From 1ddf9c4ba8833a6dd3f35d6a1cb73591fb73e389 Mon Sep 17 00:00:00 2001
From: stuebinm <stuebinm@disroot.org>
Date: Mon, 22 Mar 2021 23:46:24 +0100
Subject: [PATCH] wink: add cookie domain in oauth2-proxy

In theory, this should work without that option (by getting the correct domain
from the nginx reverse proxy via IP header), but apparently it doesn't.

Also, I moved wink to wink2.hacc.space
---
 hosts/hainich/services/wink.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hosts/hainich/services/wink.nix b/hosts/hainich/services/wink.nix
index b211f3e..9d7e3b1 100644
--- a/hosts/hainich/services/wink.nix
+++ b/hosts/hainich/services/wink.nix
@@ -44,6 +44,7 @@
           httpAddress = "http//0.0.0.0:8000";
 
           email.domains = [ "*" ];
+          cookie.domain = "wink2.hacc.space";
 
           # for the keycloak side of the configuration, see the documentation at
           # https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider#keycloak-auth-provider
@@ -76,7 +77,7 @@
   };
 
 
-  services.nginx.virtualHosts."matrix.hacc.space" = {
+  services.nginx.virtualHosts."wink2.hacc.space" = {
     locations."/".proxyPass = "http://${config.containers.wink.localAddress}:8000";
     forceSSL = true;
     enableACME = true;