Network

Lidarr should be run via a Reverse Proxy, allowing you to isolate and wrap connections in SSL. See NGINX for more details. See Setup Base Proxy Control for basic proxy configuration.

See Lidarr reverse proxy reference.

Ports

---
###############################################################################
# Ports Configuration
###############################################################################
# Ports should be managed externally via an OS role.
#
# Reference:
# * https://docs.ansible.com/ansible/latest/collections/community/general/ufw_module.html

ports:
  - {proto: 'tcp', from_ip: 'any',       to_port: 8686, direction: 'in', comment: 'lidarr http'}
  - {proto: 'tcp', from_ip: '127.0.0.1', to_port: 8686, direction: 'in', comment: 'lidarr http api'}
  - {proto: 'tcp', from_ip: 'any',       to_port: 6868, direction: 'in', comment: 'lidarr https'}
  - {proto: 'tcp', from_ip: '127.0.0.1', to_port: 6868, direction: 'in', comment: 'lidarr https api'}

Using Subdomains

0644 root root nginx/conf.d/reverse-proxy.conf
server {
  listen       443 ssl http2;
  server_name  lidarr.{DOMAIN} lidarr;

  location / {
    proxy_pass http://lidarr:8686;
    include    /etc/nginx/conf.d/proxy-control.conf;
  }
}

Using Subpaths

0644 root root nginx/conf.d/reverse-proxy.conf
server {
  location /lidarr {
    proxy_pass http://lidarr:8686/lidarr;
    include    /etc/nginx/conf.d/proxy-control.conf;
  }
}

Note

Set lidarr_url_base to /lidarr before enabling the reverse-proxy.

ansible_lidarr_vars.yaml
radarr_url_base: '/lidarr'