diff --git a/.secrets-baseline b/.secrets-baseline index 555a136..fc5e209 100644 --- a/.secrets-baseline +++ b/.secrets-baseline @@ -132,7 +132,7 @@ "filename": "core/authelia.yml", "hashed_secret": "a32b08d97b1615dc27f58b6b17f67624c04e2c4f", "is_verified": false, - "line_number": 185, + "line_number": 191, "is_secret": false } ], @@ -187,5 +187,5 @@ } ] }, - "generated_at": "2023-08-24T20:00:24Z" + "generated_at": "2024-01-08T22:56:56Z" } diff --git a/core/authelia.yml b/core/authelia.yml index aacb45e..4e693aa 100644 --- a/core/authelia.yml +++ b/core/authelia.yml @@ -151,6 +151,12 @@ access_control: networks: 192.168.5.0/24 rules: + # Bypass auth for Sonarr API since that has it's own authentication + - domain: 'sonarr.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}' + policy: bypass + resources: + - '^/api([/?].*)?$' + ## Rules applied to everyone - domain: '*.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}' networks: diff --git a/services/sonarr.tf b/services/sonarr.tf index 0c21215..5363f0b 100644 --- a/services/sonarr.tf +++ b/services/sonarr.tf @@ -7,6 +7,9 @@ module "sonarr" { ingress = true service_port = 8989 use_wesher = var.use_wesher + ingress_middlewares = [ + "authelia@nomad" + ] env = { PGID = 100