Add external service acls for authelia
This commit is contained in:
parent
cf8bde7920
commit
4fe3d46d5f
@ -151,12 +151,12 @@ access_control:
|
|||||||
networks: 192.168.5.0/24
|
networks: 192.168.5.0/24
|
||||||
|
|
||||||
rules:
|
rules:
|
||||||
# Bypass auth for Sonarr API since that has it's own authentication
|
{{ range nomadVarList "authelia/access_control/service_rules" -}}
|
||||||
- domain: 'sonarr.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}'
|
{{- with nomadVar .Path -}}
|
||||||
policy: bypass
|
- domain: '{{ .name }}.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}'
|
||||||
resources:
|
{{ .rule.Value | indent 6 }}
|
||||||
- '^/api([/?].*)?$'
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
## Rules applied to everyone
|
## Rules applied to everyone
|
||||||
- domain: '*.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}'
|
- domain: '*.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}'
|
||||||
networks:
|
networks:
|
||||||
|
@ -36,3 +36,15 @@ module "sonarr" {
|
|||||||
memory_max = 700
|
memory_max = 700
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "nomad_variable" "authelia_service_rules_sonarr" {
|
||||||
|
path = "authelia/access_control/service_rules/sonarr"
|
||||||
|
items = {
|
||||||
|
name = "sonarr"
|
||||||
|
rule = <<EOH
|
||||||
|
policy: bypass
|
||||||
|
resources:
|
||||||
|
- '^/api([/?].*)?$'
|
||||||
|
EOH
|
||||||
|
}
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user