Guide to Setting Up Sonarr SSO with Authentik and Nginx Proxy Manager
This guide outlines the steps to set up Sonarr Single Sign-On (SSO) using Authentik and Nginx Proxy Manager. The process involves installing necessary software, configuring proxy settings, and enabling authentication.
Prerequisites
- A server with Docker installed.
- Proxmox or similar container management system.
- Basic knowledge of Docker and web server configurations.
Step 1: Install Nginx Proxy Manager
-
Create a Docker Compose File:
- Navigate to the official Nginx Proxy Manager documentation to grab the Docker Compose file.
- Create a new file on your server for the Docker Compose setup.
-
Access the Web Interface:
- Open your web browser and go to
http://<your-server-ip>:81
. - Use the default credentials for testing (change them later for security).
- Open your web browser and go to
Step 2: Install Sonarr
-
Install Sonarr via Docker:
- Use the Docker image from LinuxServer.io for Sonarr.
- Deploy it using Docker Compose or pull the image directly.
-
Access Sonarr:
- Once installed, access Sonarr at
http://<your-server-ip>:8989
.
- Once installed, access Sonarr at
Step 3: Install Authentik
-
Set Up Authentik:
- Follow the documentation available on the Authentik website.
- The Authentik web interface will be accessible at
http://<your-server-ip>:9000
.
-
Handle Outpost Warnings:
- If you encounter warnings regarding outposts, run the following commands:
docker-compose down docker-compose up
- If you encounter warnings regarding outposts, run the following commands:
Step 4: Configure Nginx Proxy Manager
-
Add a Proxy Host for Authentik:
- In Nginx Proxy Manager, create a new proxy host.
- Set the IP to your server’s IP and port to
9000
. - If using SSL, change the scheme to
https
and port to9443
.
-
Add a Proxy Host for Sonarr:
- Create another proxy host in Nginx Proxy Manager.
- Set the IP to your server’s IP and port to
8989
.
Step 5: Configure Authentik for Sonarr
-
Create an Application in Authentik:
- Go to the Applications section in Authentik.
- Create a new application named “Sonarr” with the same slug.
-
Set Up a Proxy Provider:
- Select “Proxy Provider” as the type.
- Name it “Sonarr Proxy” and choose “Implicit Provider” for seamless login.
- Input your external host as
sonar.home.local
and internal host as your server’s address.
-
Update Outposts:
- Edit the default outpost in Authentik.
- Select your newly created Sonarr application and update the authentic host URL accordingly.
Step 6: Enable HTTP Basic Authentication
-
Create User Groups:
- In Authentik, create a user group and set username/password attributes.
- Assign users to this group for authentication purposes.
-
Update Provider Settings:
- Go back to your Sonarr provider settings in Authentik.
- Enable HTTP Basic Authentication by selecting it from the options and filling in required fields.
-
Test Authentication:
- Open an incognito window and navigate to
http://<your-server-ip>:8989
. - Verify that authentication is working as expected.
- Open an incognito window and navigate to
Conclusion
After completing these steps, you should have a fully functional setup of Sonarr with SSO using Authentik and Nginx Proxy Manager. Ensure that all components are tested thoroughly and remember to secure your default passwords in production environments.