feat: Implement progressivwerk domain schema
parent
bd9e1ae57f
commit
6f76b8c943
|
@ -1,8 +1,7 @@
|
|||
---
|
||||
|
||||
bitwarden_prefix: pass
|
||||
bitwarden_domain: pass.example.com
|
||||
bitwarden_image: vaultwarden/server
|
||||
bitwarden_version: 1.24.0-alpine
|
||||
bitwarden_port_web: 80
|
||||
bitwarden_port_ws: 3021
|
||||
domain: example.com
|
||||
|
|
|
@ -6,7 +6,7 @@ server {
|
|||
listen [::]:443 ssl http2;
|
||||
listen 3012 ssl http2;
|
||||
listen [::]:3012 ssl http2;
|
||||
server_name {{ bitwarden_prefix }}.{{ domain }};
|
||||
server_name {{ bitwarden_domain }};
|
||||
|
||||
##
|
||||
# SSL Settings
|
||||
|
@ -17,8 +17,8 @@ server {
|
|||
ssl_prefer_server_ciphers on;
|
||||
ssl_dhparam {{ ssl_dir }}/dhparams.pem;
|
||||
ssl_ecdh_curve secp384r1;
|
||||
ssl_certificate {{ certs_dir }}/{{ domain }}/cert.pem;
|
||||
ssl_certificate_key {{ certs_dir }}/{{ domain }}/key.pem;
|
||||
ssl_certificate {{ certs_dir }}/{{ bitwarden_domain | get_cert_domain }}/cert.pem;
|
||||
ssl_certificate_key {{ certs_dir }}/{{ bitwarden_domain | get_cert_domain }}/key.pem;
|
||||
|
||||
##
|
||||
# OCSP Stapling
|
||||
|
@ -26,7 +26,7 @@ server {
|
|||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
resolver {{ dns_resolvers }} valid=300s;
|
||||
ssl_trusted_certificate {{ certs_dir }}/{{ domain }}/cert.pem;
|
||||
ssl_trusted_certificate {{ certs_dir }}/{{ bitwarden_domain | get_cert_domain }}/cert.pem;
|
||||
|
||||
location / {
|
||||
proxy_set_header Host $http_host;
|
||||
|
@ -71,13 +71,13 @@ server {
|
|||
|
||||
|
||||
server {
|
||||
if ($host = {{ bitwarden_prefix }}.{{ domain }}) {
|
||||
if ($host = {{ bitwarden_domain }}) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name {{ bitwarden_prefix }}.{{ domain }};
|
||||
server_name {{ bitwarden_domain }};
|
||||
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
|
|
Loading…
Reference in New Issue