正)。

基础配置
chinesesubfinder_basic

  1. 电影目录 /data/media/Movies
  2. 连续剧目录 /data/media/Series

Emby以及目录映射配置
chinesesubfinder2

Prowlarr / Jackett 配置 indexers

Jackett 同理,不再重复写。

点击Add indexer
prowlarr_index
选择 Base Url ,点击保存。
prowlarr2
Cloudflare DDOS 的要加一个 flaresolverr Tag
prowlarr3

检查 qBittorrent 配置

逐一检查配置是否正确,以下图片为正确配置。

检查分类是否正确显示
qbt1

检查公开追踪器是否正常获取
qbt2

检查默认下载位置以及下载模式
qbt3

配置 NZBGet 服务器

2022.3.21 更新:新增程序缓存及下载队列相关内容。

输入 Usenet Provider 域名,端口号,用户名以及密码等信息。

请严格按照你的 Usenet Provider的指示填写,图片仅供参考

如本地无IPv6连接,请将Server1.Ipversion手动设置为Ipv4以避免不必要的延迟。

2022.3.22 更新:经测试原版 NZBGet 不支援TLS1.3协议。因此我构建了一个支援TLS1.3Docker imageCipher建议设置为ECDHE-ECDSA-AES128-GCM-SHA256 | TLS1.2TLS_AES_128_GCM_SHA256 | TLS1.3

nzb1

检查分类是否正确
nzb2

2022.3.24 更新:此数值经测试为单个文件的下载连接数,建议设置为1

这里的 UrlConnections 请填写与第一张图中 Connections 一样的数值。
nzb3

检查下载位置是否正确
nzb4

检查程序缓存以及最大下载队列是否正确
nzgbet1

TLS1.3 测试结果
nzbget2

开启DirectUnpack提升下载效率
nzb6

检查重试次数
nzb7

检查 Rsshub 配置

如看见下图,则Rsshub已可用。
rsshub

配置 XRAY 透明代理加系统代理

一个个应用程序配置 http 代理设置太麻烦了(并且不可靠),所以我选择透明代理。

本文仅代理 22 80 443 563 端口。

总不能有人看到这里了还不会自己下载github release吧?

1
https://github.com/XTLS/Xray-core/releases/

参考systemd配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
  cat > "/etc/systemd/system/xray.service" << "EOF"
[Unit]
Description=Xray Service
Wants=network-online.target
After=network-online.target nss-lookup.target

[Service]
Type=simple
User=root
ExecStart=/etc/xray/xray -c /etc/xray/config.json
TimeoutStopSec=infinity
LimitNOFILE=65536
Restart=always
RestartSec=3s

[Install]
WantedBy=multi-user.target
EOF

iptables配置

2022.3.22 更新:新增 IPv6 配置。

安装ipset

1
apt install -y ipset

新增内网ip段

1
2
3
4
5
6
7
8
9
10
ipset create private hash:net
ipset add private 172.17.0.0/16
ipset add private 172.18.0.0/16
ipset add private 127.0.0.0/8
ipset add private 10.0.0.0/8
ipset add private 172.16.0.0/12
ipset add private 192.168.0.0/16
ipset add private 224.0.0.0/4
ipset add private 240.0.0.0/4
ipset list

IPv4配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
iptables -t nat -N XRAY
# 直连内网及本机 ip
iptables -t nat -A XRAY -m set –match-set private dst -j RETURN
# 直连 vps doh ip
iptables -t nat -A XRAY -d {vps ip} -j RETURN
iptables -t nat -A XRAY -d 223.5.5.5/32 -j RETURN
iptables -t nat -A XRAY -p tcp -j RETURN -m mark --mark 0x80
# 仅透明代理 22 80 443 563 端口
iptables -t nat -A XRAY -p tcp --dport 22 -j REDIRECT --to-ports 12345
iptables -t nat -A XRAY -p tcp --dport 80 -j REDIRECT --to-ports 12345
iptables -t nat -A XRAY -p tcp --dport 443 -j REDIRECT --to-ports 12345
iptables -t nat -A XRAY -p tcp --dport 563 -j REDIRECT --to-ports 12345
# 其余TCP流量直连
iptables -t nat -A XRAY -p tcp -j RETURN
# 对局域网其他设备进行透明代理
iptables -t nat -A PREROUTING -p tcp -j XRAY
# 对本机进行透明代理
iptables -t nat -A OUTPUT -p tcp -j XRAY
iptables -t nat -N XRAY

IPv6配置(可选项)

1
2
3
4
5
6
7
8
9
iptables -t nat -I OUTPUT -p tcp --dport 123 -j RETURN
ip6tables -t nat -N XRAY
ip6tables -t nat -A XRAY -p tcp -j RETURN -m mark --mark 0xff
ip6tables -t nat -A XRAY -p tcp --dport 80 -j REDIRECT --to-ports 12345
ip6tables -t nat -A XRAY -p tcp --dport 443 -j REDIRECT --to-ports 12345
ip6tables -t nat -A XRAY -p tcp --dport 563 -j REDIRECT --to-ports 12345
ip6tables -t nat -A XRAY -p tcp -j RETURN
ip6tables -t nat -A PREROUTING -p tcp -j XRAY
ip6tables -t nat -A OUTPUT -p tcp -j XRAY

查看iptables情况

1
iptables -t nat -L -v -n

持久化ipset以及iptables

全选 yes

1
apt install -y ipset iptables netfilter-persistent ipset-persistent iptables-persistent

2022.3.22 更新:新增手动保存iptables方法。

手动保存iptables

1
2
3
iptables-save > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6
ipset save > /etc/iptables/ipsets

Xray配置

1
2
mkdir /etc/xray
sudo nano /etc/xray/config.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
{
"log": {
"loglevel": "info"
},
"inbounds": [
{
"listen": "127.0.0.1",
"port": 6666,
"protocol": "http", // http 代理
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
],
"metadataOnly": false
},
"allocate": {
"strategy": "always",
"refresh": 5,
"concurrency": 3
}
},
{
"listen": "127.0.0.1",
"port": 1080,
"protocol": "socks", // socks 代理
"udp": true,
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
],
"metadataOnly": false
},
"allocate": {
"strategy": "always",
"refresh": 5,
"concurrency": 3
}
},
{
"port": 12345,
"protocol": "dokodemo-door", // 透明代理
"settings": {
"network": "tcp,udp",
"followRedirect": true
},
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls"]
},
"allocate": {
"strategy": "always",
"refresh": 5,
"concurrency": 3
}
}
],
"outbounds": [
{
"protocol": "vless", //你的服务器协议
"settings": {
"vnext": [
{
"address": "1.1.1.1", //你的服务器ip
"port": 443, // 你的服务器端口号
"users": [
{
"encryption": "none",
"flow": "",
"id": "55547476-bb06-5f2b-bceb-fff49978fd99", //你的服务器密码
"level": 0
}
]
}
]
},
"tag": "proxy", // 流量代理出口
"streamSettings": {
"grpcSettings": {
"multiMode": true,
"serviceName": "grpc" // grpc ServiceName
},
"network": "grpc", // 你的服务器底层协议
"security": "tls", // 底层传输协议
"tlsSettings": {
"serverName": "adminadmin.com", //你的服务器域名
"rejectUnknownSni": false,
"allowInsecure": false,
"alpn": ["h2", "http/1.1"],
"minVersion": "1.2",
"maxVersion": "1.3",
"cipherSuites": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA",
"disableSystemRoot": false,
"enableSessionResumption": false
},
"sockopt": {
"mark": 128
}
}
},
{
"protocol": "freedom", // 流量直连出口
"settings": {},
"tag": "direct",
"streamSettings": {
"sockopt": {
"mark": 128
}
}
},
{
"tag": "blocked", // 流量屏蔽出口
"protocol": "blackhole",
"settings": {},
"streamSettings": {
"sockopt": {
"mark": 128
}
}
}],
"routing": {
"domainStrategy": "IPIfNonMatch",
"domainMatcher": "mph",
"rules": [
{
"type": "field",
"protocol": ["bittorrent"], // BT 直连
"outboundTag": "direct"
},
{
"type": "field",
"outboundTag": "direct",
"domain": ["regexp:tracker\\w*\\."] // BT Tracker 直连
},
{
"type": "field",
"domain": ["geosite:category-ads"], // 屏蔽广告
"outboundTag": "blocked"
},
{
"type": "field",
"domain": ["geosite:cn"], // 国内直连
"outboundTag": "direct"
},
{
"type": "field",
"ip": ["geoip:cn","geoip:private"], // 内网直连
"outboundTag": "direct"
}
]
}
}

启动 XRAY

1
systemctl enable xray --now

设置 DNS 域名为 1.1.1.1 以及 1.0.0.1

1
2
echo "nameserver 1.1.1.1" > /etc/resolv.conf
echo "nameserver 1.0.0.1" >> /etc/resolv.conf

设置系统代理

1
nano /etc/profile.d/proxy.sh

写入以下内容

1
2
3
export http_proxy="http://127.0.0.1:6666/"
export https_proxy="http://127.0.0.1:6666/"
export ftp_proxy="http://127.0.0.1:6666/"
1
chmod +x /etc/profile.d/proxy.sh

测试透明代理是否成功

见到如下返回则已成功

1
2
3
4
5
6
7
8
[email protected]:~# curl google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
[email protected]:~#

配置 Overture 以实现 DNS 国内分流

2022.3.31 更新:新增Redis配置。

Redis用于持久化DNS缓存,避免重启服务后缓存丢失。

1
2
3
4
5
6
7
8
9
10
11
curl -fsSL https://packages.redis.io/gpg | sudo gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/redis.list
apt-get update
apt-get install redis -y
systemctl enable redis-server
# 启用持久化缓存
sed -i "s/appendonly no/appendonly yes/g" /etc/redis/redis.conf
# 新增Domain socket配置
echo "unixsocket /var/run/redis/redis.sock" >> /etc/redis/redis.conf
echo "unixsocketperm 770" >> /etc/redis/redis.conf
systemctl restart redis-server

因为GFWlist以及cniplist太长,写不下,直接放结果,想看的自己去看src。

1
https://raw.githubusercontent.com/johnrosen1/vpstoolbox/master/install/overture.sh

安装Overture

1
2
3
curl -LO https://raw.githubusercontent.com/johnrosen1/vpstoolbox/master/install/overture.sh
source overture.sh
install_overture

主配置文件 /etc/overture/config.yml

默认走Ali DOH ,国外IP及域名走Cloudflare DOH(通过代理) 。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
bindAddress: :53
debugHTTPAddress: 127.0.0.1:5555
dohEnabled: false
primaryDNS:
- name: Ali
address: https://223.5.5.5/dns-query
protocol: https
socks5Address:
timeout: 6
ednsClientSubnet:
policy: disabled
externalIP:
noCookie: true
alternativeDNS:
- name: Cloudflare
address: https://1.1.1.1/dns-query
protocol: https
socks5Address: 127.0.0.1:1080
timeout: 60
ednsClientSubnet:
policy: disabled
externalIP:
noCookie: true
onlyPrimaryDNS: false
ipv6UseAlternativeDNS: false
alternativeDNSConcurrent: false
whenPrimaryDNSAnswerNoneUse: alternativeDNS
ipNetworkFile:
primary: /etc/overture/china_ip_list.txt
alternative: /etc/overture/ip_network_alternative_sample
domainFile:
primary: /etc/overture/chnlist.txt
alternative: /etc/overture/gfw_all_domain.txt
matcher: /etc/overture/suffix-tree
hostsFile:
hostsFile: /etc/overture/hosts_sample
finder: /etc/overture/full-map
minimumTTL: 0
domainTTLFile: /etc/overture/domain_ttl_sample
cacheSize: 10000
cacheRedisUrl: unix:///var/run/redis/redis.sock
cacheRedisConnectionPoolSize: 1000000
rejectQType:
- 255

启用分流

1
echo "nameserver 127.0.0.1" > /etc/resolv.conf

锁定配置,防止重启失效

1
chattr +i /etc/resolv.conf

测试是否成功

出现以下显示则成功

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
[email protected]:~# nslookup baidu.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: baidu.com
Address: 220.181.38.148
Name: baidu.com
Address: 220.181.38.251

[email protected]:~# nslookup google.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: google.com
Address: 172.217.31.174
Name: google.com
Address: 2404:6800:4004:824::200e

[email protected]:~#

设置 CPU 策略为最佳性能

2022.3.23 更新:新增开机全自动化设置内容。

1
2
apt install linux-cpupower -y
sudo cpupower frequency-set -g performance

查看当前策略

1
cat /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor

设置开机启动

1
2
3
4
5
6
7
8
9
  cat > "/etc/systemd/system/cpupower.service" << "EOF"
[Unit]
Description=CPU performance mode
[Service]
Type=oneshot
ExecStart=/usr/bin/cpupower frequency-set -g performance
[Install]
WantedBy=multi-user.target
EOF

使配置生效

1
systemctl enable cpupower

挂载 SSD 并设置写入缓存

建议使用大容量固态硬盘作为 qBittorrent 以及 NZBGet 的写入缓存。

新增挂载点

1
mkdir /ssd

查看硬件信息,记下 /dev/sda

1
fdisk -l
1
2
3
4
5
Disk /dev/sda: 931.51 GiB, 1000204886016 bytes, 1953525168 sectors
Disk model: ************
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes

新增分区

1
cfdisk /dev/sda

选择 gpt

1
2
3
> New -> Primary -> 回车
> Write -> yes
> Quit

使用 Ext4 文件系统格式化

1
mkfs.ext4 /dev/sda

获取硬件 UUID

1
blkid
1
/dev/sda: UUID="8168d321-c245-4846-82dd-a5d79a04550a" BLOCK_SIZE="4096" TYPE="ext4"

修改 /etc/fstab,新增以下内容

1
UUID=359d90df-f17a-42f6-ab13-df13bf356de7 /ssd ext4 errors=remount-ro 0 1

挂载 SSD 至挂载点

1
mount /ssd

查看挂载是否成功

1
2
3
4
[email protected]:~# df -hl
...
/dev/sda 916G 20K 916G 1% /ssd # 出现这行就代表成功
...

qBittorrent 配置
qbt4

NZBGet 配置
nzb5

最大化可用空间

ext4 默认有 5% 的预留空间,我们的数据盘和缓存盘不需要这种东西,只有系统盘会需要。

取消预留空间

1
tune2fs -m 0 /dev/sda

开启 BBR 提升网络质量

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
  cat > '/etc/sysctl.d/99-sysctl.conf' << EOF
net.ipv4.conf.all.route_localnet=1
net.ipv4.ip_forward = 1
net.ipv4.conf.all.forwarding = 1
net.ipv4.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.lo.forwarding = 1
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0
net.ipv6.conf.all.accept_ra = 2
net.ipv6.conf.default.accept_ra = 2
net.core.netdev_max_backlog = 100000
net.core.netdev_budget = 50000
net.core.netdev_budget_usecs = 5000
#fs.file-max = 51200
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.core.rmem_default = 67108864
net.core.wmem_default = 67108864
net.core.optmem_max = 65536
net.core.somaxconn = 1000000
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_keepalive_probes = 2
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_rfc1337 = 0
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_fin_timeout = 15
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_fastopen = 4
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.ipv4.udp_rmem_min = 8192
net.ipv4.udp_wmem_min = 8192
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_autocorking = 0
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_max_syn_backlog = 819200
net.ipv4.tcp_notsent_lowat = 16384
net.ipv4.tcp_no_metrics_save = 0
net.ipv4.tcp_ecn = 1
net.ipv4.tcp_ecn_fallback = 1
net.ipv4.tcp_frto = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv6.conf.default.accept_redirects = 0
net.ipv4.neigh.default.gc_thresh3=8192
net.ipv4.neigh.default.gc_thresh2=4096
net.ipv4.neigh.default.gc_thresh1=2048
net.ipv6.neigh.default.gc_thresh3=8192
net.ipv6.neigh.default.gc_thresh2=4096
net.ipv6.neigh.default.gc_thresh1=2048
net.ipv4.tcp_orphan_retries = 1
net.ipv4.tcp_retries2 = 5
vm.swappiness = 1
vm.overcommit_memory = 1
kernel.pid_max=64000
net.netfilter.nf_conntrack_max = 262144
net.nf_conntrack_max = 262144
## Enable bbr
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
EOF
sysctl -p

修改最大开启文件数上限

主要是为了避免 Too much open files 的错误。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  cat > '/etc/systemd/system.conf' << EOF
[Manager]
#DefaultTimeoutStartSec=90s
DefaultTimeoutStopSec=30s
#DefaultRestartSec=100ms
DefaultLimitCORE=infinity
DefaultLimitNOFILE=infinity
EOF
cat > '/etc/security/limits.conf' << EOF
root soft nofile 1000000
root hard nofile 1000000
root soft nproc unlimited
root hard nproc unlimited
root soft core unlimited
root hard core unlimited
root hard memlock unlimited
root soft memlock unlimited

* soft nofile 1000000
* hard nofile 1000000
* soft nproc unlimited
* hard nproc unlimited
* soft core unlimited
* hard core unlimited
* hard memlock unlimited
* soft memlock unlimited
EOF
sed -i '/ulimit -SHn/d' /etc/profile
echo "ulimit -SHn 1000000" >> /etc/profile
echo "session required pam_limits.so" >> /etc/pam.d/common-session
systemctl daemon-reload

如果不放心,可以重启一次reboot就生效了。

绑定 DHCP 内网地址

不想手动设置/etc/network/interfaces ? TP-link IP 与 mac 绑定你值得拥有。

mac

开启 Upnp/DMZ

开启 Upnp/DMZ 可以极大地加速 BT/PT 下载上传(前提是你有公网IP)。

dmz

DMZ主机IP地址请填你的 NAS 内网地址。

开启 Emby 硬解

Emby 硬解需要 Emby 会员订阅。

emby_tran

我的机器是 Intel 核显,所以把 QuickSync Intel 设为首选。

安装可能缺少的固件

此配置仅适用于本地NAS。

1
apt-get install firmware-linux -y

最大化网卡RX/TX缓冲

此配置仅适用于本地NAS,建议设置为网卡支持的最大值。

1
2
3
4
apt install ethtool -y
ip a
ethtool -g ethX
ethtool -G ethX rx 最大值 tx 最大值

结语

这个项目花费了我一周的时间才搞定,但是最终的结果确实是值得的。我终于不再需要忍受 Netflix 有限的片源以及 IP 限制啦!

参考资料

  1. 利用NAS实现全自动观影追剧
  2. 使用jeckett,sonarr,iyuu,qt,emby打造全自动追剧流程
  3. 高阶教程-追剧全流程自动化
  4. 硬链接教程
  5. 使用Sonarr+Jackett+qb/tr+emby实现(基本)全自动追新番
  6. 伪射手网
  7. 用豆瓣挑电影-你的最佳私人影音助理,订阅追剧满足你的所有幻想
  8. JELLYFIN EMBY PLEX如何打造完美动漫番剧库!
  9. 什么是透明代理
  10. Openwrt homelede 3865U开启emby 4K硬解
  11. NEWSGROUP NINJA
  12. RSSHUB文档
  13. Windows最佳动画观看环境配置指南(MPC-HC, madvr, SVP, Anime4K)
  14. 最佳私人影音实践教程
  15. 从pt到家庭媒体中心全攻略(补充)(用Emby看电视直播,居然比用电视看电视还爽)
  16. 第一篇万字长文:围绕透明代理的又一次探究
  17. NZBGet文档
  18. Sonarr Github
  19. Radarr Github
  20. Lidarr Github
  21. Readarr Github
  22. Jackett Github
  23. Prowlarr Github
  24. qBittorrent Github
  25. NZBGet Github
  26. Bazarr Github
  27. Chinesesubfiner Github
  28. PT助手Plus
  29. Linux网络性能参数
  30. 利用AV Data Capture+Jellyfin+Kodi打造更优雅的本地AV(毛片)+普通影片媒体库
  31. Emby/Jellyfin 的一个日本电影刮削器插件
  32. How to persistently set nr_requests using UDEV rules