Sorry for the delay. I’ve been watching so many movies lately and neglecting my computer.
So here goes. Nothing special going on in my setup. I have Nginx-Proxy-Manager running in docker along with all my services (sonarr, radarr, tautulli, plex etc etc).
My setup uses subdomains on my own domain that cannot be reached unless authorised through Organizr.
The following is all carried out through nginx-proxy-manager - https://nginxproxymanager.com/ (thanks guys)
Main Page
Choose Hosts > Proxy Hosts > Add Proxy Host
Details
Domain: yourdomain.xyz
Scheme http
Forward Hostname / IP internal.ip.of.organizr
Forward Port internal port for Organizr
Enable required features > Save
Custom locations
location: ~ /auth-(.*)
Forward Hostname / IP: 192.168.1.234/api/?v1/auth&group=$1
auth&group=$1
will use the co-admin group within Organizr and authenticate users that are part of that group.
Click gear icon and input the following into the expanded box
internal;
proxy_set_header Content-Length "";
Save
Your domain name that Organizr is reachable on, enable the features you require then move one.
The Advanced section is empty on the Organizr reverse proxy but will be populated for each service.
So that covers the initial Organizr setup.
Next we’ll add a service. Sonarr is widely used so we’ll go for that.
Domain Names sonarr.yourdomain.xyz
Forward Hostname / IP sonarr.internal.ip
Forward Port Internal port for Sonarr
Enable required features > Save
Define location ~ ^/auth-(.*)
(notice how similar it is to the Organizr location but not quite the same)
Forward Hostname / IP 192.168.1.234/api/?v1/auth&group=$1
Forward Port Organizr Port
- NOT THE SONARR PORT
Click the gear and input: proxy_set_header Content-Length "";
SSL
Add domain i.e. sonarr.yourdomain.xyz
Enable options > Save
Advanced
Input auth_request /auth-1;
which tells Organizr the groups allowed to access this particular service.
Save
I think at this point you should be operational. If not, restart the relevant containers and try it out.
When you attempt to access https://sonarr.yourdomain.xyz you should be met with a 401 error page until you sign in to Organizr.
When I used Caddy I had a rewrite rule to send the user straight to Organizr but I just haven’t bothered with this setup as I’m the only user anyway.
I’ll check over my other services to see if there’s any major differences that need addressed.
I’m no expert but if you have any questions please ask away and I’ll see what I can do. If I’ve left out anything please let me know.