Forum
  • Search
  • Member List
  • Calendar
Hello There, Guest! Login Register — Login with Facebook
Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode | Linear Mode
TUT: Apache SSL + reverse proxy for sickbeard, couchpotato etc.
10th Jan, 2014, 11:03 PM
Post: #1
yourshadow Offline
Registered
Posts: 3
Joined: Jan 2014
Reputation: 2
TUT: Apache SSL + reverse proxy for sickbeard, couchpotato etc.
If you don't want to open up sickbeard transmission etc. ports to the open world but you DO want to access it from anywhere, you might want to consider the followingBig Grin

Use Apache as a reverse proxy! Cool

1. install webserver package of xbian, login to ssh -> Packages -> Web -> webserver

2. Exit the xbian installer and enable some mods for apache:
Terminal
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod rewrite
sudo a2enmod ssl

3. Create a SSL certificate(this will make a certificate for 1 year, after that redo this, i guess):
Terminal
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache.key -out /etc/ssl/certs/apache.crt

It will ask you for some info, it doesn't realy matter what you will fill in
Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:Groningen
Locality Name (eg, city) []:Groningen
Organization Name (eg, company) [Internet Widgits Pty Ltd]: PI
Organizational Unit Name (eg, section) []: PI
Common Name (e.g. server FQDN or YOUR name) []: PI
Email Address []:

4. Edit the default apache site:
Terminal
sudo nano /etc/apache2/sites-available/default

Remove everything (hold CTRL+K), then paste the following:

Terminal
<VirtualHost *:80>
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>

<VirtualHost *:443>
ServerAdmin admin@domain.com
ServerName localhost

ProxyRequests Off
ProxyPreserveHost On

<Proxy *>
Order deny,allow
Allow from all
</Proxy>

<Location />
Order allow,deny
Allow from all
</Location>

SSLEngine On
SSLProxyEngine On
SSLCertificateFile /etc/ssl/certs/apache.crt
SSLCertificateKeyFile /etc/ssl/private/apache.key

ProxyPass /nzbget http://localhost:9092/nzbget
ProxyPassReverse /nzbget http://localhost:9092/nzbget

ProxyPass /sickbeard http://localhost:9094/sickbeard
ProxyPassReverse /sickbeard http://localhost:9094/sickbeard

ProxyPass /transmission http://localhost:9091/transmission
ProxyPassReverse /transmission http://localhost:9091/transmission

ProxyPass /headphones http://localhost:9093/headphones
ProxyPassReverse /headphones http://localhost:9093/headphones

ProxyPass /couchpotato http://localhost:9095/couchpotato
ProxyPassReverse /couchpotato http://localhost:9095/couchpotato

RewriteEngine on
RewriteRule ^/xbmc$ /xbmc/ [R]

ProxyPass /xbmc http://localhost:8080
ProxyPassReverse /xbmc http://localhost:8080

ErrorLog /var/log/apache2/error.log
LogLevel warn
</VirtualHost>

5. Now stop service sickbeard, and edit the config file:
Terminal
sudo service sickbeard stop
[ ok ] Stopping Sickbeard:.
sudo nano /etc/sickbeard/sickbeard.ini

change webroot = "" to webroot = /sickbeard

Also for Couchpotato:
Terminal
sudo service couchpotato stop
[ ok ] Couchpotato not running.
sudo nano /etc/couchpotato/settings.conf

change url_base = to url_base = /couchpotato

And Headphones:
Terminal
sudo service headphones stop
[ ok ] Headphones: not running.
sudo nano /etc/headphones/config.ini

change http_root = / to http_root = /headphones

6. Now (re)start apache, sickbeard, couchpotato and headphones:
Terminal
xbian@xbian ~ $ sudo service apache2 restart
[ ok ] Restarting web server: apache2 ... waiting .
xbian@xbian ~ $ sudo service sickbeard start
[ ok ] Starting Sickbeard:.
xbian@xbian ~ $ sudo service headphones start
[ ok ] Starting Headphones:.
xbian@xbian ~ $ sudo service couchpotato start
[ ok ] Starting Couchpotato:.

7. Let sickbeard en couchpotato have some time to boot up, now from localhost you can already acces your brand new proxy. In your browser type:
for sickbeard: IP-OF-PI/sickbeard (eg 192.168.0.105/sickbeard)
for headphones: IP-OF-PI/headphones
for couchpotato: IP-OF-PI/couchpotato
for nzbget: IP-OF-PI/nzbget
for transmission: IP-OF-PI/transmission
for xbmc: IP-OF-PI/xbmc

You will get a certificate warning, just click continue..

8. For non-local access, open up port 80 and 443 for you PI.

9. Now browse to your external IP like: 12.34.56.78/sickbeard

10. Enjoy Big Grin

* Offcourse change username and password of all services
* Adding torrent through link was tested successful
* Adding NZB through link was tested successful
* This is an 'vanille' alternative for the maraschino package

- When saving a setting, it appears that Sickbeard takes infinite to save. When a popup appears in the right corner, the setting is saved. Even thou the Sickbeard 'saving' animation keeps spinning. IMAGE, just ignore the never ending save animation!
- When updating sickbeard, it will refresh to IP:9094/sickbeard, resulting in a website not found error. Remove the ':9094'
- DO NOT enable sickbeard and/or couchpotato's HTTPS settings. There is no need for a secure 'local' connection. It will probably result into an errorSmile

Edit: added XBMC website
Edit: added some warnings/solutions Smile
Find all posts by this user
Quote this message in a reply
« Next Oldest | Next Newest »
Post Reply 


Messages In This Thread
TUT: Apache SSL + reverse proxy for sickbeard, couchpotato etc. - yourshadow - 10th Jan, 2014 11:03 PM
RE: TUT: Apache SSL + reverse proxy for sickbeard, couchpotato etc. - vincejah - 6th Feb, 2014, 08:56 AM
RE: TUT: Apache SSL + reverse proxy for sickbeard, couchpotato etc. - yourshadow - 13th Feb, 2014, 07:10 PM
RE: TUT: Apache SSL + reverse proxy for sickbeard, couchpotato etc. - yourshadow - 17th Feb, 2014, 09:34 PM

  • View a Printable Version
  • Send this Thread to a Friend
  • Subscribe to this thread
Forum Jump:

Current time: 2nd Jul, 2025, 07:56 AM Powered By MyBB, © 2002-2025 MyBB Group.