diff --git a/hosts/h001/mods/oauth2-proxy.nix b/hosts/h001/mods/oauth2-proxy.nix
index a5829a9..b285900 100644
--- a/hosts/h001/mods/oauth2-proxy.nix
+++ b/hosts/h001/mods/oauth2-proxy.nix
@@ -8,14 +8,14 @@
     reverseProxy = true;
     redirectURL = "https://sso-proxy.joshuabell.xyz/oauth2/callback";
     validateURL = "https://sso.joshuabell.xyz/oauth2/";
-    oidcIssuerUrl = "https://sso.joshuabell.xyz:443";
-    keyFile = config.age.secrets.oauth2_key_file.path;
+    oidcIssuerUrl = "https://sso.joshuabell.xyz";
+    keyFile = config.age.secrets.oauth2_proxy_key_file.path;
     nginx.domain = "sso-proxy.joshuabell.xyz";
     email.domains = [ "*" ];
-    # extraConfig = {
-    #   whitelist-domain = ".joshuabell.xyz";
-    #   cookie-domain = ".joshuabell.xyz";
-    # };
+    extraConfig = {
+      whitelist-domain = ".joshuabell.xyz";
+      cookie-domain = ".joshuabell.xyz";
+    };
   };
 
   services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = {