1
0
mirror of https://github.com/Sonarr/Sonarr.git synced 2024-11-21 10:12:35 +01:00
10 Reverse Proxy
bakerboy448 edited this page 2022-05-20 09:47:45 -05:00

Note: this is the Legacy v2 Wiki. The new V3 Wiki can be found at the Servarr Wiki. Sonarr v2 is end of life and not supported.

The nginx details can be found on the Installation page in the new wiki

Linux / OSX

Prerequisites

  • Install Nginx or Apache
  • Optional: have an SSL certificate. A free one can be obtained using "Let's Encrypt"

Nginx Conf

Nginx is by far, easier to setup a reverse proxy. Depending on your distro, the location of the Nginx conf or access log may be different than what's shown below. Please use these as a guide.

HTTP (non-SSL)

Create a new config here: /etc/nginx/sites-enabled/sonarr.your-domain.xyz With the following contents:

server {
    listen         80;
    server_name    sonarr.your-domain.xyz;

    location / {
        proxy_pass        http://127.0.0.1:8989;
        proxy_set_header  X-Real-IP  $remote_addr;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_redirect off;
        proxy_buffering off;
    }
    access_log /var/log/nginx/sonarr.your-domain.xyz;
}

Reload Nginx: nginx -s reload

HTTPS (with SSL certificate)

Create a new config here: /etc/nginx/sites-enabled/sonarr.your-domain.xyz With the following contents:

server {
    listen         80;
    server_name    sonarr.you-domain.xyz;
    return         301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name sonarr.you-domain.xyz;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    ssl_certificate      /path/to/your/ssl-cert;
    ssl_certificate_key  /path/to/your/ssl-key;

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;

    access_log /var/log/nginx/sonarr.you-domain.xyz.log;

    location / {
        proxy_pass        http://127.0.0.1:8989;
        proxy_set_header  X-Real-IP  $remote_addr;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_redirect off;
        proxy_buffering off;

    }
}

Reload Nginx: nginx -s reload

Windows

Variant 1: Setting the URL base in the UI

  1. Go to Settings -> General
  2. Set URL Base to desired path
  3. Save settings
  4. Restart (Restart as administrator on Windows)
  5. Donate <3

Variant 2: Editing the configuration file

  1. Open file ~/.config/NzbDrone/config.xml
  2. Add entry your/desired/path
    NB Note that UrlBase doesn't start with a slash otherwise it wont work!