qBittorrent with Web UI on Ubuntu 20.04 (lazy guide)

qBittorrent with Web UI on Ubuntu 20.04 (lazy guide).md

qBittorrent with Web UI on Ubuntu 20.04 (lazy guide)

WARNING: this guide is not about security, but about functionality, for example, never run applications as root. Be cautious.

sudo su

add-apt-repository ppa:qbittorrent-team/qbittorrent-stable && \
apt install -y qbittorrent qbittorrent-nox

cat > /etc/systemd/system/qbittorrent-nox.service << EOF
[Unit]
Description=qBittorrent Command Line Client
After=network.target

[Service]
Type=forking
User=root
Group=root
UMask=000
ExecStart=/usr/bin/qbittorrent-nox -d --webui-port=8212
Restart=on-failure

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload && \
systemctl enable qbittorrent-nox && \
systemctl stop qbittorrent-nox && \
systemctl start qbittorrent-nox && \
systemctl status qbittorrent-nox

Using

• Web-UI URL: http://yourIP:8212/
• Username is "admin", password is "adminadmin".
• Source: https://www.linuxbabe.com/ubuntu/install-qbittorrent-ubuntu-18-04-desktop-server

Create Apache Reverse Proxy - HTTP

sudo su

apt update && \
apt install -y apache2 && \
a2enmod proxy proxy_http headers proxy_wstunnel

DOMAIN=qbit.yourdomain.tld && \
rm -f /etc/apache2/sites-available/$DOMAIN.conf && \
cat > /etc/apache2/sites-available/$DOMAIN.conf << EOF
<VirtualHost *:80>
   ServerName $DOMAIN
   ErrorDocument 404 /404.html

   #HTTP proxy
   ProxyPass / http://localhost:8212/
   ProxyPassReverse / http://localhost:8212/

   #Websocket proxy
   SSLProxyEngine on
   <Location /:/websockets/notifications>
        ProxyPass wss://localhost:8212/:/websockets/notifications
        ProxyPassReverse wss://localhost:8212/:/websockets/notifications
   </Location>

   Header always unset X-Frame-Options
</VirtualHost>
EOF

DOMAIN=qbit.yourdomain.tld && \
a2ensite $DOMAIN.conf && \
systemctl restart apache2

Optional - Enable HTTPS

sudo su

apt install -y certbot python3-certbot-apache

DOMAIN=qbit.yourdomain.tld && \
EMAIL=qbit@yourdomain.tld && \
certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email $EMAIL -d $DOMAIN

systemctl restart apache2

thanks bro

User=root Group=root perhaps not the safest way to run network application

User=root Group=root perhaps not the safest way to run network application

Thank you for your comment, you are right, in our country they say "carve in stone". It's not safe but it's functional, if someone wants to run it long term surely safety needs to be addressed as well. Definitely if you want to address security and functionality at the same time I recommend Docker, one command and it's up and running. I will add a notification to this guide that security is not addressed here.

@nosmall thanks for this.

You have put more effort into writing this one (125 characters):

WARNING: this guide is not about security, but about functionality, for example, never run applications as root. Be cautious.

rather than typing the following (75 characters):

groupadd torrent
useradd -g torrent -m -d /home/torrent -s /bin/bash torrent

Admittedly the word torrent (used inside the systemd file) is 3 characters longer than root, and since you need to type it twice, we have 6 more characters.

Hence, you could have done the right thing and you would have written 44 characters less: 125 - 75 - 6 = 44

Also, rm -f /etc/apache2/sites-available/$DOMAIN.conf is not needed if you use cat >, because the single symbol > overwrites the file.

And why are you declaring DOMAIN twice in the same section?

but, on a more important note, you also need to run: a2enmod ssl

😸

p.s.: thanks again for sharing this.

You have put more effort into writing this one (125 characters):

Thank you for your comment and you are right!