mirrors/qBittorrent
1
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent.git synced 2024-11-21 16:55:46 +03:00
Code Issues Projects Releases Packages Wiki Activity
Page: Linux WebUI HTTPS with Let's Encrypt & Caddy2 reverse proxy
Pages
Alternate WebUI usage Anonymous Mode Compilation Alpine Linux Compilation CentOS 7.x Compilation CentOS 8.x Compilation Debian, Ubuntu, and derivatives Compilation Debian and Ubuntu Compilation FreeBSD (no GUI) Compilation Fully static binaries on Linux (glibc or musl) Compilation MSVC 10.0 (dynamic linkage) Compilation MSVC 2010 (x86_64) (dynamic linkage) Compilation MSVC 2013 (static linkage) Compilation MSVC 2013 (x86_64) (dynamic linkage) Compilation Raspberry Pi OS and DietPi Compilation Raspbian for LeMaker Banana Pro Compilation Windows (MSVC 2019, 64 bit, static linkage) Compilation macOS (x86_64, arm64, cross compilation) Compilation macOS Compilation with CMake common information Create custom themes for qBittorrent Developing alternate WebUIs (WIP) Disable connections not supported by proxies External programs How to External programs savecategory Home How to Disable DHT, PeX, and LPD How to bind your vpn to prevent ip leaks How to convert base32 to base16 info hashes How to debug the WebUI code How to diagnose IO error, BSOD, crash (Windows) How to diagnose IO errors How to diagnostic IO error, BSOD, crash [GNU Linux, BSD, etc.] How to disable auto seed How to translate qBittorrent How to use MaxMind's GeoIP database How to use custom UI themes How to use portable mode How to use qBittorrent as a tracker I forgot my UI lock password IIS ARR Reverse Proxy Installing qBittorrent Linux WebUI HTTPS with Let's Encrypt & Caddy2 reverse proxy Linux WebUI HTTPS with Let's Encrypt certificates and NGINX SSL reverse proxy Linux WebUI setting up HTTPS with Let's Encrypt certificates Linux WebUI setting up HTTPS with self signed SSL certificates List of known alternate WebUIs List of known qBittorrent themes List of unofficial WebAPI clients NGINX Reverse Proxy for Web UI Obsolete compilation guides OpenVPN and qBittorrent without X server Running qBittorrent without X server (WebUI only) Running qBittorrent without X server (WebUI only, systemd service set up, Ubuntu 15.04 or newer) Setup GDB with Qt pretty printers Status of Missing files at start up or after restart Things we need to know to help you with 'speed' issues Traefik Reverse Proxy for Web UI Unofficial search plugins Using VSCode for qBittorrent development Web UI password locked on qBittorrent NO X (qbittorrent nox) WebUI API (qBittorrent 4.1) WebUI API (qBittorrent v3.1.x) WebUI API (qBittorrent v3.2.0 v4.0.4) What is a bug qBittorrent is not downloading or uploading Is it slow
0 Linux WebUI HTTPS with Let's Encrypt & Caddy2 reverse proxy
Chocobo1 edited this page 2024-05-01 17:13:13 +08:00
Table of Contents

Introduction

A very straightforward & easy way to add HTTPS to your FQDN pointing to qbittorrent. This guide assumes you have a working qbitorrent setup as well as:

  • you know how to and can forward ports on your router, to forward ports 80 and 443.
  • you have setup a FQDN pointing to the IP you are running the Web UI from.

The overall architecture of the system will be:

                                 ________________________________________________
Outside world (insecure)         |   Your machine (secure)                      |
You <-------HTTPS (secure)-------|->  Caddy2 <----HTTP-----> qbittorrent WebUI  |
                                 |                                              |
                                 ------------------------------------------------

Install Caddy2

On arch based distros that's as easy as

yay -S caddy2

Setup

Activate WebUI in qbittorrent

  1. Access your WebUI, and go to Tools -> Options -> WebUI
  2. Make note of the port specified, leave your IP set to *
  3. Deselect "Use UPnP / NAT-PMP to forward the port from my router."
  4. Deselect "Use HTTPS instead of HTTP."
  5. Enable clickjacking protection
  6. Enable CSRF protection
  7. Enable host header validaion. Confirm "*; example.domain" is in the "server domains" text box.

Caddy2 Config

Create a Caddyfile as a config. Assuming a standard HTTPS & reverse proxy setup, your Caddyfile can be as basic as

{
    email example@email.com
}

example.domain {
    reverse_proxy IP:port
}

Run Caddy

Forward ports 80 and 443 in your router. Allow ports 80 and 443 through your system firewall if you have one. Run one of the following commands

sudo caddy run -config /path/to/Caddyfile

or

sudo caddy start -config /path/to/Caddyfile

The difference between the two is minimal. run starts the Caddy process and blocks indefinitely while start starts the Caddy process in the background and then returns. You can also run caddy as a systemd service.

Test

Open up your favorite browser and enter your FQDN into the URL bar. You should see the qbittorrent Web UI and the indication that your connection is over HTTPS.

General

Troubleshooting

External programs

Search plugins

Themes

Translation

WebUI

WebUI API

State Version
Current qBittorrent ≥ v4.1
Previous qBittorrent v3.2.0 - v4.0.x
Obsolete qBittorrent < v3.2.0

WebAPI clients

Alternate WebUI

Reverse proxy setup for WebUI access

WebUI HTTPS configuration

Linux

Development

Compilation

Common information for CMake

*BSD, Linux

macOS

Windows

Obsolete compilation guides

Go back to home