Add authelia bypass for some favicons

2024-08-30 11:12:56 -07:00 · 2024-08-30 11:12:56 -07:00 · 98c547ebdf
commit 98c547ebdf
parent fc5bce0757
2 changed files with 14 additions and 2 deletions
--- a/.secrets-baseline
+++ b/.secrets-baseline
@ -132,7 +132,7 @@
        "filename": "core/authelia.yml",
        "hashed_secret": "a32b08d97b1615dc27f58b6b17f67624c04e2c4f",
        "is_verified": false,
-        "line_number": 189,
+        "line_number": 201,
        "is_secret": false
      }
    ],
@ -187,5 +187,5 @@
      }
    ]
  },
-  "generated_at": "2024-02-20T18:04:29Z"
+  "generated_at": "2024-08-30T18:12:43Z"
 }
--- a/core/authelia.yml
+++ b/core/authelia.yml
@ -151,6 +151,18 @@ access_control:
      networks: 192.168.5.0/24

  rules:
+    ## Allow favicons on internal network
+    - domain: '*.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}'
+      resources:
+        - '^/apple-touch-icon-precomposed\.png$'
+        - '^/assets/safari-pinned-tab\.svg$'
+        - '^/apple-touch-icon-180x180\.png$'
+        - '^/apple-touch-icon\.png$'
+        - '^/favicon\.ico$'
+      networks:
+        - internal
+      policy: bypass
+
    {{ range nomadVarList "authelia/access_control/service_rules" }}{{ with nomadVar .Path }}
    - domain: '{{ .name }}.{{ with nomadVar "nomad/jobs" }}{{ .base_hostname }}{{ end }}'
 {{ .rule.Value | indent 6 }}