Added Files

2021-12-17 23:08:42 +00:00
parent 2868cb98cf
commit 45355e2812
16 changed files with 1002 additions and 0 deletions
@@ -0,0 +1 @@
+phil:$apr1$ADkrvwkC$.KYuZDiwSl.YyCAinb2ft0
@@ -0,0 +1,31 @@
+# CloudFlare IP Ranges
+# Generated at Sat 07 Aug 2021 04:10:01 PM BST by /opt/vaultwarden/cloudflare-update-ip-ranges.sh
+
+# - IPv4 (https://www.cloudflare.com/ips-v4)
+set_real_ip_from 173.245.48.0/20;
+set_real_ip_from 103.21.244.0/22;
+set_real_ip_from 103.22.200.0/22;
+set_real_ip_from 103.31.4.0/22;
+set_real_ip_from 141.101.64.0/18;
+set_real_ip_from 108.162.192.0/18;
+set_real_ip_from 190.93.240.0/20;
+set_real_ip_from 188.114.96.0/20;
+set_real_ip_from 197.234.240.0/22;
+set_real_ip_from 198.41.128.0/17;
+set_real_ip_from 162.158.0.0/15;
+set_real_ip_from 172.64.0.0/13;
+set_real_ip_from 131.0.72.0/22;
+set_real_ip_from 104.16.0.0/13;
+set_real_ip_from 104.24.0.0/14;
+
+# - IPv6 (https://www.cloudflare.com/ips-v6)
+set_real_ip_from 2400:cb00::/32;
+set_real_ip_from 2606:4700::/32;
+set_real_ip_from 2803:f800::/32;
+set_real_ip_from 2405:b500::/32;
+set_real_ip_from 2405:8100::/32;
+set_real_ip_from 2a06:98c0::/29;
+set_real_ip_from 2c0f:f248::/32;
+
+real_ip_header CF-Connecting-IP;
+
@@ -0,0 +1,69 @@
+events {}
+
+http{
+
+
+  server {
+    listen 80 default_server;
+    server_name "";
+    return 444;
+  }
+
+
+  server {
+    listen 80;
+    server_name "Domain Name";
+    
+
+    location / {
+      return 301 https://$host$request_uri;
+    }
+    location /.well-known/acme-challenge/ {
+      root /var/www/certbot;
+    }
+  }
+
+
+  server {
+    listen 443 default_server;
+    server_name "";
+    return 444;
+    ssl_certificate /etc/dummyssl/dummycert.pem;
+    ssl_certificate_key /etc/dummyssl/dummykey.pem;
+}
+
+  server {
+    listen 443 ssl;
+    server_name "Domain Name";
+
+    ssl_certificate /etc/letsencrypt/live/"Domain Name"/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/"Domain Name"/privkey.pem;
+
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+    include /etc/nginx/cloudflare;
+
+    location /.well-known/acme-challenge/ {
+      root /var/www/certbot;
+    }
+
+    location / {
+        proxy_pass http://vaultwarden;
+        proxy_set_header        Host $host;
+        proxy_set_header        X-Real-IP $remote_addr;
+        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header        X-Forwarded-Proto $scheme;
+        client_max_body_size 101M;
+    }
+        location /admin {
+        proxy_pass http://vaultwarden/admin;
+#       proxy_pass http://localhost/admin;
+        proxy_set_header        Host $host;
+        proxy_set_header        X-Real-IP $remote_addr;
+        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header        X-Forwarded-Proto $scheme;
+        auth_basic           "Administrator Area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+   }
+ }
+}