DZMM Posted May 10, 2017 Share Posted May 10, 2017 thx! Will give that a go at the weekend Quote Link to comment
a_n_d_y Posted May 11, 2017 Share Posted May 11, 2017 I was having some minor issues with Sonarr and Radarr with the web server authentication. I changed it to cookie authentication and now they're working so far without issue. # redirect traffic to https://[domain.com] server { server_name [domain.com] www.[domain.com]; listen 80 ipv6only=off; return 301 https://[domain.com]$request_uri; } # redirect traffic to https://[domain.com] server { server_name www.[domain.com]; listen 443 ipv6only=off; return 301 https://[domain.com]$request_uri; } # main server block server { server_name [domain.com]; listen 443 ssl ipv6only=off; # SSL certificates and keys ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; # SSL settings add_header Strict-Transport-Security "max-age=31536000; includeSubdomains"; ssl on; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; proxy_buffering off; # Custom error pages error_page 400 401 402 403 404 502 /error.php?error=$status; # Organizr location / { proxy_pass http://192.168.1.3:82; include /config/nginx/proxy.conf; } # Handbrake location ^~ /handbrake/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8083/guacamole/; } location ^~ /handbrake/websocket-tunnel { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8083/guacamole/websocket-tunnel; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # MakeMKV location ^~ /makemkv/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8081/guacamole/; } location ^~ /makemkv/websocket-tunnel { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8081/guacamole/websocket-tunnel; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # MKVToolNix location ^~ /mkvtoolnix/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8082/guacamole/; } location ^~ /mkvtoolnix/websocket-tunnel { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8082/guacamole/websocket-tunnel; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # Plex location ^~ /web { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:32400/web; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # PlexPy location ^~ /plexpy/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8181; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # Radarr location ^~ /radarr { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:7878; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # Sonarr location ^~ /sonarr { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8989; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # Transmission location ^~ /transmission/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:9091/transmission/web/; add_header X-Frame-Options "SAMEORIGIN"; proxy_pass_header X-Transmission-Session-Id; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location ^~ /rpc { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:9091/transmission/rpc; } } 1 Quote Link to comment
dee31797 Posted May 14, 2017 Share Posted May 14, 2017 (edited) I got the notification bar at the top in organizr saying there was an update but Unraid docker check for updates didn't find one. I enabled auto update in the organizr settings and now the webui doesn't work. My own fault, has anyone else see this error? Fatal error: Uncaught PDOException: SQLSTATE[HY000]: General error: 1 no such column: order in /config/www/Dashboard/index.php:139 Stack trace: #0 /config/www/Dashboard/index.php(139): PDO->query('SELECT * FROM t...') #1 {main} thrown in /config/www/Dashboard/index.php on line 139 Edited May 14, 2017 by dee31797 Quote Link to comment
GilbN Posted May 18, 2017 Share Posted May 18, 2017 I noticed that something was constantly writing to my cache and see in the Resource monitor tab that organizr has "downloaded" 1,8GB of data? Has anyone else had this issue? Quote Link to comment
sparklyballs Posted May 18, 2017 Share Posted May 18, 2017 34 minutes ago, GilbN said: I noticed that something was constantly writing to my cache and see in the Resource monitor tab that organizr has "downloaded" 1,8GB of data? Has anyone else had this issue? 1.808MB is not 1.8GB 1 Quote Link to comment
kri kri Posted June 9, 2017 Share Posted June 9, 2017 Anyone got the unraid webui to work in this? I assume not since it sounds like a security thing but just checking. Quote Link to comment
GilbN Posted June 9, 2017 Share Posted June 9, 2017 Use a VPN instead. Spaceinvader one has made a video about openvpn. Quote Link to comment
GilbN Posted June 17, 2017 Share Posted June 17, 2017 (edited) Has anyone gotten the chat function to work? It says it needs SQLITE3.. Edited June 17, 2017 by GilbN Quote Link to comment
GilbN Posted July 11, 2017 Share Posted July 11, 2017 On 5/11/2017 at 5:53 PM, a_n_d_y said: I was having some minor issues with Sonarr and Radarr with the web server authentication. I changed it to cookie authentication and now they're working so far without issue. # redirect traffic to https://[domain.com] server { server_name [domain.com] www.[domain.com]; listen 80 ipv6only=off; return 301 https://[domain.com]$request_uri; } # redirect traffic to https://[domain.com] server { server_name www.[domain.com]; listen 443 ipv6only=off; return 301 https://[domain.com]$request_uri; } # main server block server { server_name [domain.com]; listen 443 ssl ipv6only=off; # SSL certificates and keys ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; # SSL settings add_header Strict-Transport-Security "max-age=31536000; includeSubdomains"; ssl on; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; proxy_buffering off; # Custom error pages error_page 400 401 402 403 404 502 /error.php?error=$status; # Organizr location / { proxy_pass http://192.168.1.3:82; include /config/nginx/proxy.conf; } # Handbrake location ^~ /handbrake/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8083/guacamole/; } location ^~ /handbrake/websocket-tunnel { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8083/guacamole/websocket-tunnel; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # MakeMKV location ^~ /makemkv/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8081/guacamole/; } location ^~ /makemkv/websocket-tunnel { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8081/guacamole/websocket-tunnel; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # MKVToolNix location ^~ /mkvtoolnix/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8082/guacamole/; } location ^~ /mkvtoolnix/websocket-tunnel { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8082/guacamole/websocket-tunnel; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # Plex location ^~ /web { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:32400/web; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # PlexPy location ^~ /plexpy/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8181; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # Radarr location ^~ /radarr { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:7878; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # Sonarr location ^~ /sonarr { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:8989; add_header X-Frame-Options "SAMEORIGIN"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # Transmission location ^~ /transmission/ { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:9091/transmission/web/; add_header X-Frame-Options "SAMEORIGIN"; proxy_pass_header X-Transmission-Session-Id; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location ^~ /rpc { if ($cookie_cookiePassword != "[cookiePassword]") { return 403; } proxy_pass http://192.168.1.3:9091/transmission/rpc; } } Did you ever get auth to work? I think I'm having the same isseue. I'm getting 500 Internal Server Error when I try to log in. Quote Link to comment
a_n_d_y Posted July 12, 2017 Share Posted July 12, 2017 (edited) Yes and no. I ran into problems with Sonarr and Radarr specifically. I can't remember exactly what the problem was, but I think it was permission denied errors when clicking on certain areas of those apps... might've been error 500 though. I changed to the cookie based authentication method instead. I believe the only thing you can't do is restrict a specific user to certain tabs. Works well otherwise in my use case. Edited July 12, 2017 by a_n_d_y Quote Link to comment
GilbN Posted July 14, 2017 Share Posted July 14, 2017 Yeah, I got sonarr and radarr to "work" with auth. Could log in, and browse around. But when trying to add movies/series it would fail. Also trying to test indexer connection or download client connection it would alwasy fail. So I also went with cookie auth, works well enough. Quote Link to comment
a_n_d_y Posted July 14, 2017 Share Posted July 14, 2017 7 hours ago, GilbN said: Yeah, I got sonarr and radarr to "work" with auth. Could log in, and browse around. But when trying to add movies/series it would fail. Also trying to test indexer connection or download client connection it would alwasy fail. So I also went with cookie auth, works well enough. Ah yes, thats the error I was getting using server authentication before. Quote Link to comment
Fredrick Posted August 5, 2017 Share Posted August 5, 2017 On 18/04/2017 at 4:20 PM, skyline7349 said: Did anyone get this working with unraid dashboard? it wont load it because of the X-Frame-Options being set to sameorigin? Did you solve this? Quote Link to comment
GilbN Posted August 5, 2017 Share Posted August 5, 2017 1 hour ago, Fredrick said: Did you solve this? You want to expose your unraid GUI to the net? Not really safe. Use a vpn instead. Quote Link to comment
Fredrick Posted August 5, 2017 Share Posted August 5, 2017 4 hours ago, GilbN said: You want to expose your unraid GUI to the net? Not really safe. Use a vpn instead. Not from the net, no. Was to gather all dockers/local services in Organizr, not exposed to the world (i.e. Organizr not accessible outside LAN) On 18/05/2017 at 8:57 PM, GilbN said: I noticed that something was constantly writing to my cache and see in the Resource monitor tab that organizr has "downloaded" 1,8GB of data? Has anyone else had this issue? Where can I find this screen? Is it made by a plugin? Quote Link to comment
GilbN Posted August 5, 2017 Share Posted August 5, 2017 6 minutes ago, Fredrick said: Not from the net, no. Was to gather all dockers/local services in Organizr, not exposed to the world (i.e. Organizr not accessible outside LAN) Where can I find this screen? Is it made by a plugin? Cant find it now. It was in the apps tab Quote Link to comment
Squid Posted August 5, 2017 Share Posted August 5, 2017 2 minutes ago, GilbN said: Cant find it now. It was in the apps tab It's been removed for various reason from the apps tab. Better alternatives would be cAdvisor app / Netdata app / ca.resource.monitor (a front end to cAdvisor) 1 Quote Link to comment
Fredrick Posted August 5, 2017 Share Posted August 5, 2017 Thanks, I've got cAdvisor and the ca.resource.monitor, but that just seemed like a cleaner UI Quote Link to comment
GilbN Posted August 13, 2017 Share Posted August 13, 2017 (edited) With this, server based auth works! @a_n_d_y location /auth-admin { internal; proxy_pass http://local-Organizr-IP:PORT/auth.php?admin; proxy_set_header Content-Length ""; } location /auth-user { internal; proxy_pass http://local-Organizr-IP:PORT/auth.php?user; proxy_set_header Content-Length ""; } Looks like this only works with sub directory Edited August 31, 2017 by GilbN Quote Link to comment
Dark_Gypsy Posted August 31, 2017 Share Posted August 31, 2017 I have this running with letsencrypt reverse proxy. It works great, however, now that I have this setup my NZB360 mobile app no longer works to connect to sab, sonarr, radarr, and headphones when i have the server based auth turned on for each service in organizr. Has anyone else with this combination of organizr and NZB360 app gotten it to work with the auth? I tried to pass through the auth credentials in NZB360 but it still would not connect. Quote Link to comment
GilbN Posted August 31, 2017 Share Posted August 31, 2017 7 minutes ago, Dark_Gypsy said: I have this running with letsencrypt reverse proxy. It works great, however, now that I have this setup my NZB360 mobile app no longer works to connect to sab, sonarr, radarr, and headphones when i have the server based auth turned on for each service in organizr. Has anyone else with this combination of organizr and NZB360 app gotten it to work with the auth? I tried to pass through the auth credentials in NZB360 but it still would not connect. I use openvpn and local ip:port. Not the best solution but works for me Quote Link to comment
Dark_Gypsy Posted August 31, 2017 Share Posted August 31, 2017 3 minutes ago, GilbN said: I use openvpn and local ip:port. Not the best solution but works for me Hmmm.... I suppose I could try that. Not optimal, but definitely would keep things locked down. Thanks for the suggestion. Quote Link to comment
Dark_Gypsy Posted August 31, 2017 Share Posted August 31, 2017 Has anyone gotten headphones to work with this using reverse proxy? I have it running on a subdomain, not a subdirectory as I couldn't get it to display properly trying to run it as a subdirectory. It resolves and displays fine in the browser so it is working. So it is like https://headphones.something.com . In organizr, i put that in for the homepage settings without a port number. In the tab settings, it requires you to put in a home page or directory, so i put /home as that also resolves in the browser. After saving and clicking headphones icon I just get 404 not found. Quote Link to comment
GilbN Posted August 31, 2017 Share Posted August 31, 2017 7 minutes ago, Dark_Gypsy said: Has anyone gotten headphones to work with this using reverse proxy? I have it running on a subdomain, not a subdirectory as I couldn't get it to display properly trying to run it as a subdirectory. It resolves and displays fine in the browser so it is working. So it is like https://headphones.something.com . In organizr, i put that in for the homepage settings without a port number. In the tab settings, it requires you to put in a home page or directory, so i put /home as that also resolves in the browser. After saving and clicking headphones icon I just get 404 not found. In homepage settings you should use local-IP:port and API key. Or is headphones not on the same lan as Organizr? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.