0. Why do this?
Easy for me : I use a PCH box as my torrent client.
It’s really nice, but it cannot :
- Use IPv6 (I don’t want to forward ports when it can be avoided)
- Protect the Transmission web interface with a password
On the other hand
- My macbook is always on (though I’ll replace this with a Guruplug… if I ever receive the one I ordered)
- I want to access the torrent administration interface when I’m not at home
- I wanted to tinker with nginx 😉
1. The easy solution
server {
listen :8080;
server_name bt.coding-badger.net;
location / {
proxy_pass http://192.168.0.2:9091/;
}
}
Ok. We’re done. Redirect all requests to bt.coding-badger.net:8080 to the popcorn hour box on transmission’s port. KTHXBYE
2. Less subdirectories, moar fun!
Wait, of course we aren’t. It would be no fun at all. I don’t really like to have to access this page through /transmission/web/. We’re already on a special vhost, so I want my bt page at the root!
server {
listen :8080;
server_name bt.coding-badger.net;
location /transmission {
proxy_pass http://192.168.0.2:9091/transmission;
}
location / {
proxy_pass http://192.168.0.2:9091/transmission/web/;
}
}
What happens there? First you have to know what transmission does :
- “/” requests are redirected to “/transmission/web” with a 301 Error page
- /transmission/web/ contains javascript, css, pages, etc…
- /transmission/upload is used to upload a torrent
- /transmission/rpc is used to update the window
What we do is redirect all requests that hit / to /transmission/web/ on the transmission server (that way we can be on the / page and transmission will think we’re on /transmission/web and not attempt to redirect), and redirect all other /transmission/* requests to /transmission/*
You can tweak this to your liking, but you have to remember :
NEVER. EVER hit the “/” on the transmission web interface with your proxy, because it will redirect the browser to /transmission/web. You could probably handle this with a “proxy_redirect” command in the nginx configuration, but it’s a bit tricky to get right.
3. IPv6
On OSX, I use brew as the package manager for OSX. Unfortunately, it does not compile nginx with ipv6 support by default!
$ brew edit nginx
Go to the install function, and add –enable-ipv6 to the args array
$ brew install nginx
On debian, it should be compiled with ipv6 by default. You can check by running
$ nginx -Vnginx version: nginx/0.7.67TLS SNI support enabledconfigure arguments: --prefix=/usr/local/Cellar/nginx/0.7.67 --with-http_ssl_module --with-pcre --conf-path=/usr/local/etc/nginx/nginx.conf --pid-path=/usr/local/var/run/nginx.pid --lock-path=/usr/local/var/nginx/nginx.lock --with-ipv6nginx version: nginx/0.7.67TLS SNI support enabledconfigure arguments: --prefix=/usr/local/Cellar/nginx/0.7.67 --with-http_ssl_module --with-pcre --conf-path=/usr/local/etc/nginx/nginx.conf --pid-path=/usr/local/var/run/nginx.pid --lock-path=/usr/local/var/nginx/nginx.lock --with-ipv6
If you’ve got –enable-ipv6 you’re all good!
Then we have to update the “listen” configuration of the server to tell it to use IPv4 and IPv6
server {
listen [::]:8080; # this enables ipv6
server_name bt.coding-badger.net;
location /transmission {
proxy_pass http://192.168.0.2:9091/transmission;
}
location / {
proxy_pass http://192.168.0.2:9091/transmission/web/;
}
}
4. Authentication
We don’t want our transmission client to be accessed by anyone! nginx can provide authentication through htpasswd files
$ sudo htpasswd -c /usr/local/etc/nginx/nginx.passwd <username>
Enter the password you wish, then setup nginx to request a password :
server {
listen [::]:8080;
server_name bt.coding-badger.net;
location /transmission {
proxy_pass http://192.168.0.2:9091/transmission;
}
location / {
proxy_pass http://192.168.0.2:9091/transmission/web/;
}
auth_basic "Restricted";
auth_basic_user_file /usr/local/etc/nginx/nginx.passwd;
}
Of course, if you are not using brew, you may want to use more “traditionnal” places for the passwd file, (like /etc/nginx instead of /usr/local/etc/nginx… use the same directory as your nginx config file)
Thanks for the guide, but for some reason the second method did not work properly on my arch server. Maybe they changed something in transmission since you made your post. Anyway, I got it to work by forwarding the subdirectories of /transmission as I have described here: http://gpesweden.blogspot.com/2013/03/proxy-transmission-through-nginx.html
The link in above comment is dead since i moved the blog. I see it got some traffic though, so here is the new link: http://jronnholm.se/proxy-transmission-through-nginx/
Amazing!
Before this i was using my ipv6 vpn to acess my transmission web using my internal adress like 192.168.1.10:9091, way less convenient, since i have no problem with authentication i used:
server
{
listen [::]:9091;
server_name localhost;
location /
{
proxy_pass http://192.168.1.10:9091/;
}
}
runing on openwrt 19.07
thanks!