[Support] Linuxserver.io - Organizr


Recommended Posts

I was having some minor issues with Sonarr and Radarr with the web server authentication.  I changed it to cookie authentication and now they're working so far without issue.

 

# redirect traffic to https://[domain.com]
server {
	server_name [domain.com] www.[domain.com];
	
	listen 80 ipv6only=off;
    return 301 https://[domain.com]$request_uri;
}

# redirect traffic to https://[domain.com]
server {
	server_name www.[domain.com];
	
	listen 443 ipv6only=off;
    return 301 https://[domain.com]$request_uri;
}

# main server block
server {
	server_name [domain.com];
	
	listen 443 ssl ipv6only=off;
	
	# SSL certificates and keys
	ssl_certificate /config/keys/letsencrypt/fullchain.pem;
	ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
	ssl_dhparam /config/nginx/dhparams.pem;
	
	# SSL settings
	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
	ssl on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
	ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;

    proxy_buffering off;
	
	# Custom error pages
	error_page 400 401 402 403 404 502 /error.php?error=$status;
	
	# Organizr
	location / {
		proxy_pass http://192.168.1.3:82;
		include /config/nginx/proxy.conf;
	}
	
	# Handbrake
	location ^~ /handbrake/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:8083/guacamole/;
	}

	location ^~ /handbrake/websocket-tunnel {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
  		proxy_pass http://192.168.1.3:8083/guacamole/websocket-tunnel;
 		proxy_http_version 1.1;
	   	proxy_set_header Upgrade $http_upgrade;
	   	proxy_set_header Connection "upgrade";
   		add_header X-Frame-Options "SAMEORIGIN";
	   	proxy_set_header Host $host;
	  	proxy_set_header X-Real-IP $remote_addr;
	 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# MakeMKV
	location ^~ /makemkv/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:8081/guacamole/;
	}

	location ^~ /makemkv/websocket-tunnel {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
  		proxy_pass http://192.168.1.3:8081/guacamole/websocket-tunnel;
 		proxy_http_version 1.1;
	   	proxy_set_header Upgrade $http_upgrade;
	   	proxy_set_header Connection "upgrade";
   		add_header X-Frame-Options "SAMEORIGIN";
	   	proxy_set_header Host $host;
	  	proxy_set_header X-Real-IP $remote_addr;
	 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# MKVToolNix
	location ^~ /mkvtoolnix/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:8082/guacamole/;
	}

	location ^~ /mkvtoolnix/websocket-tunnel {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
  		proxy_pass http://192.168.1.3:8082/guacamole/websocket-tunnel;
 		proxy_http_version 1.1;
	   	proxy_set_header Upgrade $http_upgrade;
	   	proxy_set_header Connection "upgrade";
   		add_header X-Frame-Options "SAMEORIGIN";
	   	proxy_set_header Host $host;
	  	proxy_set_header X-Real-IP $remote_addr;
	 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# Plex
	location ^~ /web {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:32400/web;
    	add_header X-Frame-Options "SAMEORIGIN";
    	proxy_set_header Host $host;
    	proxy_set_header X-Real-IP $remote_addr;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# PlexPy
	location ^~ /plexpy/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:8181;
		add_header X-Frame-Options "SAMEORIGIN";
    	proxy_set_header Host $host;
    	proxy_set_header X-Real-IP $remote_addr;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# Radarr
	location ^~ /radarr {
    	if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
    	proxy_pass http://192.168.1.3:7878;
    	add_header X-Frame-Options "SAMEORIGIN";
    	proxy_set_header Host $host;
    	proxy_set_header X-Real-IP $remote_addr;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# Sonarr
	location ^~ /sonarr {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
    	proxy_pass http://192.168.1.3:8989;
    	add_header X-Frame-Options "SAMEORIGIN";
    	proxy_set_header Host $host;
    	proxy_set_header X-Real-IP $remote_addr;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# Transmission
	location ^~ /transmission/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
    	proxy_pass http://192.168.1.3:9091/transmission/web/;
    	add_header X-Frame-Options "SAMEORIGIN";
    	proxy_pass_header X-Transmission-Session-Id;
    	proxy_set_header X-Forwarded-Host $host;
    	proxy_set_header X-Forwarded-Server $host;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}

	location ^~ /rpc {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
    	proxy_pass http://192.168.1.3:9091/transmission/rpc;
	}
}

 

  • Upvote 1
Link to comment

I got the notification bar at the top in organizr saying there was an update but Unraid docker check for updates didn't find one.  I enabled auto update in the organizr settings and now the webui doesn't work.  My own fault, has anyone else see this error?

 

Fatal error: Uncaught PDOException: SQLSTATE[HY000]: General error: 1 no such column: order in /config/www/Dashboard/index.php:139 Stack trace: #0 /config/www/Dashboard/index.php(139): PDO->query('SELECT * FROM t...') #1 {main} thrown in /config/www/Dashboard/index.php on line 139

Edited by dee31797
Link to comment
  • 3 weeks later...
  • 4 weeks later...
On 5/11/2017 at 5:53 PM, a_n_d_y said:

I was having some minor issues with Sonarr and Radarr with the web server authentication.  I changed it to cookie authentication and now they're working so far without issue.

 


# redirect traffic to https://[domain.com]
server {
	server_name [domain.com] www.[domain.com];
	
	listen 80 ipv6only=off;
    return 301 https://[domain.com]$request_uri;
}

# redirect traffic to https://[domain.com]
server {
	server_name www.[domain.com];
	
	listen 443 ipv6only=off;
    return 301 https://[domain.com]$request_uri;
}

# main server block
server {
	server_name [domain.com];
	
	listen 443 ssl ipv6only=off;
	
	# SSL certificates and keys
	ssl_certificate /config/keys/letsencrypt/fullchain.pem;
	ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
	ssl_dhparam /config/nginx/dhparams.pem;
	
	# SSL settings
	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
	ssl on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
	ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;

    proxy_buffering off;
	
	# Custom error pages
	error_page 400 401 402 403 404 502 /error.php?error=$status;
	
	# Organizr
	location / {
		proxy_pass http://192.168.1.3:82;
		include /config/nginx/proxy.conf;
	}
	
	# Handbrake
	location ^~ /handbrake/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:8083/guacamole/;
	}

	location ^~ /handbrake/websocket-tunnel {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
  		proxy_pass http://192.168.1.3:8083/guacamole/websocket-tunnel;
 		proxy_http_version 1.1;
	   	proxy_set_header Upgrade $http_upgrade;
	   	proxy_set_header Connection "upgrade";
   		add_header X-Frame-Options "SAMEORIGIN";
	   	proxy_set_header Host $host;
	  	proxy_set_header X-Real-IP $remote_addr;
	 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# MakeMKV
	location ^~ /makemkv/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:8081/guacamole/;
	}

	location ^~ /makemkv/websocket-tunnel {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
  		proxy_pass http://192.168.1.3:8081/guacamole/websocket-tunnel;
 		proxy_http_version 1.1;
	   	proxy_set_header Upgrade $http_upgrade;
	   	proxy_set_header Connection "upgrade";
   		add_header X-Frame-Options "SAMEORIGIN";
	   	proxy_set_header Host $host;
	  	proxy_set_header X-Real-IP $remote_addr;
	 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# MKVToolNix
	location ^~ /mkvtoolnix/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:8082/guacamole/;
	}

	location ^~ /mkvtoolnix/websocket-tunnel {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
  		proxy_pass http://192.168.1.3:8082/guacamole/websocket-tunnel;
 		proxy_http_version 1.1;
	   	proxy_set_header Upgrade $http_upgrade;
	   	proxy_set_header Connection "upgrade";
   		add_header X-Frame-Options "SAMEORIGIN";
	   	proxy_set_header Host $host;
	  	proxy_set_header X-Real-IP $remote_addr;
	 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# Plex
	location ^~ /web {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:32400/web;
    	add_header X-Frame-Options "SAMEORIGIN";
    	proxy_set_header Host $host;
    	proxy_set_header X-Real-IP $remote_addr;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# PlexPy
	location ^~ /plexpy/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
		proxy_pass http://192.168.1.3:8181;
		add_header X-Frame-Options "SAMEORIGIN";
    	proxy_set_header Host $host;
    	proxy_set_header X-Real-IP $remote_addr;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# Radarr
	location ^~ /radarr {
    	if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
    	proxy_pass http://192.168.1.3:7878;
    	add_header X-Frame-Options "SAMEORIGIN";
    	proxy_set_header Host $host;
    	proxy_set_header X-Real-IP $remote_addr;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# Sonarr
	location ^~ /sonarr {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
    	proxy_pass http://192.168.1.3:8989;
    	add_header X-Frame-Options "SAMEORIGIN";
    	proxy_set_header Host $host;
    	proxy_set_header X-Real-IP $remote_addr;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	
	# Transmission
	location ^~ /transmission/ {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
    	proxy_pass http://192.168.1.3:9091/transmission/web/;
    	add_header X-Frame-Options "SAMEORIGIN";
    	proxy_pass_header X-Transmission-Session-Id;
    	proxy_set_header X-Forwarded-Host $host;
    	proxy_set_header X-Forwarded-Server $host;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}

	location ^~ /rpc {
		if ($cookie_cookiePassword != "[cookiePassword]") { return 403; }
    	proxy_pass http://192.168.1.3:9091/transmission/rpc;
	}
}

 

Did you ever get auth to work? I think I'm having the same isseue.  I'm getting 500 Internal Server Error when I try to log in.

Link to comment

Yes and no.

 

I ran into problems with Sonarr and Radarr specifically.  I can't remember exactly what the problem was, but I think it was permission denied errors when clicking on certain areas of those apps... might've been error 500 though.

 

I changed to the cookie based authentication method instead.

 

I believe the only thing you can't do is restrict a specific user to certain tabs.  Works well otherwise in my use case.

 

 

Edited by a_n_d_y
Link to comment

Yeah, I got sonarr and radarr to "work" with auth. Could log in, and browse around. But when trying to add movies/series it would fail. Also trying to test indexer connection or download client connection it would alwasy fail. So I also went with cookie auth, works well enough. 

Link to comment
7 hours ago, GilbN said:

Yeah, I got sonarr and radarr to "work" with auth. Could log in, and browse around. But when trying to add movies/series it would fail. Also trying to test indexer connection or download client connection it would alwasy fail. So I also went with cookie auth, works well enough. 

 

Ah yes, thats the error I was getting using server authentication before.

Link to comment
  • 3 weeks later...
4 hours ago, GilbN said:

You want to expose your unraid GUI to the net? Not really safe. Use a vpn instead. 

Not from the net, no. Was to gather all dockers/local services in Organizr, :) not exposed to the world (i.e. Organizr not accessible outside LAN)

 

 

On 18/05/2017 at 8:57 PM, GilbN said:

I noticed that something was constantly writing to my cache and see in the Resource monitor tab that organizr has "downloaded" 1,8GB of data?

Has anyone else had this issue?

 

 

hgfdfghd.png

Where can I find this screen? Is it made by a plugin?

Link to comment
6 minutes ago, Fredrick said:

Not from the net, no. Was to gather all dockers/local services in Organizr, :) not exposed to the world (i.e. Organizr not accessible outside LAN)

 

 

Where can I find this screen? Is it made by a plugin?

Cant find it now. It was in the apps tab

Link to comment

With this, server based auth works! 

@a_n_d_y

    location /auth-admin {
            internal;
            proxy_pass http://local-Organizr-IP:PORT/auth.php?admin;
            proxy_set_header Content-Length "";
        }

        location /auth-user {
            internal;
            proxy_pass http://local-Organizr-IP:PORT/auth.php?user;
            proxy_set_header Content-Length "";
        }

Looks like this only works with sub directory

Edited by GilbN
Link to comment
  • 3 weeks later...

I have this running with letsencrypt reverse proxy. It works great, however, now that I have this setup my NZB360 mobile app no longer works to connect to sab, sonarr, radarr, and headphones when i have the server based auth turned on for each service in organizr. Has anyone else with this combination of organizr and NZB360 app gotten it to work with the auth?

 

I tried to pass through the auth credentials in NZB360 but it still would not connect.

Link to comment
7 minutes ago, Dark_Gypsy said:

I have this running with letsencrypt reverse proxy. It works great, however, now that I have this setup my NZB360 mobile app no longer works to connect to sab, sonarr, radarr, and headphones when i have the server based auth turned on for each service in organizr. Has anyone else with this combination of organizr and NZB360 app gotten it to work with the auth?

 

I tried to pass through the auth credentials in NZB360 but it still would not connect.

I use openvpn and local ip:port. Not the best solution but works for me

Link to comment

Has anyone gotten headphones to work with this using reverse proxy? I have it running on a subdomain, not a subdirectory as I couldn't get it to display properly trying to run it as a subdirectory. It resolves and displays fine in the browser so it is working.

 

So it is like https://headphones.something.com . In organizr, i put that in for the homepage settings without a port number. In the tab settings, it requires you to put in a home page or directory, so i put /home as that also resolves in the browser. After saving and clicking headphones icon I just get 404 not found.

Link to comment
7 minutes ago, Dark_Gypsy said:

Has anyone gotten headphones to work with this using reverse proxy? I have it running on a subdomain, not a subdirectory as I couldn't get it to display properly trying to run it as a subdirectory. It resolves and displays fine in the browser so it is working.

 

So it is like https://headphones.something.com . In organizr, i put that in for the homepage settings without a port number. In the tab settings, it requires you to put in a home page or directory, so i put /home as that also resolves in the browser. After saving and clicking headphones icon I just get 404 not found.

 

In homepage settings you should use local-IP:port and API key.  Or is headphones not on  the same lan as Organizr?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.