mirror of
https://github.com/qbittorrent/qBittorrent.git
synced 2024-10-22 02:36:15 +03:00
Created Linux-WebUI-HTTPS-with-Let's-Encrypt-&-Caddy2-reverse-proxy.md (markdown)
parent
b0a5b8a6dc
commit
14a8e683a6
1 changed files with 61 additions and 0 deletions
|
@ -0,0 +1,61 @@
|
||||||
|
# Introduction
|
||||||
|
A very straightforward & easy way to add HTTPS to your FQDN pointing to qbittorrent.
|
||||||
|
This guide assumes you have a working qbitorrent setup as well as:
|
||||||
|
* you know how to and can forward ports on your router, to forward ports 80 and 443.
|
||||||
|
* you have setup a FQDN pointing to the IP you are running the Web UI from.
|
||||||
|
|
||||||
|
The overall architecture of the system will be:
|
||||||
|
```
|
||||||
|
________________________________________________
|
||||||
|
Outside world (insecure) | Your machine (secure) |
|
||||||
|
You <-------HTTPS (secure)-------|-> Caddy2 <----HTTP-----> qbittorrent WebUI |
|
||||||
|
| |
|
||||||
|
------------------------------------------------
|
||||||
|
```
|
||||||
|
|
||||||
|
## Install Caddy2
|
||||||
|
On arch based distros that's as easy as
|
||||||
|
```
|
||||||
|
yay -S caddy2
|
||||||
|
```
|
||||||
|
|
||||||
|
# Setup
|
||||||
|
## Activate WebUI in qbittorrent
|
||||||
|
1. Access your WebUI, and go to Tools -> Options -> WebUI
|
||||||
|
2. Make note of the port specified, leave your IP set to *
|
||||||
|
3. Deselect "Use UPnP / NAT-PMP to forward the port from my router."
|
||||||
|
4. Deselect "Use HTTPS instead of HTTP."
|
||||||
|
5. Enable clickjacking protection
|
||||||
|
6. Enable CSRF protection
|
||||||
|
7. Enable host header validaion. Confirm "*; example.domain" is in the "server domains" text box.
|
||||||
|
|
||||||
|
## Caddy2 Config
|
||||||
|
Create a Caddyfile as a config. Assuming a standard HTTPS & reverse proxy setup, your Caddyfile can be as basic as
|
||||||
|
```
|
||||||
|
{
|
||||||
|
email example@email.com
|
||||||
|
}
|
||||||
|
|
||||||
|
example.domain {
|
||||||
|
reverse_proxy IP:port
|
||||||
|
}
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
## Run Caddy
|
||||||
|
Forward ports 80 and 443 in your router.
|
||||||
|
Allow ports 80 and 443 through your system firewall if you have one.
|
||||||
|
Run one of the following commands
|
||||||
|
```
|
||||||
|
sudo caddy run -config /path/to/Caddyfile
|
||||||
|
```
|
||||||
|
or
|
||||||
|
```
|
||||||
|
sudo caddy start -config /path/to/Caddyfile
|
||||||
|
```
|
||||||
|
The difference between the two is minimal.
|
||||||
|
run starts the Caddy process and blocks indefinitely while start starts the Caddy process in the background and then returns.
|
||||||
|
You can also run caddy as a systemd service.
|
||||||
|
|
||||||
|
# Test
|
||||||
|
Open up your favorite browser and enter your FQDN into the URL bar. You should see the qbittorrent Web UI and the indication that your connection is over HTTPS.
|
Loading…
Reference in a new issue