Page 1 of 1

Radarr connection behind reverse proxy

Posted: Mon Jan 11, 2021 8:25 am
by Jedediah
Hello :)
Here is an issue a get with Radarr, I'll try to explain it.

So my setup is :
- Radarr, running on Docker, 7878 port exposed only to the docker host 7878 port
- Nginx as a reverse Proxy to pass (transparently) https://radarr.mydomain.com:433 to the 7878 port of Radarr container.
With this configuration, Radarr is not accessible via the local ip of my server and radarr.mydomain.com is the only way to go.

Everything works as I espected via the Webui for Radarr and all my other container that works this way.

The issue is that nzb360 doesn't seem to like this configuration.
"Test" connection via the Radarr settings works as expected, the button is green so the test is OK.
I put these settings : "https://radarr.mydomain.com:443" + the API in the second field.

Now if I go to Radarr "All" pages, I have an error which says "Could not connect to Radarr".
Checked Radarr debug logs and I can see the API calls made by nzb360 so this part is working.

To debug more, I disabled my reverse proxy for Radarr to be able to access it via 192.168.X.X:7878 and tadaaaa, nzb360 works perfectly with this settings...

So, I think, there is an issue with how nzb360 handles domain names or something is wrong with my nginx conf.
What is strange is that I don't have any issues and use this Reverse Proxy for years for many other applications...

Re: Radarr connection behind reverse proxy

Posted: Mon Jan 11, 2021 1:58 pm
by Jedediah
Nvm, issue with my nginx that was forced to tls1.3 which nzb360 don't seems to support.

Re: Radarr connection behind reverse proxy

Posted: Fri Feb 19, 2021 11:29 am
by mjktfw
I don't think it's the issue with tls 1.3. Enabling tls 1.2 does not help either. I'm facing the same error. This probably has to do with https -> http proxying and some bug in nzb360.

Edit: Ok so it's indeed resulting from tls 1.3 not being supported, but in addition, some strong ciphers are not implemented as well. These are not enough:

Code: Select all

ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384

Re: Radarr connection behind reverse proxy

Posted: Sun Feb 21, 2021 5:55 am
by Kev
Next release should resolve these issues.