nathan/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases Wiki Activity
homelab/nodes/heimdall/sonarr/compose.yaml
Nathan 3f13409414
All checks were successful
Auto-Deploy Changed Stacks / deploy (push) Successful in 17s
Details
fix: use internal Authentik host for outpost containers 
- Change AUTHENTIK_HOST from https://sso.castaldifamily.com to http://authentik_server:9000
- Fixes hairpin NAT issue preventing outposts from connecting to Authentik
- Affects prowlarr, radarr, sonarr, and sabnzbd outpost containers
2026-06-14 08:34:15 -04:00

56 lines
2.1 KiB
YAML
Raw Blame History

###############################################################
# Networks
###############################################################
networks:
proxy-net:
name: proxy-net
external: true
###############################################################
# Services
###############################################################
services:
sonarr:
image: lscr.io/linuxserver/sonarr:4.0.17.2952-ls307
container_name: sonarr
mem_limit: 5120m
ports:
- 8989:8989
environment:
- PUID=0
- PGID=0
- TZ=America/New_York
volumes:
- /mnt/appdata/sonarr/data:/config
- /mnt/media/tvshows:/tv
- /mnt/media/incoming/downloads-sab/complete/sonarr:/downloads
restart: unless-stopped
networks:
- proxy-net
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.sonarr.entrypoints=websecure"
# - "traefik.http.routers.sonarr.rule=Host(`sonarr.castaldifamily.com`)"
# - "traefik.http.routers.sonarr.tls=true"
# - "traefik.http.routers.sonarr.tls.certresolver=cloudflare"
# - "traefik.http.services.sonarr.loadbalancer.server.port=8989"
sonarr_outpost:
image: ghcr.io/goauthentik/proxy:2026.2.2
# Optionally specify the container's network, which must be able to reach the core authentik server.
networks:
- proxy-net
container_name: sonarr_outpost
environment:
AUTHENTIK_HOST: http://authentik_server:9000
AUTHENTIK_INSECURE: "false"
AUTHENTIK_TOKEN: cJ4UWeFQ2DUTyvR22s588ciFuLSw698HTVxnEf7ecN3dq3nFOyVod6ngE66Z
# Optional setting to be used when `authentik_host` for internal communication doesn't match the public URL.
# AUTHENTIK_HOST_BROWSER: https://sonarr.castaldifamily.com
labels:
- "traefik.enable=true"
- "traefik.http.routers.sonarr.entrypoints=websecure"
- "traefik.http.routers.sonarr.rule=Host(`sonarr.castaldifamily.com`)"
- "traefik.http.routers.sonarr.tls=true"
- "traefik.http.routers.sonarr.tls.certresolver=cloudflare"
- "traefik.http.services.sonarr.loadbalancer.server.port=9000"
Reference in New Issue View Git Blame Copy Permalink