this post was submitted on 04 Jul 2025
25 points (100.0% liked)

Selfhosted

49417 readers
951 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
25
Help with configuring Caddy to work with arr apps (slrpnk.net)
submitted 1 week ago* (last edited 1 week ago) by sun@slrpnk.net to c/selfhosted@lemmy.world
8 comments fedilink hide all child comments
 

Hi, I'm having trouble getting my Caddy reverse proxy to work with the arr apps I can access everything without the reverse proxy. I have set the basic login prompt (like this one) through the arr apps after I logge in to one of the arr apps I either get a blank page or I'm seeing this error page:

firefox

The page isn’t redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

This problem can sometimes be caused by disabling or refusing to accept cookies.

chromiumThis page isn’t working domain.com redirected you too many times.

Try deleting your cookies. ERR_TOO_MANY_REDIRECTS

Caddyfile config (1.1.1.1 is a placeholder ip for my vps external ip)

{
    email email@domain.com
}

domain.com {

    # qBittorrent
    redir /qbit /qbit/
    handle_path /qbit/* {
        reverse_proxy 1.1.1.1:8080 {
            header_up Host {host}
            header_up X-Real-IP {remote_host}
            header_up X-Forwarded-For {remote_host}
            header_up X-Forwarded-Proto {scheme}
        }
    }

    # Sonarr
    redir /sonarr /sonarr/
    handle_path /sonarr/* {
        reverse_proxy 1.1.1.1:8989 {
            header_up Host {host}
            header_up X-Real-IP {remote_host}
            header_up X-Forwarded-For {remote_host}
            header_up X-Forwarded-Proto {scheme}
        }
    }

    # Radarr
    redir /radarr /radarr/
    handle_path /radarr/* {
        reverse_proxy 1.1.1.1:7878 {
            header_up Host {host}
            header_up X-Real-IP {remote_host}
            header_up X-Forwarded-For {remote_host}
            header_up X-Forwarded-Proto {scheme}
        }
    }

    # Prowlarr
    redir /prowlarr /prowlarr/
    handle_path /prowlarr/* {
        reverse_proxy 1.1.1.1:9696 {
            header_up Host {host}
            header_up X-Real-IP {remote_host}
            header_up X-Forwarded-For {remote_host}
            header_up X-Forwarded-Proto {scheme}
        }
    }
}

I've tried setting the URL base to /the_name_of_the_arr_app, but it didn't work. I've attempted it with and without the redir /the_name_of_the_arr_app /the_name_of_the_arr_app/. I'm stuck and unsure of how to resolve the issue. It works fine with qBittorrent.

radarr debug log

2025-07-04 21:27:45.9|Info|Radarr.Http.Authentication.BasicAuthenticationHandler|Basic was not authenticated. Failure message: Authorization header missing.
2025-07-04 21:27:45.9|Info|Radarr.Http.Authentication.BasicAuthenticationHandler|AuthenticationScheme: Basic was challenged.
2025-07-04 21:27:54.1|Debug|Radarr.Http.Authentication.BasicAuthenticationHandler|AuthenticationScheme: Basic was successfully authenticated.
2025-07-04 21:27:54.8|Debug|Radarr.Http.Authentication.BasicAuthenticationHandler|AuthenticationScheme: Basic was successfully authenticated.
2025-07-04 21:27:55.0|Debug|Radarr.Http.Authentication.BasicAuthenticationHandler|AuthenticationScheme: Basic was successfully authenticated.

top 8 comments
sorted by: hot top controversial new old
[–] macstainless@discuss.tchncs.de 6 points 1 week ago (1 children)

Is there a reason you’re trying to expose them to the internet? IMO you’re better off not doing that and using Overseer as the only exposed service that talks to everything else. Exposing the whole arr stack is just unwise and unnecessary.

[–] sun@slrpnk.net 1 points 1 week ago* (last edited 1 week ago) (1 children)

I exposed it all because I am on a VPS, i don't know how to configure it otherwise, and I did not think it was a problem because all the seedboxes expose it all.

I don't want to run Jellyfin/Plex because I am on a VPS with low resources.

[–] P13@lemmy.dbzer0.com 1 points 6 days ago

If you use Cloudflare for DNS there is Zero Trust to protect your services.

It’s also possible to run a cloudflared container next to your arrs to tunnel traffic to ports on your other containers rather than needing a reverse proxy. But that’s more appropriate for something on your local network rather than a VPS.

[–] aksdb@lemmy.world 3 points 1 week ago (1 children)

Are all the *arr services aware that they are expected to have a certain basepath?

[–] sun@slrpnk.net 1 points 1 week ago* (last edited 1 week ago) (1 children)

Yes, I think so. I have configured it like this

collapsed inline media

[–] aksdb@lemmy.world 2 points 1 week ago (1 children)

Does it make a difference, if that setting uses a trailing slash? Might be it redirects you to the path without, which triggers caddy to redirect you again, and so on and so forth.

You could also, instead of redirecting, rewrite it. Then it is handled serverside without sending the client somewhere else.

[–] sun@slrpnk.net 1 points 1 week ago* (last edited 1 week ago)

I can't set a trailing slash Radarr removes it when i save. I am not quite sure what you mean, but I have tried rewriting it.

like this, and then visit, but it makes no difference.
collapsed inline media

You could also, instead of redirecting, rewrite it. Then it is handled serverside without sending the client somewhere else.

I am not quite sure what you mean.

When i add change it like this:

image
collapsed inline media

I get a login prompt that no matter what I type in, it just reloads the page. If I select "login page" in arr app, I just get redirected to domain.com/login and get a blank page. If I try to go to domain.com/radarr/login, I get a blank page

[–] dethmetaljeff@lemmy.world 2 points 6 days ago* (last edited 6 days ago)

Why are you proxying to your VPS external IP? Caddy listens to your external IP and your arr apps listen to ideally localhost, you should be reverse proxying to localhost. Your arr apps need to be told to only bind to localhost as well.