Guide to Setting Up Sonarr SSO with Authentik and Nginx Proxy Manager

Guide to Setting Up Sonarr SSO with Authentik and Nginx Proxy Manager

This guide outlines the steps to set up Sonarr Single Sign-On (SSO) using Authentik and Nginx Proxy Manager. The process involves installing necessary software, configuring proxy settings, and enabling authentication.

Prerequisites

  • A server with Docker installed.
  • Proxmox or similar container management system.
  • Basic knowledge of Docker and web server configurations.

Step 1: Install Nginx Proxy Manager

  1. Create a Docker Compose File:

    • Navigate to the official Nginx Proxy Manager documentation to grab the Docker Compose file.
    • Create a new file on your server for the Docker Compose setup.
  2. Access the Web Interface:

    • Open your web browser and go to http://<your-server-ip>:81.
    • Use the default credentials for testing (change them later for security).

Step 2: Install Sonarr

  1. Install Sonarr via Docker:

    • Use the Docker image from LinuxServer.io for Sonarr.
    • Deploy it using Docker Compose or pull the image directly.
  2. Access Sonarr:

    • Once installed, access Sonarr at http://<your-server-ip>:8989.

Step 3: Install Authentik

  1. Set Up Authentik:

    • Follow the documentation available on the Authentik website.
    • The Authentik web interface will be accessible at http://<your-server-ip>:9000.
  2. Handle Outpost Warnings:

    • If you encounter warnings regarding outposts, run the following commands:
      docker-compose down
      docker-compose up
      

Step 4: Configure Nginx Proxy Manager

  1. Add a Proxy Host for Authentik:

    • In Nginx Proxy Manager, create a new proxy host.
    • Set the IP to your server’s IP and port to 9000.
    • If using SSL, change the scheme to https and port to 9443.
  2. Add a Proxy Host for Sonarr:

    • Create another proxy host in Nginx Proxy Manager.
    • Set the IP to your server’s IP and port to 8989.

Step 5: Configure Authentik for Sonarr

  1. Create an Application in Authentik:

    • Go to the Applications section in Authentik.
    • Create a new application named “Sonarr” with the same slug.
  2. Set Up a Proxy Provider:

    • Select “Proxy Provider” as the type.
    • Name it “Sonarr Proxy” and choose “Implicit Provider” for seamless login.
    • Input your external host as sonar.home.local and internal host as your server’s address.
  3. Update Outposts:

    • Edit the default outpost in Authentik.
    • Select your newly created Sonarr application and update the authentic host URL accordingly.

Step 6: Enable HTTP Basic Authentication

  1. Create User Groups:

    • In Authentik, create a user group and set username/password attributes.
    • Assign users to this group for authentication purposes.
  2. Update Provider Settings:

    • Go back to your Sonarr provider settings in Authentik.
    • Enable HTTP Basic Authentication by selecting it from the options and filling in required fields.
  3. Test Authentication:

    • Open an incognito window and navigate to http://<your-server-ip>:8989.
    • Verify that authentication is working as expected.

Conclusion

After completing these steps, you should have a fully functional setup of Sonarr with SSO using Authentik and Nginx Proxy Manager. Ensure that all components are tested thoroughly and remember to secure your default passwords in production environments.