How are people managing to use httpcfg inside the sonarr jail? For me it's not installed! I have installed a freebsd jail and installing mono (pkg install mono) gives me httpcfg but in the sonarr plugin, there is no httpcfg. Did you upgrade mono yourself inside the jail?
Thank you so much! I finally have it working. I will list the steps below for future users. I assume you have your private key in .pvk format (otherwise look here https://github.com/Sonarr/Sonarr/wiki/SSL ) and Sonarr is installed as a FreeNAS Plugin with no additional changes to users etc..
Load your certificate with httpcfg for root, /usr/pbi/sonarr-amd64/bin/httpcfg -add -port <SSL_PORT> -pvk yourdomain.pvk -cert yourdomain.crt
(Optional) Verify the certificate is loaded, /usr/pbi/sonarr-amd64/bin/httpcfg -list
Move the httplistener directory to where sonarr can use it, mv /root/.config/.mono/httplistener /var/db/sonarr/.mono/
Change permissions so Sonarr has access to the httplistener directory, chown -R media /var/db/sonarr/.mono/httplistener
Go in Sonarr. Settings --> General (Enable Advanced Settings) and enable SSL and select your <SSL_PORT> (default 9898)
Restart both Sonarr and the Sonarr jail :).
Should I also be changing the group to media or is it insecure to leave the group as wheel?
Group permissions shoudn't matter. I bet the file was written with 600 permissions. And if a user is in the 'wheel' group they can switch to root so permissions wouldn't stop them at that point.
Group permissions shoudn't matter. I bet the file was written with 600 permissions. And if a user is in the 'wheel' group they can switch to root so permissions wouldn't stop them at that point.
I'm guessing that's what httpcfg wrote the certificates as (600). I'm not sure what else your asking? all I was stating was 'wheel' group ownership poses no additional risk.
Ah okay, I was just wondering why when I didn't use httpcfg command and manually created the httplistener folder with the two files inside it, ssl wasn't working... Anyway working now so yay! Thanks for all your help.
Thank you so much! I finally have it working. I will list the steps below for future users. I assume you have your private key in .pvk format (otherwise look here https://github.com/Sonarr/Sonarr/wiki/SSL ) and Sonarr is installed as a FreeNAS Plugin with no additional changes to users etc..
Load your certificate with httpcfg for root, /usr/pbi/sonarr-amd64/bin/httpcfg -add -port <SSL_PORT> -pvk yourdomain.pvk -cert yourdomain.crt
(Optional) Verify the certificate is loaded, /usr/pbi/sonarr-amd64/bin/httpcfg -list
Move the httplistener directory to where sonarr can use it, mv /root/.config/.mono/httplistener /var/db/sonarr/.mono/
Change permissions so Sonarr has access to the httplistener directory, chown -R media /var/db/sonarr/.mono/httplistener
Go in Sonarr. Settings --> General (Enable Advanced Settings) and enable SSL and select your <SSL_PORT> (default 9898)
Restart both Sonarr and the Sonarr jail :).
Should I also be changing the group to media or is it insecure to leave the group as wheel?
slap it into acme.sh or deploy_freenas.sh code or into acme cron -reloadcmd parameter. i trigger the script with 1 parameter (works on CLI too): /root/deploy-freenas/deploy_freenas_more.sh $domain
will check it for errors upon next renewal. ideally, this will be unattended instant refresh of Letsencrypt certificate.
i cloned the script into Radarr version and in a minute i had a working HTTPS connection from outside.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.