▲ 1 r/LegionGo
Hey team, just curious on what people think are the best thumbstick grips for the Legion go 2 controller? :)
u/Blakezilla100 — 16 days ago
u/Blakezilla100
▲ 7 r/Softwarr
I've set up the following on Unraid:
- Nginx Proxy Manager as reverse proxy
- Cloudflare Tunnel for remote access
- Authentik 2024.12.3 as SSO via forward auth (domain level proxy provider)
- All services accessible via subdomains
Authentik forward auth is working — visiting any subdomain redirects to Authentik login first. However newer versions of Radarr/Sonarr/etc. no longer have an "External" authentication option, only "None" (which blocks remote access) or "Forms" (which requires its own login).
My goal: Single login via Authentik, no individual app passwords.
Questions:
- Is there a way to make newer *arr apps trust Authentik's forward auth headers so they don't ask for their own login?
- Should I be using a different Authentik provider type (OAuth2 instead of Proxy)?
- Is there a better approach entirely for SSO on a home *arr stack behind NPM?
Stack: Unraid, NPM, Cloudflare Tunnel, Authentik 2024.12.3, Radarr v5, Sonarr v4, Lidarr, Prowlarr, SABnzbd, qBittorrent, Plex, Immich, Homepage
EDIT: Solved - set the config to external then restarted the docker image.
u/Blakezilla100 — 17 days ago