Secure cookies

The cookies are not secure by default with heimdall, we can force it through nginx.

Author: d4rklynk

heimdall.subdomain.conf.sample

@@ -35,6 +35,8 @@ server {
         # enable for Authentik (requires authentik-server.conf in the server block)
         #include /config/nginx/authentik-location.conf;
 
+        proxy_cookie_path / "/; Secure; SameSite=strict; HttpOnly";
+        
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app heimdall;