Put Servarr + qBit + games + search behind Authelia
Only Jellyfin and the Authelia portal itself stay unprotected externally (Jellyfin because it's streamed to remote clients; Authelia because it is the login gate). Everything else (sonarr, radarr, bazarr, prowlarr, torrent/qBittorrent, games, search) now goes through Authelia forward auth. Internal integrations (Homepage widgets, Prowlarr → Sonarr/Radarr, Bazarr → Sonarr/Radarr, transcode-hevc qBit queries) use 127.0.0.1:PORT directly, so they are unaffected. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
parent
0c937b8601
commit
bcaecc244d
2 changed files with 17 additions and 16 deletions
|
|
@ -74,6 +74,13 @@ in
|
||||||
{ domain = "homepage.nordhammer.it"; policy = "one_factor"; }
|
{ domain = "homepage.nordhammer.it"; policy = "one_factor"; }
|
||||||
{ domain = "7dtd.nordhammer.it"; policy = "one_factor"; }
|
{ domain = "7dtd.nordhammer.it"; policy = "one_factor"; }
|
||||||
{ domain = "adguard.nordhammer.it"; policy = "one_factor"; }
|
{ domain = "adguard.nordhammer.it"; policy = "one_factor"; }
|
||||||
|
{ domain = "sonarr.nordhammer.it"; policy = "one_factor"; }
|
||||||
|
{ domain = "radarr.nordhammer.it"; policy = "one_factor"; }
|
||||||
|
{ domain = "bazarr.nordhammer.it"; policy = "one_factor"; }
|
||||||
|
{ domain = "prowlarr.nordhammer.it"; policy = "one_factor"; }
|
||||||
|
{ domain = "torrent.nordhammer.it"; policy = "one_factor"; }
|
||||||
|
{ domain = "games.nordhammer.it"; policy = "one_factor"; }
|
||||||
|
{ domain = "search.nordhammer.it"; policy = "one_factor"; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -87,24 +87,18 @@ in
|
||||||
'';
|
'';
|
||||||
|
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
# --- Authelia portal (not behind auth itself) ---
|
# --- Unprotected (own auth, or by design) ---
|
||||||
"auth.nordhammer.it" = proxy 9091;
|
"auth.nordhammer.it" = proxy 9091; # Authelia portal itself
|
||||||
|
"jellyfin.nordhammer.it" = proxy 8096; # streaming to external clients
|
||||||
# --- Media ---
|
|
||||||
"jellyfin.nordhammer.it" = proxy 8096;
|
|
||||||
"bazarr.nordhammer.it" = proxy 6767;
|
|
||||||
"sonarr.nordhammer.it" = proxy 8989;
|
|
||||||
"radarr.nordhammer.it" = proxy 7878;
|
|
||||||
|
|
||||||
# --- Downloads ---
|
|
||||||
"prowlarr.nordhammer.it" = proxy 9696;
|
|
||||||
"torrent.nordhammer.it" = proxy 8080;
|
|
||||||
|
|
||||||
# --- Other ---
|
|
||||||
"games.nordhammer.it" = proxy 8787;
|
|
||||||
"search.nordhammer.it" = proxy 8087;
|
|
||||||
|
|
||||||
# --- Protected by Authelia ---
|
# --- Protected by Authelia ---
|
||||||
|
"bazarr.nordhammer.it" = protectedProxy 6767;
|
||||||
|
"sonarr.nordhammer.it" = protectedProxy 8989;
|
||||||
|
"radarr.nordhammer.it" = protectedProxy 7878;
|
||||||
|
"prowlarr.nordhammer.it" = protectedProxy 9696;
|
||||||
|
"torrent.nordhammer.it" = protectedProxy 8080;
|
||||||
|
"games.nordhammer.it" = protectedProxy 8787;
|
||||||
|
"search.nordhammer.it" = protectedProxy 8087;
|
||||||
"camera.nordhammer.it" = protectedProxy 1984;
|
"camera.nordhammer.it" = protectedProxy 1984;
|
||||||
"homepage.nordhammer.it" = protectedProxy 8082;
|
"homepage.nordhammer.it" = protectedProxy 8082;
|
||||||
"7dtd.nordhammer.it" = protectedProxy 8090;
|
"7dtd.nordhammer.it" = protectedProxy 8090;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue