From b83618667551f8949d8a4b4b2d0cf0ce7d7ca30e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= <jakub@status.im>
Date: Fri, 25 Oct 2024 15:38:44 +0200
Subject: [PATCH] config: enable strict cookie secret checking
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jakub Sokołowski <jakub@status.im>
---
 templates/grafana.ini.j2 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/templates/grafana.ini.j2 b/templates/grafana.ini.j2
index 3c35b33..fa2c938 100644
--- a/templates/grafana.ini.j2
+++ b/templates/grafana.ini.j2
@@ -5,6 +5,8 @@ root_url = https://{{ grafana_domain | mandatory }}/
 
 [security]
 disable_gravatar = true
+cookie_secure = true
+cookie_samesite = strict
 allow_sign_up = false
 admin_user = {{ grafana_username | mandatory }}
 # This works only when container is created the first time