The request β€œhow to set up a torrent in a lamp” usually occurs when, after installing the package transmission-daemon the web interface at address 9091 does not open, returning a 403 Forbidden error or waiting indefinitely for a connection. This is a classic symptom of an access rights conflict when the daemon process is running as a user transmission, but the configuration files belong to root or have incorrect security attributes. For the correct operation of a combination of Linux, Apache, MySQL and PHP (or simply a web server in a LAMP stack), it is necessary to strictly coordinate the settings settings.json and rights to download directories.

The main difficulty in integrating a torrent client into a web environment is not the code itself, but the level of access RPC (Remote Procedure Call). By default, the daemon is configured for local connections, blocking external IP addresses, even if they are inside the local network. For the system to work, you need to manually edit the configuration file, adding specific IP addresses or allowing access for all subnets, which is critical for working through a web browser. Ignoring this step results in the interface loading but not being able to connect to the backend.

In addition, the standard port 9091 may be occupied by another service or blocked by a firewall iptables or ufw, which is often found on freshly installed Ubuntu or Debian distributions. Before you begin deep debugging, you should make sure that the port is open for incoming TCP connections and does not conflict with port 80 or 443 used by the Apache web server. Proper configuration at this stage will eliminate the need to reboot the server in the future.

Preparing the environment and installing components

The first step is to install the daemon itself and the necessary libraries that will ensure stable operation in the background. On Debian-based distributions, the repositories contain the latest version Transmission, which interacts well with system services. Installation is carried out through a standard package manager, which guarantees automatic registration of the service in systemd.

After installation, the service starts by default and immediately creates a basic file structure. However, to prevent it from interfering with the Apache web server included with LAMP, it is recommended to change the default port or configure proxying through a virtual host. This will allow you to access torrents through a familiar domain, for example, torrent.yoursite.comusing standard port 80.

  • πŸ“¦ Update package lists with the command apt update to get the latest versions of the repositories.
  • πŸ“¦ Install the daemon with the command apt install transmission-daemon, confirming that the dependencies are downloaded.
  • πŸ“¦ Stop the service before configuring via systemctl stop transmission-daemonfor the changes to take effect.
  • πŸ“¦ Check the installation status by running systemctl status transmission-daemon, making sure there are no errors.

It is important to understand that Transmission in daemon mode there is no graphical interface on the server itself, all control is carried out remotely. That is why the correctness of the initial installation determines the availability of distribution management in the future. Any errors at this stage may result in the service being unable to start without a complete reinstallation.

πŸ“Š What is your level of experience with Linux servers?
Newbie, just started
Average, know the commands
Experienced, I write scripts
Expert, I administer clusters

Configuring Permissions and RPC

The most critical stage is editing the configuration file settings.json, which is usually located along the path /etc/transmission-daemon/settings.json. This is where the rules are written that determine who has the right to manage torrents. Default parameter rpc-whitelist contains only the localhost address, which blocks any connection attempts from other computers on the network.

Need to find the line rpc-whitelist and expand its meaning. If you are on a trusted home network, you can use a mask 192.168.1., replacing the last part with the one corresponding to your subnet. To fully open access (not recommended for public servers without additional authorization), the asterisk symbol is used , allowing connections from any IP addresses.

⚠️ Attention: Before editing the file, be sure to stop the daemon service, otherwise all changes will be overwritten by the system when you shutdown, and your efforts will be wasted.

You should also pay attention to the authorization parameters. Fields rpc-username and rpc-password must be filled out. The password in this file is stored in hashed form, so if you simply enter text there, the system will automatically replace it with a hash the next time you start it. Make sure that the user the daemon is running as has read and write permissions to this file.

  • πŸ”‘ Set the complex user in the field rpc-username for the security of your server.
  • πŸ”‘ Set a strong password that will be hashed by the system automatically upon startup.
  • πŸ”‘ Expand rpc-whitelist to your subnet, for example, 192.168.0.* for local access.
  • πŸ”‘ Enable the option rpc-enabled, setting the value true, if it is disabled.

After making all the edits, the file must be saved. Make sure the JSON syntax is intact: all keys and values ​​must be in double quotes and elements are separated by commas. One missing comma will cause the daemon to refuse to start, citing a configuration parsing error.

Configuring boot paths and file system rights

Standard Linux boot paths are often located in users' home directories, which can create permissions issues for the web server. Demon Transmission runs as system user transmission, and he needs full write rights to the folder where the files will be downloaded. Usually this is a directory /var/lib/transmission-daemon/downloads or a specially created folder in /mnt on an external drive.

If you plan to download files to a separate hard drive or network folder, you need to mount it with the correct permissions. A situation often arises when a torrent has been downloaded, but the web server or FTP cannot serve the file because the user has become the owner of the file transmission, and the web server runs from www-data. The solution is to add both users to the same group or configure umask.

chmod -R 775 /var/lib/transmission-daemon/downloads

chown -R transmission:transmission /var/lib/transmission-daemon/downloads

Parameter umask in configuration settings.json determines with what rights new files will be created. Meaning 22 (or 022) is standard and gives the owner full rights and the group and others read and execute rights. For more open access, so that other LAMP stack services can freely work with files, you can set the value 20, which will give write permissions to the group.

Parameter Recommended value Description
download-dir /var/lib/transmission-daemon/downloads Main folder for saving files
incomplete-dir-enabled true Include folder for undownloaded files
umask 22 Rights mask for created files
script-torrent-done-enabled false Running a script after loading (for advanced)

β˜‘οΈ Checking access rights

Done: 0 / 1

Integration with Apache and setting up Reverse Proxy

For full work in the stack LAMP It’s inconvenient to enter port 9091 in the address bar every time. It is smarter to configure the Apache web server so that it redirects requests for a domain or subdomain directly to the Transmission daemon. This is done using the module mod_proxy, which acts as a reverse proxy.

First you need to enable the required modules in Apache. Teams a2enmod proxy and a2enmod proxy_http will enable proxy support. After this, a new virtual host is created or the configuration is added to an existing site file. This allows you to use HTTPS if the server has an SSL certificate, which significantly increases the security of data transmission, especially when accessed from outside.

The virtual host configuration file must contain the directive ProxyPass, pointing to the local address of the daemon. It is also important to pass the original host headers so that the application forms links correctly. Without this, the web interface may try to redirect the user to the internal IP address of the server, which is not accessible from the external network.

⚠️ Attention: When setting up a proxy, make sure that port 9091 is not directly opened in the firewall to the outside world, otherwise you will bypass Apache and SSL protection.

An example configuration for Apache looks like this:

<VirtualHost *:80>

ServerName torrent.example.com

ProxyPreserveHost On

ProxyPass / http://127.0.0.1:9091/

ProxyPassReverse / http://127.0.0.1:9091/

</VirtualHost>

After making changes, the Apache configuration must be checked for syntax errors with the command apache2ctl configtest. If the test is successful, the web server is rebooted. Torrents are now accessed through the standard web port, and traffic can be protected by SSL if an appropriate virtual host is configured on port 443.

Performance optimization and network settings

Once the basic setup is complete, it's worth thinking about optimization, especially if the server is used not only for torrents, but also for website hosting. Transmission by default it can open hundreds of connections, which can crash a MySQL database or slow down the web server's response. Limiting the number of peers and upload speed helps balance the load.

There are parameters in the configuration file peer-limit-global and peer-limit-per-torrent. For a home server or low-power VPS, it is reasonable to reduce the global limit to 200-300 connections, and for a torrent to 50. This will prevent the NAT table in the router or the server itself from overflowing.

  • πŸš€ Install peer-limit-global to a value of 200 to reduce network load.
  • πŸš€ Limit peer-limit-per-torrent up to 50, so that one file does not take up all the resources.
  • πŸš€ Turn it on lpd-enabled (Local Peer Discovery) to search for peers on the local network.
  • πŸš€ Customize preallocation to 1 (sparse) to save disk space.
Secret parameters for SSD

If you are using an SSD drive, be sure to enable the "cache-size-mb" option in the settings or use ram-disk for temporary files to reduce the number of write cycles and extend the life of the drive.>

It is also worth paying attention to the parameter dht-enabled and utp-enabled. The uTP protocol is designed specifically to reduce network load and prioritize other traffic, making it ideal for servers where websites are running simultaneously. Enabling this function often solves problems with the site lagging during active downloading.

Diagnosis of problems and logs

If after all the settings the system is unstable, the first thing you should do is look at the logs. The Transmission daemon writes logs to the standard system log or to its own file, the path to which can be found in the systemd settings. Log analysis allows you to quickly identify the cause of a service stop or connection error.

A common problem is lack of disk space. If the partition being written to is full, the daemon may crash or stop accepting new tasks. Monitoring free space is a mandatory part of torrent server maintenance. Use utilities like df -h for regular checking.

⚠️ Attention: When updating the system, the package manager may overwrite the file settings.json to default. Always back up your configuration before upgrading.

To debug network problems, use the utility netstat or ss. Team ss -tulpn | grep 9091 will show whether the daemon is listening on the desired port and on which interface. If the port is not displayed, it means that the service did not start or crashed immediately after starting, which requires checking the logs.

FAQ: Frequently asked questions

How do I reset my RPC password if I forgot it?

The easiest way to stop the service is to delete the lines with username and password in the file settings.json, start the service, wait for a new password hash to be generated (or enter a new one in text), and restart the daemon again. The old hash can simply be replaced with a new one generated by the online hash generator for Transmission.

Is it possible to use Transmission on Windows through this server?

Yes, the web interface is crossword-based. You can manage your LAMP server from any device with a browser, including Windows, macOS, Android, and iOS. Simply enter the server address and port (or domain) into the address bar of your browser.

Why is the download speed slow even though the Internet is fast?

Check if the file itself is speed limited settings.json (parameters speed-limit-down). Also make sure that your ISP is not blocking P2P traffic or ports. Try changing the listening port to a non-standard one (for example, 54321) in the settings.

Is it safe to open port 9091 to the outside?

Without setting up HTTPS and complex authorization - no. It is better to use a VPN to access the server or set up tunneling (SSH tunnel) than to open the RPC port directly to the Internet, since the protocol may be vulnerable to brute force.

πŸ’‘

Tip: To automatically launch torrents on a schedule, use cron jobs in conjunction with the transmission-remote command, this will allow you to download large files at night, when the tariff is cheaper or the channel is freer.