add a bunch of hostclasses

1 files changed, 36 insertions, 0 deletions

diff --git a/files/usr/local/etc/nginx/vhosts.conf.bitwarden_server b/files/usr/local/etc/nginx/vhosts.conf.bitwarden_server
new file mode 100644
index 0000000..0ef31bb
--- /dev/null
+++ b/files/usr/local/etc/nginx/vhosts.conf.bitwarden_server
@@ -0,0 +1,36 @@
+upstream vaultwarden {
+  zone vaultwarden 64k;
+  server 127.0.0.1:${vaultwarden_port};
+  keepalive 2;
+}
+
+map \$http_upgrade \$connection_upgrade {
+  default upgrade;
+  ''      "";
+}
+
+server {
+  listen 443      ssl default_server;
+  listen [::]:443 ssl default_server;
+  http2 on;
+
+  client_max_body_size 256M;
+
+  ssl_certificate      ${vaultwarden_https_cert};
+  ssl_certificate_key  ${vaultwarden_https_key};
+
+  add_header Strict-Transport-Security "max-age=63072000" always;
+
+  location / {
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade \$http_upgrade;
+    proxy_set_header Connection \$connection_upgrade;
+
+    proxy_set_header Host \$host;
+    proxy_set_header X-Real-IP \$remote_addr;
+    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto \$scheme;
+
+    proxy_pass http://vaultwarden/;
+  }
+}