From 032693ef394c4975343a6c0a0c038c382267a7fc Mon Sep 17 00:00:00 2001
From: ediblerope <fredrik@nordhammer.it>
Date: Sat, 18 Apr 2026 23:23:48 +0100
Subject: [PATCH] Authorize 7dtd.nordhammer.it in Authelia ACL

Without this rule the subdomain falls under default_policy=deny,
which returns 403 instead of the 401 that nginx needs to redirect
to the Authelia login page.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---
 services/authelia.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/authelia.nix b/services/authelia.nix
index 0185f96..12bf76e 100644
--- a/services/authelia.nix
+++ b/services/authelia.nix
@@ -71,7 +71,8 @@ in
           default_policy = "deny";
           rules = [
             { domain = "camera.nordhammer.it";   policy = "one_factor"; }
-            { domain = "homepage.nordhammer.it";  policy = "one_factor"; }
+            { domain = "homepage.nordhammer.it"; policy = "one_factor"; }
+            { domain = "7dtd.nordhammer.it";     policy = "one_factor"; }
           ];
         };