-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Reverse Proxy
A reverse proxy, also known as an "inbound" proxy is a server that receives requests from the Internet and forwards (proxies) them to a small set of servers, usually located on an internal network and not directly accessible from outside.
A reverse proxy can be used to allow authenticated users access to an intranet even when they are located outside. Users on the internal network can access intranet servers directly (their IP address is their authentication), but users outside it must authenticate themselves to the proxy server (usually with a username and password) in order to be allowed in.
Visit this page for a good overview of why you should be using a reverse proxy: http://mikehadlow.blogspot.com/2013/05/the-benefits-of-reverse-proxy.html
Lets say you have SickBeard, SABnzbd, Headphones, and Couchpotato installed and working. To get to each of these you would navigate to their ip/loclahost:port. Depending on how you setup the apps (binding an ip to your network adapter) you may or may not be able to get to the sites outside your network. You can use your cellphone with WiFi turned off if you want an easy way to test access outside your network. Most likely they are all running on the same machine/within the same network. So each ip would be the same but the port would just be different, remembering which port belongs to which application is not very user friendly. Also what if an app uses HTTP while another is using HTTPS? what if one app has authentication enabled but another doesn't? Well using a reverse proxy can make all this a lot more manageable.
Using a reverse proxy you could just go to an ip (or hostname if you use dyndns or something similar) but use /sickbeard /sabnzbd /couchpotato /whatever instead of a different port. This makes things a bit easier and user friendly. Also because you are only really reaching one server and it internally communicates with the other sites, it does not matter if sickberad/sab/whatever are not reachable outside your network.
Taken from old wiki: http://code.google.com/p/sickbeard/wiki/AdvancedSettings
To change where Sick Beard mounts its files on the web server you can edit the web_root parameter in the config.ini. This can be useful when hiding SB behind a reverse proxy. Below is a sample apache proxy configuration and the corresponding web_root parameter:
httpd.conf
<Location /sickbeard/> order deny,allow deny from all allow from all
ProxyPass http://192.168.1.123:8081/sickbeard/ ProxyPassReverse http://192.168.1.123:8081/sickbeard/
AuthType Basic AuthName "MidgetSpy's Server" AuthUserFile /etc/apache2/passwd/passwords Require user midgetspy
config.ini
web_root = /sickbeard
Note: If you're using the autoProcessTV script you will need to set web_root in your autoProcessTV.cfg as well, same as in config.ini.
For help or questions visit us at #sickbeard on irc.freenode.net