-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
Linux WebUI HTTPS with Let's Encrypt & Caddy2 reverse proxy
A very straightforward & easy way to add HTTPS to your FQDN pointing to qbittorrent. This guide assumes you have a working qbitorrent setup as well as:
- you know how to and can forward ports on your router, to forward ports 80 and 443.
- you have setup a FQDN pointing to the IP you are running the Web UI from.
The overall architecture of the system will be:
________________________________________________
Outside world (insecure) | Your machine (secure) |
You <-------HTTPS (secure)-------|-> Caddy2 <----HTTP-----> qbittorrent WebUI |
| |
------------------------------------------------
On arch based distros that's as easy as
yay -S caddy2
- Access your WebUI, and go to Tools -> Options -> WebUI
- Make note of the port specified, leave your IP set to *
- Deselect "Use UPnP / NAT-PMP to forward the port from my router."
- Deselect "Use HTTPS instead of HTTP."
- Enable clickjacking protection
- Enable CSRF protection
- Enable host header validaion. Confirm "*; example.domain" is in the "server domains" text box.
Create a Caddyfile as a config. Assuming a standard HTTPS & reverse proxy setup, your Caddyfile can be as basic as
{
email [email protected]
}
example.domain {
reverse_proxy IP:port
}
Forward ports 80 and 443 in your router. Allow ports 80 and 443 through your system firewall if you have one. Run one of the following commands
sudo caddy run -config /path/to/Caddyfile
or
sudo caddy start -config /path/to/Caddyfile
The difference between the two is minimal. run starts the Caddy process and blocks indefinitely while start starts the Caddy process in the background and then returns. You can also run caddy as a systemd service.
Open up your favorite browser and enter your FQDN into the URL bar. You should see the qbittorrent Web UI and the indication that your connection is over HTTPS.
- Installing qBittorrent
- Frequently Asked Questions (FAQ)
- qBittorrent options (current and deprecated)
- How to use qBittorrent as a tracker
- How to use portable mode
- Anonymous mode
- How to bind your vpn to prevent ip leaks
State | Version |
---|---|
Current | qBittorrent ≥ v4.1 |
Previous | qBittorrent v3.2.0 - v4.0.x |
Obsolete | qBittorrent < v3.2.0 |
- Let's Encrypt Certificates + Caddy2 Reverse Proxy
- Let's Encrypt certificates + NGINX reverse proxy - Linux
- Let's Encrypt certificates - Linux
- Self-signed SSL certificates - Linux
- Running qBittorrent without X server (WebUI only)
- Running qBittorrent without X server (WebUI only, systemd service set up, Ubuntu 15.04 or newer)
- OpenVPN and qBittorrent without X server
- Coding style
- Contributing
- How to write a search plugin
- Using VSCode for qBittorrent development
- Setup GDB with Qt pretty printers
- How to debug WebUI code