Use Quickbox with NZB360 App

I’ve been wanting to use the NZB360 app on my phone with my install of Quickbox I have floating around. Unfortunately, NZB360 doesn’t support the Digest Authentication that Apache is configured for. It only supports Basic Auth, which is less than secure but better than nothing.

So, with that in mind I’ve taken the default SSL Apache configuration and converted it to use Basic Auth on an alternate port so it runs in tandem with the more secure web access.

First - We need to create an additional htpasswd file. We don’t want your good secure password buried in the app or floating around the internet. I used a tutorial here. I simply created a new .htpasswd file containing a user I’m calling API and giving it a >20 character random password. This will be used for the Basic HTTP Auth that NZB360 will do. I put mine at

/etc/.api.htpasswd

Second - The Apache config. It’s basically just the default-ssl.conf that runs all of Quickbox with the Reverse Proxy config for the necessary apps. Important to note, you’ll need to correct the SSLCertificateFile and SSLCertificateKeyFile fields in the config to match your own SSL setup. Copy the proper settings from default-ssl.conf file.

Simply take the file below and create an ssl-api.conf in /etc/apache2/sites-enabled. Then reload Apache.

Listen 8443
SSLPassPhraseDialog  builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
#SSLMutex default
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<VirtualHost *:8443>
Options +Indexes +MultiViews +FollowSymLinks
SSLEngine on
    DocumentRoot "/srv/rutorrent/home"
    <Directory "/srv/rutorrent/home/">
            Options +Indexes +FollowSymLinks +MultiViews
            AllowOverride All AuthConfig
            Order allow,deny
            Allow from all
    AuthType basic
    AuthName "rutorrent"
    AuthUserFile '/etc/.api.htpasswd'
    Require valid-user
    </Directory>
    SSLEngine on
    SSLProtocol all -SSLv2
    SSLCipherSuite ALL:!ADH:!EX30305:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
    SSLCertificateFile /etc/apache2/ssl/certs/YOUR CERT HERE.pem
    SSLCertificateKeyFile /etc/apache2/ssl/certs/YOUR KEY HERE.key
    SetEnvIf User-Agent ".*MSIE.*" \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0

<Location /sonarr>
ProxyPass http://localhost:8989/sonarr
ProxyPassReverse http://localhost:8989/sonarr
AuthType Basic
AuthName "rutorrent"
AuthUserFile '/etc/.api.htpasswd'
Require valid-user
</Location>
<Location /sabnzbd>
ProxyPass http://localhost:65080/sabnzbd
ProxyPassReverse http://localhost:65080/sabnzbd
AuthType Basic
AuthName "rutorrent"
AuthUserFile '/etc/.api.htpasswd'
Require valid-user
</Location>
<Location /radarr>
ProxyPass http://localhost:7878/radarr
ProxyPassReverse http://localhost:7878/radarr
AuthType Basic
AuthName "rutorrent"
AuthUserFile '/etc/.api.htpasswd'
Require valid-user
</Location>
<Location /nzbhydra>
ProxyPass http://localhost:5075/nzbhydra
ProxyPassReverse http://localhost:5075/nzbhydra
AuthType Basic
AuthName "rutorrent"
AuthUserFile '/etc/.api.htpasswd'
Require valid-user
</Location>
</Virtualhost>

Once Apache starts, you should be able to browse to https://your-server:8443/sonarr and log in as your newly created API user. You can set up any App that accesses the various APIs using this URL and User.

2 Likes

Nice work! :muscle:

Thanks for this. All of this works except I can’t get it working with NZBGet. :confused: