Reverse proxy for qBittorrent

location /qbt/ {
    proxy_pass         http://127.0.0.1:1340/;
    proxy_http_version 1.1;

    proxy_set_header   Host               127.0.0.1:1340;
    proxy_set_header   X-Forwarded-Host   $http_host;
    proxy_set_header   X-Forwarded-For    $remote_addr;

    # not used by qBittorrent
    #proxy_set_header   X-Forwarded-Proto  $scheme;
    #proxy_set_header   X-Real-IP          $remote_addr;

    # optionally, you can adjust the POST request size limit, to allow adding a lot of torrents at once
    #client_max_body_size 100M;

    # Since v4.2.2, is possible to configure qBittorrent
    # to set the "Secure" flag for the session cookie automatically.
    # However, that option does nothing unless using qBittorrent's built-in HTTPS functionality.
    # For this use case, where qBittorrent itself is using plain HTTP
    # (and regardless of whether or not the external website uses HTTPS),
    # the flag must be set here, in the proxy configuration itself.
    # Note: If this flag is set while the external website uses only HTTP, this will cause
    # the login mechanism to not work without any apparent errors in console/network resulting in "auth loops".
    proxy_cookie_path  /                  "/; Secure";
}

I Need to test it

This works, but you’ll need to configure SSL within qbittorrent’s web UI I believe.

If not logged in, Qbittorrent will fail to login from the proxy’d domain (mentioned in that last line of the config provided.

Technically-speaking, you could remove the secure cookie config (I think?), but the whole reason I’ve set up qbittorrent behind a reverse proxy is so I can access it via my existing SSL cert in Homer, which won’t accept HTTP requests within a HTTPS context.

using a revers proxy, SSL is handled by the revers proxy and not the application.