diff --git a/FAQ's-and-Fixes.md b/FAQ's-and-Fixes.md index 58c334c..de6c933 100644 --- a/FAQ's-and-Fixes.md +++ b/FAQ's-and-Fixes.md @@ -71,7 +71,7 @@ Make the following changes to your config.ini file: ## I have problems with special characters. -I have (é etc.) What can I do? It's always a good idea to make sure you're using UTF-8 locale to avoid unicode decoding issues so please perform the following commands if you're using a unix operating system. +I have (é etc.) What can I do? It's always a good idea to make sure you're using UTF-8 locale to avoid Unicode decoding issues so please perform the following commands if you're using a Unix operating system. Add the following lines of code to your ~/.bashrc and ~/.profile files: @@ -87,13 +87,13 @@ Then run `source ~/.bashrc` in a terminal window. You can reinstall SickChill through pip, see [pip](). -## I'm currently using the SABtoSickbeard script with SABNZB, however failed downloads don't work. +## I'm currently using the SABtoSickbeard script with SABNZB, however, failed downloads don't work. -Switch to the [NZBtoMedia](NZBtoMedia.md) scripts. The package contains a script called NZBtoSickbeard. This will provide full and automatic failed download handling. Installation is almost identical as the SABtoSickbeard script. +Switch to the [NZBtoMedia](NZBtoMedia.md) scripts. The package contains a script called NZBtoSickbeard. This will provide full and automatic failed download handling. Installation is almost identical to the SABtoSickbeard script. ## Error: Rar Not Supported: No suitable RAR unpacker installed -SickChill has the ability to unpack RAR-archived releases but requires the external `unrar` command on Linux, Mac, FreeBSD and other Unix OS. In Windows, it uses unrar.dll(x86) or unrar64.dll(x86_64) which are included in SickChill. +SickChill has the ability to unpack RAR-archived releases but requires the external `unrar` command on Linux, Mac, FreeBSD, and other Unix OS. In Windows, it uses unrar.dll(x86) or unrar64.dll(x86_64) which are included in SickChill. If you get this error, you need to make sure unrar is installed and available into PATH. @@ -119,7 +119,7 @@ They are mainly the cause of not having Python installed correctly. Python needs ## Can I support SickChill and How? -Yes, absolutely! We are always looking for help. If you are familiar with Python, HTML, Java or other programming languages, please give a shout. Also, if you have experience moderating and want to help users by solving/answering their basic questions regarding SickChill, feel free to help on the SickChill [Issue Tracker](https://github.com/SickChill/SickChill) and [IRC Channel](https://kiwiirc.com/client/irc.freenode.net/?theme=basic#sickchill-issues). Last, there is the option to [Donate](Donations.md). That helps us pay for the upkeep/maintaining cost of the SickChill project. +Yes, absolutely! We are always looking for help. If you are familiar with Python, HTML, Java or other programming languages, please give a shout. Also, if you have experience moderating and want to help users by solving/answering their basic questions regarding SickChill, feel free to help on the SickChill [Discord](https://discord.com/channels/502612977271439372/1048317980343283733). Last, there is the option to [Donate](Donations.md). That helps us pay for the upkeep/maintaining cost of the SickChill project. ## What does the Episode Status mean and what does it do? @@ -164,7 +164,7 @@ systemctl reset-failed ## Post Processing shows a negative time -In rare cases the Post Processing stops working and will show a negative time in the +In rare cases, the Post Processing stops working and will show a negative time in the [server status overview](images/serverstatusoverview.png). The cause is a single/bad/corrupt file where PP hangs on, and therefore can't be processed/finished. Your log should be able to tell you which file, then you simply need to remove it. ## What is a network time zone warning? @@ -189,15 +189,15 @@ First, check if the connection test works in the search settings. If that does w - If it's a new DSM account you need to log into DLS with that account first and set a default download folder. - Does it work with an administrator account.? -- If it's a custom created folder then set share (folder) permissions in to username sc-sickchill & sc-download (DSM6) or synocommunity (DSM7) as group. [Syno Permissions](Synology-install.md#Synology-SickChill-Permissions) -- If path is left blank it will auto populate or enter path but remove `/volume1/` from the path in the settings. +- If it's a custom-created folder then set share (folder) permissions in to username sc-sickchill & sc-download (DSM6) or synocommunity (DSM7) as group. [Syno Permissions](Synology-install.md#Synology-SickChill-Permissions) +- If the path is left blank it will auto-populate, or enter the path but remove `/volume1/` from the path in the settings. When all else fails then you could also use the black-hole method as a workaround. SickChill will store the nzb/torrent in a folder of your choosing. Then simply set DS to monitor that folder for nzbs and torrents. As soon as one is found the download will start. ## Timeout when adding a show on Freenas -If you get a timeout when you try to search/add a new show then check your network settings. For freeNAS you can fix this by going to Network > Interfaces > Select your primary network source > Edit > Uncheck "Autoconfigure IPv6". +If you get a timeout when you try to search/add a new show then check your network settings. For FreeNAS you can fix this by going to Network > Interfaces > Select your primary network source > Edit > Uncheck "Autoconfigure IPv6". Then go to Jails > Select Jail with SickChill > Edit Jail > Advanced Mode > Uncheck "IPv6 Autoconfigure" Make sure to reboot after you save that. @@ -205,16 +205,16 @@ This could also apply to other devices, so when this timeout happens make sure y ## What are Unicode errors? -Those can happen when there are special characters in the shows name, file name, folder name or the search results. -This is mainly a problem on Windows systems and especially with Anime. As there are generally more special characters used in Anime. +Those can happen when there are special characters in the show's name, file name, folder name or the search results. +This is mainly a problem on Windows systems and especially with Anime. There are generally more special characters used in Anime. Sadly not much can be done. But a few things you can try are: - Rename files and folders to not contain any special characters. - Add a scene exception (an alternative name for a show) hopefully this will allow you to snatch the episode. -On Linux those Unicode errors generally only happen when you haven't set your locale correctly. Make sure its UTF-8. +On Linux those Unicode errors generally only happen when you haven't set your locale correctly. Make sure it's UTF-8. -## Why does "Send to trash" option not send the files to the Recycle Bin? +## Why does the "Send to trash" option not send the files to the Recycle Bin? **(This applies to using NSSM and/or Windows Service _only_)** diff --git a/Home.md b/Home.md index 743b669..8db9701 100644 --- a/Home.md +++ b/Home.md @@ -2,16 +2,17 @@ Hello and welcome! This wiki is here to help you set up and use SickChill. You'll find setup guides, explanations of settings and errors, and answers to frequently asked questions. -On the right side of the page you see the available wiki pages. For new users, you probably want the [Installation & Setup guides](Installation-&-Configuration-Guides.md), if you want to join the [Developers](Developers.md) here's some basics. +On the right side of the page, you see the available wiki pages. For new users, you probably want the [Installation & Setup guides](Installation-&-Configuration-Guides.md), if you want to join the [Developers](Developers.md) here are some basics. -If you encounter a bug, please goto [Discord](https://discord.com/invite/U8WPBdf) and open a Chat, Help or Issue. +If you encounter a bug, please go to [Discord](https://discord.com/invite/U8WPBdf) and open a Chat, Help, or Issue. -These documents are a work-in-progress. If you'd like to contribute, please get in touch with us on [Discord](https://discord.com/invite/U8WPBdf), or [Discussions](https://discord.com/channels/502612977271439372/502612977803984898), [Telegram](https://t.me/sickchill), [IRC](https://kiwiirc.com/client/irc.freenode.net/?theme=basic#sickchill) or open an [issue here on GitHub.](https://github.com/SickChill/SickChill/issues) +These documents are a work-in-progress. If you'd like to contribute, please get in join us on [Discord](https://discord.com/invite/U8WPBdf) or jump directly into the [Discussions](https://discord.com/channels/502612977271439372/502612977803984898) #### Important links -- [Issues / Bug reports](https://github.com/SickChill/SickChill/issues) -- [Discussions / Feature requests](https://github.com/SickChill/SickChill/discussions) +- [Issues / Bug reports](https://discord.com/channels/502612977271439372/1048317980343283733) +- [Discussions](https://discord.com/channels/502612977271439372/502612977803984898) +- [Feature requests](https://discord.com/channels/502612977271439372/1112608105025519697) - [Donations](Donations.md) --- diff --git a/Network-logos.md b/Network-logos.md index 8c47326..4651ef9 100644 --- a/Network-logos.md +++ b/Network-logos.md @@ -1,6 +1,6 @@ ## What are network logos.? -Network logos show a picture instead of a plain text name in the show overview page of SickChill. +Network logos show a picture instead of a plain text name on the show overview page of SickChill. ## How does SickChill receive those names.? @@ -13,8 +13,8 @@ They are located under : `*/SickBeard/gui/slick/images/network` ## How to add network logos for SickChill.? -First you need to get your hands on a logo for that particular network. Google is your best friend here. -Once that is done use Paint.net or similar program to edit the image. +First, you need to get your hands on a logo for that particular network. Google is your best friend here. +Once that is done use Paint.net or a similar program to edit the image. - Make the background transparent. - Resize the image to 64x32 pixels. @@ -23,16 +23,15 @@ Once that is done use Paint.net or similar program to edit the image. Some guidelines for the network logos are. : - Use colored logos. -- Try not to use black or withe. +- Try not to use black or white. -The last is because SickChill has two color theme's (Dark and Light). If the logo contains too much of either color it will not show properly/correctly on one of those themes. Make sure you test/check this. +The last is because SickChill has two color themes (Dark and Light). If the logo contains too much of either color it will not show properly/correctly on one of those themes. Make sure you test/check this. -Last step is to rename the image. It needs to have the exact name of the network in the show overview list. -Also use only lowercase characters as upper case characters are not recognized. +The last step is to rename the image. It needs to have the exact name of the network in the show overview list. +Also, use only lowercase characters as uppercase characters are not recognized. -Example : `Sky Atlantic` this needs to be renamed to `sky atlantic` So the logo filename will be sky atlantic.png +Example : `Sky Atlantic` needs to be renamed to `sky atlantic` So the logo filename will be `sky atlantic.png` -Note : Special characters are not supported.! +Note : Special characters are not supported! -When you have the logo ready it needs to be added to SickChill. This is done with a Pull request on GitHub. You can use a program like [Sourcetree](https://www.sourcetreeapp.com/) for submitting. -If you are not able to do this, then you can alternatively post the logo and exact filename on our SickChill [issue tracker](https://github.com/SickChill/SickChill/issues), one of the contributors/developers will than add it for you. +When you have the logo ready, it needs to be added to SickChill. Post the logo and exact filename on our SickChill [Discord help channel](https://discord.com/channels/502612977271439372/1048317980343283733), and one of the contributors/developers will then work with you to add it. diff --git a/Remaining-settings-explained.md b/Remaining-settings-explained.md index f682b5e..4cdd9e3 100644 --- a/Remaining-settings-explained.md +++ b/Remaining-settings-explained.md @@ -196,9 +196,9 @@ Next you have to select the shows and/or episodes that you want the subtitles to Here we try to keep you uptodate with the latest news. Be sure to check the page from time to time. -**IRC** +**Discord** -Here you can connect directly to the SickChill IRC channel. Just for some smalltalk or with a quick question. +Here you can connect directly to the [SickChill Discord](https://discord.gg/U8WPBdf). Join other users for friendly discussions or to ask questions with SickChill. **Changelog** Shows the page with the Changelog. This lets you see the changes that where made to SickChill and what new functions where added. diff --git a/Ultimate-SickChill-Linux-Guide.md b/Ultimate-SickChill-Linux-Guide.md index c6d7c22..606ddec 100644 --- a/Ultimate-SickChill-Linux-Guide.md +++ b/Ultimate-SickChill-Linux-Guide.md @@ -16,23 +16,23 @@ This guide will detail setting up SickChill on a Linux machine, along with all t #### Prerequisites -This guide will cover a lot of material, and includes a lot of optional components. As not all of these will apply to you. Please go over the list carefully, as I'll try to detail what you'll need in most situations. +This guide will cover a lot of material and includes a lot of optional components. As not all of these will apply to you. Please go over the list carefully, as I'll try to detail what you'll need in most situations. -1. A Linux box. Mine is also my LAN's router/gateway, but, this can be anything reasonably powerful. Please don't try to run this full setup on a Pi. Distro matters very little, but this guide is written based on an Arch setup. If you know enough about your distro, this shouldn't be any problem for you at all. Obviously you're here to install SickChill, so making this part optional would be pointless. +1. A Linux box. Mine is also my LAN's router/gateway, but, this can be anything reasonably powerful. Please don't try to run this full setup on a Pi. Distro matters very little, but this guide is written based on an Arch setup. If you know enough about your distro, this shouldn't be a problem for you at all. Obviously, you're here to install SickChill, so making this part optional would be pointless. 2. A Bit Torrent client or an NZB setup. For my needs, I went with Deluge, but almost any daemon that SC supports will work just fine. If you want to go NZB, SABNZB+ has worked quite well for me in the past. One or the other is required, both if you wish. Pointless to have a SickChill without this, so, again, mandatory. 3. Plex Media Server. Totally optional but highly recommended, SickChill integrates quite nicely into it. -4. An OpenVPN provider. Yes, we're totally going there with this. OpenVPN providers are fairly cheap and a great way to ensure your downloading your shows will not attract the attention of your ISP. I use [TigerVPN](http://www.tigervpn.com) but anything that supports OpenVPN will work just fine. And again, totally optional. +4. An OpenVPN provider. Yes, we're totally going there with this. OpenVPN providers are fairly cheap and a great way to ensure your downloading your shows will not attract the attention of your ISP. Anything that supports OpenVPN will work just fine. Again, totally optional. #### Linux Setup -We're going to install SickChill on our linux system manually. Why not use the package manager? Well, it can cause problems under certain circumstances (sickchill will update itself from git), and, this is just a much cleaner solution. If you absolutely insist on using the package manager, be warned that upgrades can easily break and your package manager can fail to update the package, so you'll have to --force it or something similar. +We're going to install SickChill on our Linux system manually. Why not use the package manager? Well, it can cause problems under certain circumstances (sickchill will update itself from git), and, this is just a much cleaner solution. If you absolutely insist on using the package manager, be warned that upgrades can easily break and your package manager can fail to update the package, so you'll have to --force it or something similar. First, we need to decide where this installation and all our media files will live. This will be a fairly large amount of data, so, it should be on a big enough partition to handle it. Mine is in _/srv/media_ but yours can be anywhere you want/have enough space. -Second, we need to pick a user to run this all as. We're going to be using a single user account on the linux box to run SickChill, Deluge, and, Plex, so that we don't run into major file permissions and other things down the road. For me, I created a user of _media_ with a UID and GID of _420_. Since we're **not** using the distro's package manager, we'll have to create this user manually. If you are using your distro's package manager, **do not** skip this step, and make sure you run the _additional_ step below afterwards. +Second, we need to pick a user to run this all as. We're going to be using a single-user account on the Linux box to run SickChill, Deluge, and, Plex so that we don't run into major file permissions and other things down the road. For me, I created a user of _media_ with a UID and GID of _420_. Since we're **not** using the distro's package manager, we'll have to create this user manually. If you are using your distro's package manager, **do not** skip this step, and make sure you run the _additional_ step below afterward. groupadd -g 420 media useradd -g media -u 420 -d /srv/media -s /usr/bin/nologin -m @@ -82,21 +82,21 @@ systemctl enable deluge-web.service #### Plex Media Server Installation -The easiest way to install Plex is to just use the package manager. Some distros have two, one for plex, one for plex-pass. Both usually install to the same location, and only one can be installed at a time, so pick which ever one meets your needs, and install it via the package manager. If it isn't in your package manager, you'll want to install it via the official instruction at the [Plex Website](https://support.plex.tv/hc/en-us/articles/200288586). Please note that you should set up your media server nearly fully, at this point, excluding any media libraries you want to have. We'll set those up later, in _/srv/media_. +The easiest way to install Plex is to just use the package manager. Some distros have two, one for plex, and one for plex-pass. Both are usually installed in the same location, and only one can be installed at a time, so pick whichever one meets your needs, and install it via the package manager. If it isn't in your package manager, you'll want to install it via the official instructions at the [Plex Website](https://support.plex.tv/hc/en-us/articles/200288586). Please note that you should set up your media server nearly fully, at this point, excluding any media libraries you want to have. We'll set those up later, in _/srv/media_. -One thing you'll need to do, in addition to the installation procedure at Plex's website, is change the user ID that the server runs as. So before you begin to configure it - before you even start the service for the first time, you'll want to edit your _/etc/passwd_ and _/etc/group_ files once more, and change the UID and GID of the _plex_ user/group to _420_ just like we did for the torrent daemon above. We want Plex to also run as the _media_ user for easy management and access to our content. +One thing you'll need to do, in addition to the installation procedure at Plex's website, is change the user ID that the server runs as. So before you begin to configure it - before you even start the service for the first time, you'll want to edit your _/etc/passwd_ and _/etc/group_ files once more and change the UID and GID of the _plex_ user/group to _420_ just like we did for the torrent daemon above. We want Plex to also run as the _media_ user for easy management and access to our content. #### OpenVPN Installation -We'll need to install OpenVPN, and configure it, if you are going to go this route, too. The reason for using a VPN is a moot dicussion here - either you want or need to use one, or, you do not. The how and why of your decision is not relevant to the instuctions, and is not something that the SickChill team wishes to debate. If you do not wish to use a VPN, please skip this section. Otherwise, please continue. +We'll need to install OpenVPN, and configure it, if you are going to go this route, too. The reason for using a VPN is a moot discussion here - either you want or need to use one, or, you do not. The how and why of your decision is not relevant to the instructions and is not something that the SickChill team wishes to debate. If you do not wish to use a VPN, please skip this section. Otherwise, please continue. -OpenVPN is best installed through your package manager. I am unaware of any distributions (aside from those without a package management system, AKA Linux From Scratch) which do not have it available. And if you're using Linux From Scratch, you probably don't need the step by step here, just the magic at the bottom on how to get the multiple routes working nicely. +OpenVPN is best installed through your package manager. I am unaware of any distributions (aside from those without a package management system, AKA Linux From Scratch) that do not have it available. And if you're using Linux From Scratch, you probably don't need the step-by-step here, just the magic at the bottom on how to get the multiple routes working nicely. -Once the package is installed, we're going to mostly be relying on your VPN provider's setup instructions, with a few modifications to meet our specific requirements. Your provider (if they're anything like mine) will have given you an OpenVPN configuration file (likely named openvpn.conf) which contains sane defaults for most people. Well, we are not "most people", and as such, there's a few things that we need to do differently. Here is the contents of my config file, and a comment above each line detailing what it does. Your file may contain other directives that aren't in mine, and, it may contain directives with different values than mine. I'll attempt to detail what you'll need to change in your config file, and why, so that your settings do what they should will providing the functionality we need. If you do have any questions about this step, please contact us in IRC to ask for help. +Once the package is installed, we're going to mostly be relying on your VPN provider's setup instructions, with a few modifications to meet our specific requirements. Your provider (if they're anything like mine) will have given you an OpenVPN configuration file (likely named openvpn.conf) which contains sane defaults for most people. Well, we are not "most people", and as such, there are a few things that we need to do differently. Here are the contents of my config file, and a comment above each line detailing what it does. Your file may contain other directives that aren't in mine, and, it may contain directives with different values than mine. I'll attempt to detail what you'll need to change in your config file, and why, so that your settings do what they should will providing the functionality we need. If you do have any questions about this step, please contact us in [Discord](https://discord.gg/U8WPBdf) to ask for help. -First, rename this file to something unique. My VPN is provided by TigerVPN, and I'm using their NL server specifically, so, I named my file tiger-nl.conf, and tossed it in my OpenVPN root dir (/etc/openvpn). +First, rename this file to something unique. My VPN is provided by RandomVPN (ficticious), and I'm using their NL server specifically, so, I named my file randomvpn-nl.conf, and tossed it in my OpenVPN root dir (/etc/openvpn). - # tiger-nl.conf - VPN Client Config + # randomvpn-nl.conf - VPN Client Config # # Remote server IP or hostname, port, protocol - this one is UDP remote 1194 udp @@ -104,7 +104,7 @@ First, rename this file to something unique. My VPN is provided by TigerVPN, and remote 443 tcp-client # Pull settings from server when possible pull - # Authentication is username/password based, as opposed to certificate based. + # Authentication is username/password based, as opposed to certificate-based. auth-user-pass # Type of compression to use comp-lzo adaptive @@ -122,7 +122,7 @@ First, rename this file to something unique. My VPN is provided by TigerVPN, and mute 10 # Our VPN username and password is stored in this file. Make it owned by root, with 600 perms, so only root can read it. - auth-user-pass /etc/openvpn/tiger-nl.cred + auth-user-pass /etc/openvpn/randomvpn-nl.cred # DNS stuff resolv-retry infinite @@ -134,18 +134,18 @@ First, rename this file to something unique. My VPN is provided by TigerVPN, and remote-cert-tls server # Most of the below you explicitly need... Make sure you include it. - # This tells OpenVPN to not make the execute the default routing instructions. This way, your normal traffic doesn't use the VPN. + # This tells OpenVPN to not execute the default routing instructions. This way, your normal traffic doesn't use the VPN. route-noexec # Delay 2 seconds to invoke routing scripts. route-delay 2 # When the VPN goes up, execute this script. Name yours the same as mine, or, change this value. - up /etc/openvpn/tiger-nl.up.sh + up /etc/openvpn/randomvpn-nl.up.sh # When the VPN goes down, execute this script. Name yours the same as mine, or, change this value. - down /etc/openvpn/tiger-nl.down.sh + down /etc/openvpn/randomvpn-nl.down.sh Now that we have the main config file out of the way, you can see the real magic is that we explicitly disable OpenVPN from using the VPN as the default route, and instead, opt to run our own script when the VPN goes up or down. We will be keeping this VPN up 24/7 but the connection drops and gets restarted depending on the internet connection, the VPN server's stability, and a lot of other factors. Here are the scripts you'll need. - # tiger-nl.up.sh + # randomvpn-nl.up.sh #!/bin/sh ip route flush table 10 @@ -161,7 +161,7 @@ Now that we have the main config file out of the way, you can see the real magic iptables -t nat -I POSTROUTING -m mark --mark 10 -o $dev -j MASQUERADE - # tiger-nl.down.sh + # randomvpn-nl.down.sh #!/bin/sh ip rule del fwmark 10 lookup 10 ip route flush table 10 @@ -205,7 +205,7 @@ restart.conf Restart=always RestartSec=30 -Now, you should be able to enable systemd to start your VPN connection at boot, and it will reconnect when it gets dropped. Let's tell systemd to start it at boot: _systemctl enable openvpn@tiger-nl.service_ (make sure you replace tiger-nl with your config file name before the .conf part) +Now, you should be able to enable systemd to start your VPN connection at boot, and it will reconnect when it gets dropped. Let's tell systemd to start it at boot: _systemctl enable openvpn@randomvpn-nl.service_ (make sure you replace randomvpn-nl with your config file name before the .conf part) If all goes well, your VPN should pop up. You can check the logs with _journalctl_ to debug it, or a simple _ip link_ to see if the interface is up. @@ -219,11 +219,11 @@ I could write a book on configuring Apache. No, really. This section is also ver If you don't care to access your interfaces outside your LAN, you can 100% skip this section. If you don't care if anybody can find your installation by port scanning your IP address, you can 100% skip this section. If you don't care about the performance hit of some automated function hitting your installation, you too can 100% skip this section. For the rest of you (or, if you're just curious), read on. -So my Apache installation is actually _not_ on the same box that I run everything else on. It's on a linux machine (VPS, specifically) somewhere else, and, this makes it harder for others to find my installation, and easier for me to make sure my clients work everywhere (on, and, off my LAN). While some apps like ShowsRage allow you to connect differently to the same server depending on your SSID, the same is not true for the vast majority of things, and, some routers don't accept connections to port forwards from the LAN side of things. There's also the challenge that some ISPs block incoming connections on some ports, or, you may not want your stack exposed to just anybody. After all, a bunch of GET requests to a WordPress template file isn't going to do SickChill any good, nor the attacker any good either, but they're going to try no matter what. So the best way I've found to handle all of this is to just use Apache as a front end, remotely, and proxy everything over it, allowing only my VPS's IP address to connect directly to SickChill and Deluge's web interfaces. This has another benefit: hiding it behind a vhost. +So my Apache installation is actually _not_ on the same box that I run everything else on. It's on a Linux machine (VPS, specifically) somewhere else, and, this makes it harder for others to find my installation, and easier for me to make sure my clients work everywhere (on, and, off my LAN). While some apps like ShowsRage allow you to connect differently to the same server depending on your SSID, the same is not true for the vast majority of things, and, some routers don't accept connections to port forwards from the LAN side of things. There's also the challenge that some ISPs block incoming connections on some ports, or, you may not want your stack exposed to just anybody. After all, a bunch of GET requests to a WordPress template file isn't going to do SickChill any good, nor the attacker any good either, but they're going to try no matter what. So the best way I've found to handle all of this is to just use Apache as a front end, remotely, and proxy everything over it, allowing only my VPS's IP address to connect directly to SickChill and Deluge's web interfaces. This has another benefit: hiding it behind a vhost. Apache is best installed through the package manager, and, should require fairly minimal configuration. You want to ensure your Apache package has mod_proxy and mod_ssl installed along with it (some distros include these, others are additional installs). mod_ssl is usually separate, while mod_proxy is usually included, but your mileage may vary. -Once Apache and the modules are installed, you will need to enable them. Your distrobution will (very likely) have detailed instructions on how best to go about this. Arch was just editing my _/etc/httpd/conf/httpd.conf_ and uncommenting the **LoadModule** line containing the mod*proxy directives (mod_proxy, mod_proxy_connect, and mod_proxy_http). On Gentoo, it's even easier, editing */etc/conf.d/apache\_ and adding "-D PROXY" to the config line. Ubuntu has their own [recommended method](https://help.ubuntu.com/community/ApacheReverseProxy) for those on that particular distro. +Once Apache and the modules are installed, you will need to enable them. Your distribution will (very likely) have detailed instructions on how best to go about this. Arch was just editing my _/etc/httpd/conf/httpd.conf_ and uncommenting the **LoadModule** line containing the mod*proxy directives (mod_proxy, mod_proxy_connect, and mod_proxy_http). On Gentoo, it's even easier, editing */etc/conf.d/apache\_ and adding "-D PROXY" to the config line. Ubuntu has its own [recommended method](https://help.ubuntu.com/community/ApacheReverseProxy) for those on that particular distro. Once you have that particular module enabled, we're going to do the rest in a vhost config file to make life really easy. Here is my vhost config file for Deluge. It lives in _/etc/httpd/conf/extra/vhost-deluge.conf_ (your vhost dir may vary). @@ -249,7 +249,7 @@ Once you have that particular module enabled, we're going to do the rest in a vh CustomLog "/var/log/httpd/deluge.domain.tld-access_log" common -Obviously, change _deluge.domain.tld_ to your specific subdomain, and change _router-dyn-dns-entry_ to your router's dynamic DNS address. If you have a static IP address on your LAN, you can use it instead. If you don't, get a dyndns provider (there's a few free ones), though you can set up an SSH tunnel or use ngrok if you need to. Both are beyond the scope of this guide (for now). +Obviously, change _deluge.domain.tld_ to your specific subdomain, and change _router-dyn-dns-entry_ to your router's dynamic DNS address. If you have a static IP address on your LAN, you can use it instead. If you don't, get a dyndns provider (there are a few free ones), though you can set up an SSH tunnel or use ngrok if you need to. Both are beyond the scope of this guide (for now). Please note that the above also is for HTTPS and does SSL encryption. You can change the _:443_ to _:80_ and remove the first 4 _SSL\*_ lines (not the _SSLProxy\*_ ones, unless you have SSL disabled on Deluge or whatever you're using, in which case change https to http in the router-dyn-dns-entry line) if you don't want that. Note that my encryption certificates are provided by the free CA [letsencrypt.org](https://letsencrypt.org). Lastly, we're using port 3001 to talk to the LAN, so if your service is located at a different port, use it instead, or we'll set up a forward for it later. @@ -279,4 +279,4 @@ My SickChill vhost is located at _/etc/httpd/conf/extra/vhost-sickchill.conf_ (y Again, same as above, change _sickchill.domain.tld_ to your specific subdomain, and change _router-dyn-dns-entry_ to your router's dynamic DNS address. Pretty much the same notes apply here, too: port 3000 is being used to talk to SickChill, if you're running on a different port, change it here, or, we'll set up a port forward later. -Of note, you'll probably want a default :443 vhost which gets loaded whenever somebody hits an undefined subdomain, or, your apache server's raw IP address. This means that they won't get SickChill or Deluge's web interface unless they know exactly what hostname to connect to. It provides some protection against people finding your installation, but more importantly, it provides a sanity screening for the automated exploit bots all over the internet. I can't count the number of requests I get per hour of bots looking for WordPress vulnerabilities, or IIS buffer overflows, etc. While they won't harm SickChill or Deluge, both stacks are written in python which is a bit slower than Apache, and arguably take up more resources to get hit, so, the fewer things that aren't necessary hitting those two stacks the better - let them hit Apache instead. +Of note, you'll probably want a default :443 vhost which gets loaded whenever somebody hits an undefined subdomain, or, your Apache server's raw IP address. This means that they won't get SickChill or Deluge's web interface unless they know exactly what hostname to connect to. It provides some protection against people finding your installation, but more importantly, it provides a sanity screening for automated exploit bots all over the internet. I can't count the number of requests I get per hour of bots looking for WordPress vulnerabilities, IIS buffer overflows, etc. While they won't harm SickChill or Deluge, both stacks are written in Python which is a bit slower than Apache, and arguably takes up more resources to get hit, so, the fewer things that aren't necessary hitting those two stacks the better - let them hit Apache instead. diff --git a/What-is-SickChill.md b/What-is-SickChill.md index db87164..90bcbf1 100644 --- a/What-is-SickChill.md +++ b/What-is-SickChill.md @@ -5,7 +5,7 @@ And that is all fully automated! Just set it up and as soon as there is a new ep #### How does this all work? -When you add a show to SickChill the data (like air-dates, episode name/number) are pulled from an indexer like [TheTVDb](http://thetvdb.com/). At that point, SickChill knows when a new episode is going to air and starts the search on your favorite Torrent and/or NZB site. For this search you can set [quality](Quality-Settings.md) settings. For example: HDTV or SD quality. SickChill will go over all the results to find the [quality](Quality-Settings.md) YOU want and when found snatches the torrent/nzb and sends it to your download client. (sabnzb, utorrent, transmission etc.) At this point, SickChill starts monitoring your client's download folder to see if the file is finished downloading. When this is the case SickChill starts the post-processing. Here you can tell SickChill to move the file to your shows folder, or also rename it, or send notifications to Plex/Kodi or to your smart-phone. The list is long for what you can do with post-processing, simply set the actions you prefer. +When you add a show to SickChill the data (like air-dates, episode name/number) are pulled from an indexer like [TheTVDb](http://thetvdb.com/). At that point, SickChill knows when a new episode is going to air and starts the search on your favorite Torrent and/or NZB site. For this search you can set [quality](Quality-Settings.md) settings. For example: HDTV or SD quality. SickChill will go over all the results to find the [quality](Quality-Settings.md) YOU want and when found snatches the torrent/nzb and sends it to your download client. (sabnzb, utorrent, transmission etc.) At this point, SickChill starts monitoring your client's download folder to see if the file is finished downloading. When this is the case SickChill starts the post-processing. Here you can tell SickChill to move the file to your shows folder, or also rename it, or send notifications to Plex/Kodi or to your smartphone. The list is long for what you can do with post-processing, simply set the actions you prefer. And this whole process is completely automated. So once you set it up no user intervention is required. This makes SickChill ideal for NAS devices. But can run on almost every other device. @@ -51,8 +51,7 @@ In case the [Wiki](https://github.com/SickChill/SickChill/wiki) doesn't have the #### Bugs/Issues -In case you have found a bug and verified that it indeed is a bug, then please report it to our [issue tracker](https://github.com/SickChill/SickChill) so that the Developers can investigate. -Note, make sure you follow the [guidelines](https://github.com/SickChill/SickChill#submitting-a-bugissue-ticket) for posting a bug. +In case you have found a bug and verified that it indeed is a bug, then please report it to our [Discord help channel](https://discord.com/channels/502612977271439372/1048317980343283733) so that the Developers can investigate. ---