From 39da96f325d1269e5817fde433e4e176386e1794 Mon Sep 17 00:00:00 2001
From: Tom Hubrecht <tom.hubrecht@dgnum.eu>
Date: Thu, 22 Feb 2024 12:47:18 +0100
Subject: [PATCH] feat(kanidm): Upgrade to rc.16 and fix an issue with
 CORS..........

---
 machines/compute01/kanidm/default.nix | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/machines/compute01/kanidm/default.nix b/machines/compute01/kanidm/default.nix
index 2fb70cd..d66c06f 100644
--- a/machines/compute01/kanidm/default.nix
+++ b/machines/compute01/kanidm/default.nix
@@ -1,4 +1,4 @@
-{ config, ... }:
+{ config, sources, ... }:
 
 let
   domain = "sso.dgnum.eu";
@@ -18,6 +18,8 @@ in
   services.kanidm = {
     enableServer = true;
 
+    package = (import sources.nixos-unstable { }).kanidm;
+
     serverSettings = {
       inherit domain;
 
@@ -55,6 +57,8 @@ in
               set $origin 'https://${domain}';
           }
 
+          proxy_hide_header Access-Control-Allow-Origin;
+
           if ($request_method = 'OPTIONS') {
               add_header 'Access-Control-Allow-Origin' "$origin" always;
               add_header 'Access-Control-Allow-Methods' 'GET, POST, PATCH, PUT, DELETE, OPTIONS' always;