In the last revision of transmission, I couldn’t get the user/password for the RPC of transmission work.
To resolve this problem, I decided to use Nginx as reverse proxy to provide an SSL connection and also a way to secure the access to the RPC and the web interface.
I compiled myself transmission and it’s installed in /usr/local/. In case you are using the packaged version of Debian/Ubuntu you need to change the /usr/local/ by /usr/.
Here is my configuration for Nginx:
upstream transmission {
server 127.0.0.1:9091; #Transmission
}
server {
listen 443 ssl http2;
server_name example.com;
auth_basic "Server Restricted";
auth_basic_user_file /var/www/myWebSite/web/.htpasswd;
# Path to the root of your installation
error_log /var/www/myWebSite/logs/error.log;
access_log /var/www/myWebSite/logs/access.log;
### SSL cert files ###
ssl_certificate /var/www/myWebSite/ssl/advert.crt;
ssl_certificate_key /var/www/myWebSite/ssl/advert.key;
### Add SSL specific settings here ###
ssl_session_timeout 10m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
return 301 https://$server_name/transmission/;
}
location ^~ /transmission {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass_header X-Transmission-Session-Id;
add_header Front-End-Https on;
location /transmission/rpc {
proxy_pass http://transmission;
}
location /transmission/web/ {
proxy_pass http://transmission;
}
location /transmission/upload {
proxy_pass http://transmission;
}
location /transmission/web/style/ {
alias /usr/share/transmission/web/style/;
}
location /transmission/web/javascript/ {
alias /usr/share/transmission/web/javascript/;
}
location /transmission/web/images/ {
alias /usr/share/transmission/web/images/;
}
location /transmission/ {
return 301 https://$server_name/transmission/web;
}
}
}
25th October 2015 at 02:33
Does this config still work? It’s the closest thing to working for me, expect the page doesn’t load properly. The graphics (the menu bar and visuals) do not appear but if I go to the non-ssl link, the graphics load properly.
I’m suspicious of the forward slash inconsistency and wonder if that is the cause?
Thanks!
25th October 2015 at 02:44
*shrug* I checked the error log, and it was looking somewhere else for the javascript and style files. I found that the problem was fixed with:
ln -s /usr/share/transmission /usr/local/share/transmission
I guess my transmission build was not configured properly.
25th October 2015 at 03:07
Glad it worked for you.
In fact, you pointed out a mistake in my configuration. For the raspberry pi where I installed transmission, I compiled transmission and didn’t change where to install the package (default /usr/local/) which explain the problem you got.
I’m going to correct this. Thanks for the report.
12th January 2016 at 21:18
So this is a bit of a necro post, but this one really helped me figure out how to get my proxy config down perfect. This one has worked for me to solve the tricky 409 conflict as well as allow /transmission and /transmission/ to load to the web interface correctly so I thought I’d share. One note: the t-proxy.conf is just lists the proxy header configs in a separate file, but are the same.
*outside of the server block*
upstream transmission {
server 127.0.0.1:9091;
}
*inside server block*
location /transmission {
include t-proxy.conf;
try_files $uri $uri/;
location /transmission/rpc {
proxy_pass http://transmission;
}
location /transmission/web/ {
proxy_pass http://transmission;
}
location /transmission/upload {
proxy_pass http://transmission;
}
location /transmission/web/style/ {
alias /usr/share/transmission/web/style/;
}
location /transmission/web/javascript/ {
alias /usr/share/transmission/web/javascript/;
}
location /transmission/web/images/ {
alias /usr/share/transmission/web/images/;
}
location /transmission/ {
return 301 https://$server_name/transmission/web;
}
}