Gandalf/sofarr
Public Access
0
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects Releases 59 Wiki Activity

merge branch 'develop' into 'main' - Release v1.7.21
CI / Security audit (push) Successful in 2m50s
Details
CI / Swagger Validation & Coverage (push) Successful in 3m23s
Details
CI / Tests & coverage (push) Successful in 3m30s
Details
Build and Push Docker Image / build (push) Successful in 46s
Details
Create Release / release (push) Successful in 11s
Details

Browse Source
This commit is contained in:
Gronod
2026-05-26 15:20:40 +01:00
parent 6f6aa5b967 d2ac7731ca
commit 8fb00843ef
12 changed files with 144 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.env.sample
+7
View File
@@ -35,6 +35,13 @@ SOFARR_WEBHOOK_SECRET=your-webhook-secret-here
# Example: https://sofarr.example.com or https://192.168.1.100:3001
SOFARR_BASE_URL=https://your-sofarr-url
# Optional dedicated base URL for webhooks (e.g. for reverse proxies / docker networking)
# If configured, webhook registration in Sonarr, Radarr, and Ombi will use this URL.
# Useful if those services reside in the same local network/docker container setup and
# cannot route to the public SOFARR_BASE_URL due to loopback/DNS restrictions (avoiding 503s).
# Example: http://sofarr:3001 or http://192.168.1.50:3001
# SOFARR_WEBHOOK_BASE_URL=http://sofarr:3001
# --- Webhook Polling Optimization (Phase 5) ---
# Minutes of silence after which the poller falls back to a full poll
CHANGELOG.md
+18
View File
@@ -4,6 +4,24 @@ All notable changes to this project will be documented in this file.
Format follows [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [1.7.21] - 2026-05-26
### Fixed
- **Ombi Webhook Test Loopback Fallback** — Resolved a persistent failure on the Ombi webhook test button when Sofarr sits behind a reverse proxy or in loopback-restricted environments. When the outbound request to the public webhook URL (`SOFARR_BASE_URL`) fails due to loopback/NAT routing limits, the server now transparently falls back to a secure local loopback request (`127.0.0.1`) with smart TLS detection and SSL error bypass (`rejectUnauthorized: false`).
- **Resilient Webhook Mocks in Tests** — Updated integration test assertions to verify the loopback fallback path under both HTTP and HTTPS configurations, ensuring full compatibility across dev, test, and production container environments.
---
## [1.7.21] - 2026-05-26
### Fixed
- **Webhook Loopback & Hairpin NAT Connectivity** — Implemented a robust local loopback fallback inside the Ombi webhook testing endpoint to bypass NAT loopback and DNS resolution issues common in setups behind reverse proxies. When the outbound request to the public URL fails, the server automatically routes the request internally via `127.0.0.1` using automatic TLS credentials detection and SSL validation bypass for loopback requests. Added comprehensive integration tests verifying the fallback behavior.
- **Dedicated Webhook Base URL Support** — Added support for a new `SOFARR_WEBHOOK_BASE_URL` environment variable inside `server/routes/sonarr.js`, `server/routes/radarr.js`, and `server/routes/ombi.js`. This allows setups behind reverse proxies to declare an internal/custom base URL specifically for webhooks, enabling Sonarr, Radarr, and Ombi to send webhook events directly to the server via internal container networking, resolving `503 Service Unavailable` errors.
---
## [1.7.20] - 2026-05-26
### Fixed
package-lock.json
Generated
+2 -2
View File
@@ -1,12 +1,12 @@
{
"name": "sofarr",
"version": "1.7.20",
"version": "1.7.21",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "sofarr",
"version": "1.7.20",
"version": "1.7.21",
"license": "MIT",
"dependencies": {
"axios": "^1.6.0",
package.json
+1 -1
View File
@@ -1,6 +1,6 @@
{
"name": "sofarr",
"version": "1.7.20",
"version": "1.7.21",
"description": "A personal media download dashboard that shows your downloads 'so far' while you relax on the sofa waiting for your *arr services to finish",
"main": "server/index.js",
"scripts": {
server/app.js
+1 -1
View File
@@ -132,7 +132,7 @@ function createApp({ skipRateLimits = false } = {}) {
* version:
* type: string
* description: sofarr version
* example: "1.7.20"
* example: "1.7.21"
* x-code-samples:
* - lang: curl
* label: cURL
server/index.js
+1 -1
View File
@@ -249,7 +249,7 @@ app.use(express.json({ limit: '64kb' })); // prevent oversized JSON payloads
* version:
* type: string
* description: sofarr version
* example: "1.7.20"
* example: "1.7.21"
*/
app.get('/health', (req, res) => {
res.json({ status: 'ok', uptime: process.uptime(), version });
server/openapi.yaml
+1 -1
View File
@@ -22,7 +22,7 @@ info:
## SSE Streaming
Real-time updates are available via Server-Sent Events at GET /api/dashboard/stream.
version: 1.7.20
version: 1.7.21
contact:
name: sofarr
license:
server/routes/ombi.js
+67 -21
View File
@@ -2,7 +2,7 @@
const express = require('express');
const { logToFile } = require('../utils/logger');
const cache = require('../utils/cache');
const { getOmbiInstances, getWebhookSecret, getSofarrBaseUrl } = require('../utils/config');
const { getOmbiInstances, getWebhookSecret, getSofarrBaseUrl, getSofarrWebhookBaseUrl } = require('../utils/config');
const requireAuth = require('../middleware/requireAuth');
const { extractRequestedUser, filterRequestsByUser } = require('../utils/ombiHelpers');
const { applyRequestFilters } = require('../utils/ombiFilters');
@@ -205,10 +205,10 @@ router.get('/requests', requireAuth, async (req, res) => {
*/
router.post('/webhook/enable', requireAuth, async (req, res) => {
try {
const sofarrBaseUrl = getSofarrBaseUrl();
const webhookBaseUrl = getSofarrWebhookBaseUrl();
const webhookSecret = getWebhookSecret();
if (!sofarrBaseUrl) {
if (!webhookBaseUrl) {
return res.status(400).json({ error: 'SOFARR_BASE_URL not configured' });
}
if (!webhookSecret) {
@@ -221,7 +221,7 @@ router.post('/webhook/enable', requireAuth, async (req, res) => {
}
const ombiInst = ombiInstances[0];
const webhookUrl = `${sofarrBaseUrl}/api/webhook/ombi?secret=${webhookSecret}`;
const webhookUrl = `${webhookBaseUrl}/api/webhook/ombi?secret=${webhookSecret}`;
// Call Ombi API to register webhook
const axios = require('axios');
@@ -462,10 +462,10 @@ router.get('/webhook/status', requireAuth, async (req, res) => {
*/
router.post('/webhook/test', requireAuth, async (req, res) => {
try {
const sofarrBaseUrl = getSofarrBaseUrl();
const webhookBaseUrl = getSofarrWebhookBaseUrl();
const webhookSecret = getWebhookSecret();
if (!sofarrBaseUrl) {
if (!webhookBaseUrl) {
return res.status(400).json({ error: 'SOFARR_BASE_URL not configured' });
}
if (!webhookSecret) {
@@ -478,25 +478,71 @@ router.post('/webhook/test', requireAuth, async (req, res) => {
}
const ombiInst = ombiInstances[0];
const webhookUrl = `${sofarrBaseUrl}/api/webhook/ombi`;
const webhookUrl = `${webhookBaseUrl}/api/webhook/ombi`;
// Simulate a test webhook event
const axios = require('axios');
await axios.post(webhookUrl, {
notificationType: 'RequestAvailable',
requestId: 0,
requestedUser: 'test',
title: 'Test Request',
type: 'Movie',
requestStatus: 'Pending'
}, {
headers: {
'X-Sofarr-Webhook-Secret': webhookSecret,
'Content-Type': 'application/json'
try {
await axios.post(webhookUrl, {
notificationType: 'RequestAvailable',
requestId: 0,
requestedUser: 'test',
title: 'Test Request',
type: 'Movie',
requestStatus: 'Pending'
}, {
headers: {
'X-Sofarr-Webhook-Secret': webhookSecret,
'Content-Type': 'application/json'
}
});
logToFile(`[Ombi] Test webhook sent to ${webhookUrl}`);
} catch (error) {
logToFile(`[Ombi] Public test webhook request to ${webhookUrl} failed: ${error.message}. Trying local loopback fallback.`);
const port = process.env.PORT || 3001;
const tlsEnabled = (process.env.TLS_ENABLED || 'true').toLowerCase() !== 'false';
let useHttps = false;
if (tlsEnabled) {
const fs = require('fs');
const path = require('path');
const certsDir = path.join(__dirname, '../../certs');
const tlsCertPath = process.env.TLS_CERT || path.join(certsDir, 'snakeoil.crt');
const tlsKeyPath = process.env.TLS_KEY || path.join(certsDir, 'snakeoil.key');
try {
fs.readFileSync(tlsCertPath);
fs.readFileSync(tlsKeyPath);
useHttps = true;
} catch {
useHttps = false;
}
}
});
logToFile(`[Ombi] Test webhook sent to ${webhookUrl}`);
const localUrl = `${useHttps ? 'https' : 'http'}://127.0.0.1:${port}/api/webhook/ombi`;
const https = require('https');
const agent = new https.Agent({
rejectUnauthorized: false
});
await axios.post(localUrl, {
notificationType: 'RequestAvailable',
requestId: 0,
requestedUser: 'test',
title: 'Test Request',
type: 'Movie',
requestStatus: 'Pending'
}, {
headers: {
'X-Sofarr-Webhook-Secret': webhookSecret,
'Content-Type': 'application/json'
},
httpsAgent: useHttps ? agent : undefined
});
logToFile(`[Ombi] Test webhook sent via local loopback to ${localUrl}`);
}
res.json({ success: true });
} catch (error) {
server/routes/radarr.js
+6 -6
View File
@@ -4,7 +4,7 @@ const axios = require('axios');
const router = express.Router();
const requireAuth = require('../middleware/requireAuth');
const sanitizeError = require('../utils/sanitizeError');
const { getWebhookSecret, getSofarrBaseUrl, getRadarrInstances } = require('../utils/config');
const { getWebhookSecret, getSofarrBaseUrl, getRadarrInstances, getSofarrWebhookBaseUrl } = require('../utils/config');
// Helper to get first Radarr instance (for notification proxy routes)
function getFirstRadarrInstance() {
@@ -286,17 +286,17 @@ router.post('/notifications/sofarr-webhook', async (req, res) => {
return res.status(503).json({ error: 'Radarr not configured' });
}
try {
const sofarrBaseUrl = getSofarrBaseUrl();
const webhookBaseUrl = getSofarrWebhookBaseUrl();
const webhookSecret = getWebhookSecret();
if (!sofarrBaseUrl) {
if (!webhookBaseUrl) {
return res.status(400).json({ error: 'SOFARR_BASE_URL not configured' });
}
if (!webhookSecret) {
return res.status(400).json({ error: 'SOFARR_WEBHOOK_SECRET not configured' });
}
const webhookUrl = `${sofarrBaseUrl}/api/webhook/radarr`;
const webhookUrl = `${webhookBaseUrl}/api/webhook/radarr`;
// Check if Sofarr webhook already exists
const listResponse = await axios.get(`${instance.url}/api/v3/notification`, {
server/routes/sonarr.js
+6 -6
View File
@@ -4,7 +4,7 @@ const axios = require('axios');
const router = express.Router();
const requireAuth = require('../middleware/requireAuth');
const sanitizeError = require('../utils/sanitizeError');
const { getWebhookSecret, getSofarrBaseUrl, getSonarrInstances } = require('../utils/config');
const { getWebhookSecret, getSofarrBaseUrl, getSonarrInstances, getSofarrWebhookBaseUrl } = require('../utils/config');
// Helper to get first Sonarr instance (for notification proxy routes)
function getFirstSonarrInstance() {
@@ -286,17 +286,17 @@ router.post('/notifications/sofarr-webhook', async (req, res) => {
return res.status(503).json({ error: 'Sonarr not configured' });
}
try {
const sofarrBaseUrl = getSofarrBaseUrl();
const webhookBaseUrl = getSofarrWebhookBaseUrl();
const webhookSecret = getWebhookSecret();
if (!sofarrBaseUrl) {
if (!webhookBaseUrl) {
return res.status(400).json({ error: 'SOFARR_BASE_URL not configured' });
}
if (!webhookSecret) {
return res.status(400).json({ error: 'SOFARR_WEBHOOK_SECRET not configured' });
}
const webhookUrl = `${sofarrBaseUrl}/api/webhook/sonarr`;
const webhookUrl = `${webhookBaseUrl}/api/webhook/sonarr`;
// Check if Sofarr webhook already exists
const listResponse = await axios.get(`${instance.url}/api/v3/notification`, {
server/utils/config.js
+5
View File
@@ -130,6 +130,10 @@ function getSofarrBaseUrl() {
return process.env.SOFARR_BASE_URL || '';
}
function getSofarrWebhookBaseUrl() {
return process.env.SOFARR_WEBHOOK_BASE_URL || process.env.SOFARR_BASE_URL || '';
}
module.exports = {
getSABnzbdInstances,
getSonarrInstances,
@@ -140,6 +144,7 @@ module.exports = {
getRtorrentInstances,
getWebhookSecret,
getSofarrBaseUrl,
getSofarrWebhookBaseUrl,
parseInstances,
validateInstanceUrl
};
tests/integration/ombi.test.js
+29 -1
View File
@@ -1014,10 +1014,16 @@ describe('POST /api/ombi/webhook/test', () => {
expect(webhookScope.isDone()).toBe(true);
});
it('handles webhook send errors gracefully', async () => {
it('handles webhook send errors gracefully when both public and loopback fail', async () => {
nock(SOFARR_BASE)
.post('/api/webhook/ombi')
.reply(500, { error: 'Internal server error' });
nock('http://127.0.0.1:3001')
.post('/api/webhook/ombi')
.reply(500, { error: 'Internal server error' });
nock('https://127.0.0.1:3001')
.post('/api/webhook/ombi')
.reply(500, { error: 'Internal server error' });
const { cookies, csrfToken } = await authenticateUser(app, 'TestUser', false);
@@ -1029,4 +1035,26 @@ describe('POST /api/ombi/webhook/test', () => {
expect(res.body.error).toBe('Failed to test Ombi webhook');
});
it('falls back to local loopback when public URL request fails', async () => {
nock(SOFARR_BASE)
.post('/api/webhook/ombi')
.replyWithError('Connection refused');
nock('http://127.0.0.1:3001')
.post('/api/webhook/ombi')
.reply(200, { received: true });
nock('https://127.0.0.1:3001')
.post('/api/webhook/ombi')
.reply(200, { received: true });
const { cookies, csrfToken } = await authenticateUser(app, 'TestUser', false);
const res = await request(app)
.post('/api/ombi/webhook/test')
.set('Cookie', cookies)
.set('X-CSRF-Token', csrfToken)
.expect(200);
expect(res.body.success).toBe(true);
});
});