rhino/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-03-25 03:09:20 -07:00
Code Issues Packages Projects Releases Wiki Activity

Add Caddy v2 example

Jacobite89
2020-01-17 13:01:44 +01:00
parent 1f2643d881
commit 97e7a0fa07
1 changed files with 37 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
Proxy-examples.md

@@ -4,29 +4,47 @@ The ports proxied by default are `80` for the web server and `3012` for the WebS
When using a proxy, it's preferrable to configure HTTPS at the proxy level and not at the application level, this way the WebSockets connection is also secured. When using a proxy, it's preferrable to configure HTTPS at the proxy level and not at the application level, this way the WebSockets connection is also secured.
## Caddy ## Caddy
Caddy can also automatically enable HTTPS in some circumstances, check the [docs](https://caddyserver.com/v1/docs/automatic-https).
```nginx ```nginx
localhost:443 { :443 {
# The negotiation endpoint is also proxied to Rocket tls ${SSLCERTIFICATE} ${SSLKEY}
proxy /notifications/hub/negotiate <SERVER>:80 { # or 'tls self_signed' to generate a self-signed certificate
transparent gzip
}
# Notifications redirected to the websockets server
proxy /notifications/hub <SERVER>:3012 {
websocket
}
# Proxy the Root directory to Rocket
proxy / <SERVER>:80 {
transparent
}
tls ${SSLCERTIFICATE} ${SSLKEY} # The negotiation endpoint is also proxied to Rocket
# or 'tls self_signed' to generate a self-signed certificate proxy /notifications/hub/negotiate <SERVER>:80 {
transparent
}
# Notifications redirected to the websockets server
proxy /notifications/hub <SERVER>:3012 {
websocket
}
# Proxy the Root directory to Rocket
proxy / <SERVER>:80 {
transparent
}
}
```
## Caddy v2
Caddy v2 can also automatically enable HTTPS in some circumstances, check the [docs](https://caddyserver.com/docs/automatic-https).
```nginx
:443 {
tls ${SSLCERTIFICATE} ${SSLKEY}
encode gzip
# The negotiation endpoint is also proxied to Rocket
reverse_proxy /notifications/hub/negotiate <SERVER>:80
# Notifications redirected to the websockets server
reverse_proxy /notifications/hub <SERVER>:3012
# Proxy the Root directory to Rocket
reverse_proxy / <SERVER>:80
} }
``` ```
Caddy can also automatically enable HTTPS in some circumstances, check the [docs](https://caddyserver.com/docs/automatic-https).
## Nginx (by shauder) ## Nginx (by shauder)
```nginx ```nginx