How to setup a reverse Apache proxy for SiCKRAGE


#1

This guide assumes you already have both Apache and SiCKRAGE installed and working.

  • This has been tested with Apache2.4 on Linux but should work with version 2.2 also

Part 1: Setting up the reverse proxy

1.1 Make sure Apache is listening on the correct ports

In your apache configuration file httpd.conf make sure the server is listening on port 80 (and 443 if you’re doing part 2 also)
Look for a line containing Listen 80 or add it when needed (do the same for SSL with Listen 443 )
In most cases, this can be skipped because this should already be in the basic configuration after installation.

1.2 Enable proxy modules
indent preformatted text by 4 spaces
In most Linux distributions doing the following will work splendidly:
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_wstunnel

For those who want to do it manually, look for the following lines in your httpd.conf :
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
And uncomment these lines by removing the # in front.

1.3 Adding a virtual host

Depending on your configuration adding a virtualhost can be done in httpd.conf , a new file in the conf.d directory or the sites-enabled folder.
Whereever you do this configuration it should normally look like the following basic snippet:

  • This assumes that SiCKRAGE is running on port 8081 on the local machine<VirtualHost *:80>
    ServerName sickrage.example.com
    <Proxy *>
    Order deny,allow
    Allow from all
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /ws ws://127.0.0.1:8081/ws
ProxyPass / http://127.0.0.1:8081/
ProxyPassReverse / http://127.0.0.1:8081/

1.4 Test it !!

Now restart your apache server ( sudo service httpd restart or apachectl restart or whatever your distribution does).
If everyting went well you should now be able to reach your SiCKRAGE on your domain (obviously not on sickrage.example.com unless you happen to own that domain :wink: ).
Once this is working correctly enabling SSL should be easy.

Part 2: Adding SSL support

I will not explain how to get the letsencrypt ssl certificates, there are plenty of good tutorials on that available.

2.1 Enabling the module

Again either running:
sudo a2enmod ssl
or uncommenting the following line in httpd.conf :
#LoadModule ssl_module modules/mod_ssl.so

2.2 Update VirtualHost

To enable SSL in your Apache proxy simply replace the previous (filling in your own domain, ssl certificates and other settings that differ)

<VirtualHost *:80>
  ServerName sickrage.example.com
  Redirect / https://sickrage.example.com/
</VirtualHost>

<IfModule ssl_module>
  <VirtualHost *:443>
    ServerName sickrage.example.com

    SSLEngine on
    SSLProxyEngine On
    SSLCertificateFile      /etc/letsencrypt/live/sickrage.example.com/cert.pem
    SSLCertificateKeyFile   /etc/letsencrypt/live/sickrage.example.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/sickrage.example.com/chain.pem

    <Proxy *>
      Order allow,deny
      Allow from all
    </Proxy>

    ProxyRequests Off
    ProxyPreserveHost On
    ProxyPass /ws ws://127.0.0.1:8081/ws
    ProxyPass / http://127.0.0.1:8081/
    ProxyPassReverse / http://127.0.0.1:8081/
  </VirtualHost>
</IfModule>

2.3 Restart the server again

After another restart you should now be able to reach your SiCKRAGE using https :slight_smile:

Thanks to @brainslug for putting this comprehensive guide together


#2

This topic was automatically closed after 60 minutes. New replies are no longer allowed.