From b5574fa5fcc8c343381363e0101cb124152a734f Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Sun, 23 Apr 2023 15:55:42 -0500
Subject: [PATCH] authelia: Skip scanserv-js auth for internal

For convenience, clients on the internal network do not need to
authenticate in order to access *scanserv-js*.  There isn't anything
particularly sensitive about this application, anyway.
---
 authelia/configuration.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/authelia/configuration.yml b/authelia/configuration.yml
index b5662b5..35c3397 100644
--- a/authelia/configuration.yml
+++ b/authelia/configuration.yml
@@ -1,8 +1,17 @@
 access_control:
   default_policy: one_factor
+  networks:
+  - name: internal
+    networks:
+    - 172.30.0.0/26
+    - 172.31.1.0/24
   rules:
   - domain: paperless.pyrocufflink.blue
     policy: two_factor
+  - domain: scan.pyrocufflink.blue
+    networks:
+    - internal
+    policy: bypass
 
 authentication_backend:
   ldap: