Alist 网盘目录程序安装配置使用方法
Alist 是一个支持挂载众多网盘目录的 Go 语言程序,适合主机没带宽情况下小规模分享文件使用。
项目地址 https://github.com/alist-org/alist
Alist 安装配置方法
1. 创建目录,下载解压文件及配置权限,完成后运行程序以生成配置文件,并从输出信息中记下默认密码。
mkdir -p /opt/alist && cd /opt/alist wget https://github.com/alist-org/alist/releases/download/v2.6.3/alist-linux-amd64.tar.gz tar -zxvf alist-linux-amd64.tar.gz && rm -f alist-linux-amd64.tar.gz mv alist-linux-amd64 alist && chmod +x alist ./alist
2. 创建 systemd 系统单元文件,以便控制服务运行。
cat > /etc/systemd/system/alist.service << "EOF" [Unit] Description=Alist Service Wants=network.target After=network.target network.service [Service] Type=simple WorkingDirectory=/opt/alist ExecStart=/opt/alist/alist KillMode=process [Install] WantedBy=multi-user.target EOF
刷新配置,设置开机启动和运行程序。
systemctl daemon-reload systemctl enable alist systemctl start alist
还可以用下面命令查看运行状态 / 日志,停止 / 重启,取消开机启动。
systemctl status alist journalctl -u alist systemctl stop alist systemctl restart alist systemctl disable alist
3. 安装 Nginx 设置反向代理,安装方法可参考之前文章。
4. 创建网站目录,以便存放后面设置 logo、favicon 等文件。
mkdir -p /var/www/file.example.com/script /var/www/file.example.com/file semanage fcontext -a -t httpd_sys_content_t "/var/www/file.example.com(/.*)?" restorecon -R -v /var/www/file.example.com chown -R nginx:nginx /var/www/file.example.com
5. 设置好域名解析,申请好 SSL 证书。
# 先创建配置文件 cat > /etc/nginx/conf.d/file.example.com.conf << "EOF" server { listen 80; listen [::]:80; server_name file.example.com; include /etc/nginx/snippets/letsencrypt-acme-challenge.conf; } EOF # 刷新 Nginx 配置 nginx -s reload # 安装 ACME 客户端(装完后断开重连 SSH) curl https://get.acme.sh | sh # 设置默认申请 Let’s Encrypt 证书(或者设置使用 ZeroSSL 证书) acme.sh --set-default-ca --server letsencrypt # 申请 SSL 证书 acme.sh --issue -d file.example.com -w /var/www/letsencrypt # 安装 SSL 证书 acme.sh --install-cert -d file.example.com \ --key-file /etc/pki/tls/private/file.example.com.key \ --fullchain-file /etc/pki/tls/certs/file.example.com.cer \ --reloadcmd "systemctl force-reload nginx" # 生成 DH 会话密钥 openssl dhparam -out /etc/pki/tls/certs/dhparam.pem 2048
6. 修改之前创建的 /etc/nginx/conf.d/file.example.com.conf 网站配置文件。
upstream alist_backend {
server 127.0.0.1:5244;
keepalive 32;
}
server {
listen 80;
listen [::]:80;
server_name file.example.com;
return 301 https://file.example.com$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name file.example.com;
ssl_certificate /etc/pki/tls/certs/file.example.com.cer;
ssl_certificate_key /etc/pki/tls/private/file.example.com.key;
ssl_dhparam /etc/pki/tls/certs/dhparam.pem;
ssl_buffer_size 4k;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/pki/tls/certs/file.example.com.cer;
include /etc/nginx/snippets/enable-gzip-compression.conf;
access_log /var/log/nginx/file.example.com.access.log;
error_log /var/log/nginx/file.example.com.error.log warn;
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
location ~* ^/(?:script|file) {
root /var/www/file.example.com;
log_not_found off;
access_log off;
}
location / {
proxy_pass http://alist_backend;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_buffers 8 16k;
proxy_buffer_size 16k;
proxy_busy_buffers_size 24k;
client_max_body_size 1024m;
proxy_redirect off;
}
}
然后刷新 Nginx 服务,使配置生效。
nginx -s reload
允许 HTTPD 脚本和模块连接网络,不然连接会被权限拒绝。
setsebool -P httpd_can_network_connect 1
7. 至此,访问域名就可以设置前后端选项了,添加网盘账号那些可见官方文档介绍。
补充:添加 OneDrive 需要账号支持 API,在创建应用时如果要求注册 Azure,可以试下用这个链接能不能免注册创建(之前测试可以)。
