From 9d3381cafba64d1e102211997111cd517481e716 Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Fri, 5 Aug 2022 16:34:22 +0200
Subject: [PATCH] oauth2_proxy: add a cookie specific to *.rz.ens.wtf

---
 machines/core-services-01/monitoring.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/machines/core-services-01/monitoring.nix b/machines/core-services-01/monitoring.nix
index 47b7953..b0872cd 100644
--- a/machines/core-services-01/monitoring.nix
+++ b/machines/core-services-01/monitoring.nix
@@ -117,6 +117,10 @@ in
     keyFile = config.age.secrets.oauth2ProxyKeyFile.path;
     provider = "keycloak";
     email.domains = [ "*" ];
+    cookie = {
+      name = "_oauth2_proxy_ensrz";
+      domain = ".rz.ens.wtf";
+    };
     setXauthrequest = true;
     scope = "profile";
     loginURL = "https://auth.${my.subZone}/auth/realms/${realm}/protocol/openid-connect/auth";