Reverse Proxy

John Wohlers edited this page Mar 8, 2018 · 7 revisions

Linux / OSX

Prerequisites

  • Install Nginx or Apache
  • Optional: have an SSL certificate. A free one can be obtained using "Let's Encrypt"

Nginx Conf

Nginx is by far, easier to setup a reverse proxy. Depending on your distro, the location of the Nginx conf or access log may be different than what's shown below. Please use these as a guide.

HTTP (non-SSL)

Create a new config here: /etc/nginx/sites-enabled/sonarr.your-domain.xyz With the following contents:

server {
    listen         80;
    server_name    sonarr.your-domain.xyz;

    location / {
        proxy_pass        http://127.0.0.1:8989;
        proxy_set_header  X-Real-IP  $remote_addr;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_redirect off;
        proxy_buffering off;
    }
    access_log /var/log/nginx/sonarr.your-domain.xyz;
}

Reload Nginx: nginx -s reload

HTTPS (with SSL certificate)

Create a new config here: /etc/nginx/sites-enabled/sonarr.your-domain.xyz With the following contents:

server {
    listen         80;
    server_name    sonarr.you-domain.xyz;
    return         301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name sonarr.you-domain.xyz;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    ssl_certificate      /path/to/your/ssl-cert;
    ssl_certificate_key  /path/to/your/ssl-key;

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;

    access_log /var/log/nginx/sonarr.you-domain.xyz.log;

    location / {
        proxy_pass        http://127.0.0.1:8989;
        proxy_set_header  X-Real-IP  $remote_addr;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_redirect off;
        proxy_buffering off;

    }
}

Reload Nginx: nginx -s reload

Windows

Variant 1: Setting the URL base in the UI

  1. Go to Settings -> General
  2. Set URL Base to desired path
  3. Save settings
  4. Restart (Restart as administrator on Windows)
  5. Donate <3

Variant 2: Editing the configuration file

  1. Open file ~/.config/NzbDrone/config.xml
  2. Add entry <UrlBase>your/desired/path</UrlBase>
Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.