progressivwerk
/
ansible-role-bitwarden-rs
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: Implement progressivwerk domain schema

pull/7/head
Georg Krause 2023-11-17 09:07:37 +01:00
parent bd9e1ae57f
commit 6f76b8c943
2 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
defaults/main.yml
View File

@ -1,8 +1,7 @@
---
bitwarden_prefix: pass
bitwarden_domain: pass.example.com
bitwarden_image: vaultwarden/server
bitwarden_version: 1.24.0-alpine
bitwarden_port_web: 80
bitwarden_port_ws: 3021
domain: example.com

12
templates/reverse_proxy.conf.j2
View File

@ -6,7 +6,7 @@ server {
listen [::]:443 ssl http2;
listen 3012 ssl http2;
listen [::]:3012 ssl http2;
server_name {{ bitwarden_prefix }}.{{ domain }};
server_name {{ bitwarden_domain }};
##
# SSL Settings
@ -17,8 +17,8 @@ server {
ssl_prefer_server_ciphers on;
ssl_dhparam {{ ssl_dir }}/dhparams.pem;
ssl_ecdh_curve secp384r1;
ssl_certificate {{ certs_dir }}/{{ domain }}/cert.pem;
ssl_certificate_key {{ certs_dir }}/{{ domain }}/key.pem;
ssl_certificate {{ certs_dir }}/{{ bitwarden_domain | get_cert_domain }}/cert.pem;
ssl_certificate_key {{ certs_dir }}/{{ bitwarden_domain | get_cert_domain }}/key.pem;
##
# OCSP Stapling
@ -26,7 +26,7 @@ server {
ssl_stapling on;
ssl_stapling_verify on;
resolver {{ dns_resolvers }} valid=300s;
ssl_trusted_certificate {{ certs_dir }}/{{ domain }}/cert.pem;
ssl_trusted_certificate {{ certs_dir }}/{{ bitwarden_domain | get_cert_domain }}/cert.pem;
location / {
proxy_set_header Host $http_host;
@ -71,13 +71,13 @@ server {
server {
if ($host = {{ bitwarden_prefix }}.{{ domain }}) {
if ($host = {{ bitwarden_domain }}) {
return 301 https://$host$request_uri;
}
listen 80;
listen [::]:80;
server_name {{ bitwarden_prefix }}.{{ domain }};
server_name {{ bitwarden_domain }};
location / {
return 301 https://$host$request_uri;