servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: Use authelia on *arr stack

Browse Source
This commit is contained in:
uttarayan21
2025-07-29 16:28:25 +05:30
parent f87b3f8c76
commit 3324ae280d
3 changed files with 17 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/mirai/services/authelia.nix
View File

@@ -55,7 +55,7 @@
theme = "dark"; theme = "dark";
notifier.filesystem.filename = "/var/lib/authelia-darksailor/authelia-notifier.log"; notifier.filesystem.filename = "/var/lib/authelia-darksailor/authelia-notifier.log";
server = { server = {
address = "127.0.0.1:5555"; address = "0.0.0.0:5555";
endpoints.authz = { endpoints.authz = {
forward-auth = { forward-auth = {
implementation = "ForwardAuth"; implementation = "ForwardAuth";
@@ -80,9 +80,7 @@
}; };
caddy = { caddy = {
virtualHosts."auth.darksailor.dev".extraConfig = '' virtualHosts."auth.darksailor.dev".extraConfig = ''
reverse_proxy localhost:5555 { reverse_proxy localhost:5555
trusted_proxies 100.87.221.59/32
}
''; '';
}; };
}; };

3
nixos/mirai/services/tailscale.nix
View File

@@ -4,4 +4,7 @@
useRoutingFeatures = "server"; useRoutingFeatures = "server";
extraUpFlags = "--advertise-exit-node"; extraUpFlags = "--advertise-exit-node";
}; };
networking.firewall.trustedInterfaces = [
"tailscale0"
];
} }

34
nixos/tsuba/services/servarr.nix
View File

@@ -34,49 +34,39 @@
enable = true; enable = true;
package = unstablePkgs.bazarr; package = unstablePkgs.bazarr;
group = "media"; group = "media";
# settings.AuthenticationMethod = "External";
}; };
caddy.virtualHosts = let caddy.virtualHosts = let
forwardAuth = "auth.darksailor.dev"; auth = ''
forward_auth mirai:5555 {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
'';
# auth = "";
in { in {
"sonarr.tsuba.darksailor.dev".extraConfig = '' "sonarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner import hetzner
forward_auth ${forwardAuth} { ${auth}
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
reverse_proxy localhost:${builtins.toString config.services.sonarr.settings.server.port} reverse_proxy localhost:${builtins.toString config.services.sonarr.settings.server.port}
''; '';
"radarr.tsuba.darksailor.dev".extraConfig = '' "radarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner import hetzner
forward_auth ${forwardAuth} { ${auth}
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
reverse_proxy localhost:${builtins.toString config.services.radarr.settings.server.port} reverse_proxy localhost:${builtins.toString config.services.radarr.settings.server.port}
''; '';
"lidarr.tsuba.darksailor.dev".extraConfig = '' "lidarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner import hetzner
forward_auth ${forwardAuth} { ${auth}
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
reverse_proxy localhost:${builtins.toString config.services.lidarr.settings.server.port} reverse_proxy localhost:${builtins.toString config.services.lidarr.settings.server.port}
''; '';
"bazarr.tsuba.darksailor.dev".extraConfig = '' "bazarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner import hetzner
forward_auth ${forwardAuth} { ${auth}
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
reverse_proxy localhost:${builtins.toString config.services.bazarr.listenPort} reverse_proxy localhost:${builtins.toString config.services.bazarr.listenPort}
''; '';
"prowlarr.tsuba.darksailor.dev".extraConfig = '' "prowlarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner import hetzner
forward_auth ${forwardAuth} { ${auth}
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
reverse_proxy mirai.darksailor.dev:9696 reverse_proxy mirai.darksailor.dev:9696
''; '';
}; };