From 16dd9d88aa9c59bc2c5bf6942888403842669087 Mon Sep 17 00:00:00 2001
From: Mayne0213 <bluemayne0213@icloud.com>
Date: Fri, 9 Jan 2026 15:50:18 +0900
Subject: [PATCH] FEAT(authelia): bypass auth for cluster internal traffic

- Add internal network definition (10.42.0.0/16, 10.43.0.0/16)
- Allow blackbox-exporter probes without authentication
- Apply bypass policy for *.kro.kr from internal networks
---
 authelia/helm-values.yaml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/authelia/helm-values.yaml b/authelia/helm-values.yaml
index c9fd312..a9ca80f 100644
--- a/authelia/helm-values.yaml
+++ b/authelia/helm-values.yaml
@@ -92,6 +92,16 @@ configMap:
   # Access control rules
   access_control:
     default_policy: one_factor
+    networks:
+      - name: internal
+        networks:
+          - 10.42.0.0/16
+          - 10.43.0.0/16
+    rules:
+      - domain: '*.kro.kr'
+        networks:
+          - internal
+        policy: bypass
 
   # Notifier - filesystem (no email)
   notifier: