From e6edb7b8d865ded9a7ef3b80ab4b446a41af8f40 Mon Sep 17 00:00:00 2001 From: stuebinm Date: Mon, 22 Mar 2021 23:46:24 +0100 Subject: [PATCH] wink: add cookie domain in oauth2-proxy In theory, this should work without that option (by getting the correct domain from the nginx reverse proxy via IP header), but apparently it doesn't. Also, I moved wink to wink2.hacc.space --- services/wink.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/services/wink.nix b/services/wink.nix index b211f3e..9d7e3b1 100644 --- a/services/wink.nix +++ b/services/wink.nix @@ -44,6 +44,7 @@ httpAddress = "http//0.0.0.0:8000"; email.domains = [ "*" ]; + cookie.domain = "wink2.hacc.space"; # for the keycloak side of the configuration, see the documentation at # https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider#keycloak-auth-provider @@ -76,7 +77,7 @@ }; - services.nginx.virtualHosts."matrix.hacc.space" = { + services.nginx.virtualHosts."wink2.hacc.space" = { locations."/".proxyPass = "http://${config.containers.wink.localAddress}:8000"; forceSSL = true; enableACME = true;