Add auth to sonarr

2024-01-08 14:57:06 -08:00 · 2024-01-08 14:57:06 -08:00 · 7b019e0787
parent 0f19e2433f
commit 7b019e0787
3 changed files with 11 additions and 2 deletions
--- a/.secrets-baseline
+++ b/.secrets-baseline
@ -132,7 +132,7 @@
        "filename": "core/authelia.yml",
        "hashed_secret": "a32b08d97b1615dc27f58b6b17f67624c04e2c4f",
        "is_verified": false,
-        "line_number": 185,
+        "line_number": 191,
        "is_secret": false
      }
    ],
@ -187,5 +187,5 @@
      }
    ]
  },
-  "generated_at": "2023-08-24T20:00:24Z"
+  "generated_at": "2024-01-08T22:56:56Z"
 }
--- a/core/authelia.yml
+++ b/core/authelia.yml
@ -151,6 +151,12 @@ access_control:
      networks: 192.168.5.0/24

  rules:
+    # Bypass auth for Sonarr API since that has it's own authentication
+    - domain: 'sonarr.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}'
+      policy: bypass
+      resources:
+        - '^/api([/?].*)?$'
+
    ## Rules applied to everyone
    - domain: '*.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}'
      networks:
--- a/services/sonarr.tf
+++ b/services/sonarr.tf
@ -7,6 +7,9 @@ module "sonarr" {
  ingress      = true
  service_port = 8989
  use_wesher   = var.use_wesher
+  ingress_middlewares = [
+    "authelia@nomad"
+  ]

  env = {
    PGID = 100