idk

2025-10-05 17:01:50 -05:00 · 2025-10-05 17:01:50 -05:00 · aa0d2d3bc3
commit aa0d2d3bc3
parent 751e584775
1 changed files with 5 additions and 7 deletions
--- a/hosts/h001/mods/oauth2-proxy.nix
+++ b/hosts/h001/mods/oauth2-proxy.nix
@ -1,9 +1,9 @@
-{ config, ... }:
+{ upkgs, config, ... }:
 {
  services.oauth2-proxy = {
    enable = true;
    httpAddress = "http://127.0.0.1:4180";
-    # package = pkgsUnstable.oauth2-proxy;
+    package = upkgs.oauth2-proxy;
    provider = "oidc";
    reverseProxy = true;
    redirectURL = "https://sso-proxy.joshuabell.xyz/oauth2/callback";
@ -13,9 +13,11 @@
    nginx.domain = "sso-proxy.joshuabell.xyz";
    email.domains = [ "*" ];
    extraConfig = {
-      whitelist-domain = ".joshuabell.xyz";
+      whitelist-domain = "*.joshuabell.xyz";
      cookie-domain = ".joshuabell.xyz";
    };
+    cookie.refresh = "30m";
+    setXauthrequest = true;
  };

  services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = {
@ -24,11 +26,7 @@
        proxyWebsockets = true;
        recommendedProxySettings = true;
        proxyPass = "http://127.0.0.1:4180";
-        extraConfig = ''
-          proxy_set_header X-Forwarded-Proto https;
-        '';
      };
    };
  };
-
 }