How to Setup a Reverse Proxy in OMV with Let’s Encrypt SSL for Sabnzbd, Radarr, Sonarr and Transmission

In this chapter I will show you how you can setup a reverse proxy in Nginx for Sonarr and/or Radarr using the Let’s Encrypt SSL-certificates you’ve generated in the first chapter of this giant how-to for OpenMediaVault (OMV). Let’s begin.

How to Setup a Reverse Proxy with SSL (HTTPS) for Sonarr and/or Radarr

Setting up an SSL-secured Reverse Proxy for Sonarr/Radarr is much easier, compared to e.g. SABnzbd or Plex. Sonarr and Radarr have all the tools included to map it to a sub-directory, which will allow it to use the same Let’s Encrypt SSL-certificate you’ve generated on the first page of this tutorial. It’s built in such a way, that there’s need to provide custom certificates.

Configuring Let’s Encrypt SSL in Sonarr/Radarr

Because Sonarr and Radarr are basically the same software, I’ll use Sonarr in my example, but the steps should be exactly the same in Radarr. If this changes in a later release, I’ll update this how-to.

Configuring Sonarr to use Let's Encrypt SSL (HTTPS)

Configuring Sonarr/Radarr to use Let’s Encrypt SSL (HTTPS)

  1. In Sonarr/Radarr, go to Settings > General and click on the toggle next to ‘Advanced Settings‘ so it says ‘Shown‘.
  2. If you haven’t already, change the ‘URL Base‘ to ‘/sonarr‘.
  3. Toggle ‘Enable SSL‘ to ‘Yes‘.
  4. The default ‘SSL Port Number‘ isn’t relevant as Sonarr/Radarr will be listening on both ports.
  5. Click ‘Save‘.

That’s it. Sonarr will now prefix every request to both ports with the provided Base-URL so we can make it work with a Reverse Proxy.

How to Set Up a Nginx Reverse Proxy for Sonarr and/or Radarr

If you’ve followed the steps on the previous page, this part will be easy. For the sake of full disclosure, I will assume you didn’t. If you did, you can skip steps 2 and 3:

  1. Open a terminal and connect with your NAS using SSH.
  2. Go to the folder containing OMV’s Nginx configuration files: cd /etc/nginx/openmediavault-webgui.d/
  3. Create a new .conf-file or edit the existing file using your favourite shell text-editor, e.g. nano apps.conf
  4. Insert the following text to the top of the file:
    location /sonarr {
    proxy_pass http://localhost:8989/sonarr;
    }
    location /radarr {
    proxy_pass http://localhost:7878/radarr;
    }
    view raw apps.conf hosted with ❤ by GitHub
    Obviously, nas.yourdomain.com and 192.168.xxx.xxx need to be replaced by your NAS’ web-address and its local IP-address. If the server_name-node is already there. Don’t replace it or re-add it. Only add the location-node and make sure the port after localhost points to Sonarr (default: 8989).
  5. Save the file and restart Nginx: service nginx restart

Give it a view hours for the settings to take effect. If you’ve just set up your CNAME-records to make your NAS accessible from outside your LAN it can take while. Your domain’s DNS-settings need to be propagated among all internet providers worldwide.

In all other cases Sonarr/Radarr should be accessible from the outside immediately after restarting Nginx. So you can confirm your Let’s Encrypt SSL-secured Reverse Proxy for OpenMediaVault is working correctly. You can do the same for Transmission. I’ll tell you all about it on the next page.

Pages: 1 2 3 4 5