Reverse Proxy for SABnzbd, CouchPotato, SickBeard using Apache


Recommended Posts

I started learning some Apache stuff specifically for running all my python servers behind a reverse proxy.  I wanted to access my servers from anywhere but didn't want to open a lot of ports. 

 

I learned a lot this from these links:

 

http://www.apachetutor.org/admin/reverseproxies

http://code.google.com/p/sickbeard/issues/detail?id=684

http://code.google.com/p/sickbeard/wiki/AdvancedSettings

http://help.couchpotatoapp.com/kb/tips/reverse-proxy

http://httpd.apache.org/docs/2.0/programs/htpasswd.html

 

First, you'll need to get Apache & its dependencies.  I've found these packages on http://pkgs.org:

 

http://slackware.cs.utah.edu/pub/slackware/slackware-13.1/patches/packages/httpd-2.2.21-i486-1_slack13.1.txz

http://slackware.cs.utah.edu/pub/slackware/slackware-13.1/patches/packages/apr-1.4.5-i486-1_slack13.1.txz

http://slackware.cs.utah.edu/pub/slackware/slackware-13.1/patches/packages/apr-util-1.3.12-i486-1_slack13.1.txz

 

Those are the newest versions I could find as of this writing.  They're listed in the Slackware patches section and that's where my Slackware experience is lacking. I'm 99% sure these are fine to use as standalone packages but the word "patch" makes me think you may need a previous version and patch it with these.  I'm currently running the following pkgs and they're working fine but I am going to upgrade (and edit this tutorial if need be).  I've provided links to these pkgs if the above don't work. 

 

ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/httpd-2.2.20-i486-1_slack13.1.txz

ftp://ftp.slackware.com/pub/slackware/slackware-13.37/slackware/l/apr-1.4.2-i486-2.txz

ftp://ftp.slackware.com/pub/slackware/slackware-13.37/slackware/l/apr-util-1.3.10-i486-1.txz

 

 

So let's break this down....

 

httpd-2.2.20-i486-1_slack13.1.txz - This is the main Apache install pkg.

apr-1.4.2-i486-2.txz - Apache pre-req pkg

apr-util-1.3.10-i486-1.txz - Apache pre-req pkg

 

I couldn't launch Apache without those apr pkgs.  Again, after some reading on the unRAID forums, I saw that they were pre-reqs.  Turns out, as far as I can tell, they enable Apache to run on different Linux/Windows distributions. 

 

Let's get started!

 

First SSH/Telnet into your unRAID box.  I use SSH.  Don't think I need to explain how to do this....

 

Download the pkg's to your /boot/packages folder

 

cd /boot/packages
wget ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/httpd-2.2.20-i486-1_slack13.1.txz
wget ftp://ftp.slackware.com/pub/slackware/slackware-13.37/slackware/l/apr-1.4.2-i486-2.txz
wget ftp://ftp.slackware.com/pub/slackware/slackware-13.37/slackware/l/apr-util-1.3.10-i486-1.txz

 

Now install them:

 

installpkg /boot/packages/httpd-2.2.20-i486-1_slack13.1.txz
installpkg /boot/packages/apr-1.4.2-i486-2.txz
installpkg /boot/packages/apr-util-1.3.10-i486-1.txz

 

Make new directories on your USB stick

 

mkdir /boot/config/etc/httpd
mkdir /boot/config/etc/htpasswd

 

Copy your existing httpd folder contents there:

 

cp -R /etc/httpd/* /boot/config/etc/httpd

 

Let's create a password file to secure the server:

 

/usr/bin/htpasswd -c /boot/config/etc/htpasswd/passwords youruserid

 

Follow the prompts to create a password for your account.  Replace youruserid with whatever you want.

 

We're doing this so that we can have a persistent config through reboots.

 

Fire up your favorite txt editor.  I use TextMate on the Mac (via Transmit/FTP) or nano from the shell.  Open up:

 

/boot/config/etc/httpd/httpd.conf

 

You're going to need to edit the following fields:

Listen 5780

 

This is the port your server will listen on.  I strongly suggest changing because the default unRAID web interface runs on the standard port of 80 and Apache won't launch.  I changed it something very non standard, port 5780.

 

 

User apacheacct
Group users

 

Apache won't run as the user Apache (unless you create that acct).  I'm running this under a user account I created - apacheacct.  I don't want to run this as root for security reasons.

 

ServerName servername.dyndns.org:5780

 

This is another setting you'll want to change.  I changed this to my dyndns acct which is the outward hostname I'm running this on.  I'd recommend getting a dyndns acct and using that.

 

Add the following Locations to your conf file under the directory section:

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

<Location /couchpotato>
    ProxyPass http://localhost:5000
    ProxyPassReverse http://localhost:5000
    AuthType Basic
    AuthName "EchoBase"
    AuthUserFile /boot/config/htpasswd/passwords
    Require user youruserid
</Location>

<Location /sabnzbd>
    ProxyPass http://localhost:2020/sabnzbd
    ProxyPassReverse http://localhost:2020/sabnzbd
    AuthType Basic
    AuthName "EchoBase"
    AuthUserFile /boot/config/htpasswd/passwords
    Require user youruserid
</Location>

<Location /sickbeard>
    ProxyPass http://localhost:8081/sickbeard
    ProxyPassReverse http://localhost:8081/sickbeard
    AuthType Basic
    AuthName "EchoBase"
    AuthUserFile /boot/config/htpasswd/passwords
    Require user youruserid
</Location>

 

AuthType - this is the basic auth we're using.  I would love to switch to SSL, and started down that road (generating certs, etc), but haven't fleshed it out yet.  I'm welcome to suggestions here if you've got experience!

 

AuthName - is the name your server presents itself with.  My server is called EchoBase so I chose to match that here. 

 

AuthUserFile - is the file we created previously with our account and password (/boot/config/etc/htpasswd/passwords)

 

You'll notice that I run SABnzbd on a non standard port.  The other two I run on the default ports.  You'll need to update the config.ini files of SickBeard and CouchPotato to reflect the new directories.

 

In SickBeard's config.ini, add/change this setting in your favorite txt editor:

 

web_root = /sickbeard

 

In CouchPotato's config.ini, add/change this setting in your favorite txt editor:

 

urlbase = /couchpotato

 

You will need to restart CouchPotato and Sickbeard to use these new config settings.

 

Add those commands to your GO script.  This is how my GO file looks.

 

installpkg /boot/packages/httpd-2.2.20-i486-1_slack13.1.txz
installpkg /boot/packages/apr-1.4.2-i486-2.txz
installpkg /boot/packages/apr-util-1.3.10-i486-1.txz
rm -R /etc/httpd
ln -s /boot/config/etc/httpd /etc/httpd
apachectl start

 

You'll notice that I'm removing the default /etc/httpd folder created by the pkg and symlinking to our persistent config. 

 

apachectl start

 

starts your server.  You can play around with the httpd.conf file and restart Apache very easily:

 

apachectl graceful

 

Again, this is a work in progress.  I'm no expert in Linux and I welcome any suggestions to this tutorial.  Figured some people might benefit from this!

Link to comment
  • 7 months later...
  • 1 month later...

Excellent, this post popped out in google and is exactly what I as after.

 

minor alteration required:

wget ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/httpd-2.2.22-i486-1_slack13.1.txz

wget ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/apr-1.4.5-i486-1_slack13.1.txz

wget ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/apr-util-1.4.1-i486-1_slack13.1.txz

 

In go:

installpkg /boot/packages/httpd-2.2.22-i486-1_slack13.1.txz

installpkg /boot/packages/apr-1.4.5-i486-1_slack13.1.txz

installpkg /boot/packages/apr-util-1.4.1-i486-1_slack13.1.txz

rm -R /etc/httpd

ln -s /boot/config/etc/httpd /etc/httpd

apachectl start

 

And for apache instead of locations I used:

ProxyPass /sabnzbd http://localhost:8081

ProxyPassReverse /sabnzbd http://localhost:8081

ProxyPass /couchpotato http://localhost:8082/couchpotato

ProxyPassReverse /couchpotato http://localhost:8082/couchpotato

ProxyPass /sickbeard http://localhost:8083/sickbeard

ProxyPassReverse /sickbeard http://localhost:8083/sickbeard

Link to comment
  • 2 months later...

Thanks you guys for this post, everything is working great. One question I did have is that everything automatically redirects to 5780 but I have it set up from the outside to forward port 80 to unraids port 5780. I'd prefer it never to rewrite the url to include 5780.

 

What it's doing now. eg: myhome.com/sickbeard ---> myhome.com:5780/sickbeard

 

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.