Add vaultwarden

2025-02-11 15:27:53 +09:00 · 2025-02-11 15:27:53 +09:00 · 506a0cabd2
commit 506a0cabd2
parent 4f8670bf3e
2 changed files with 12 additions and 0 deletions
--- a/03frontends.cfg
+++ b/03frontends.cfg
@ -309,6 +309,7 @@ frontend frontend_default
  acl laminar hdr(host) -i laminar.benoit.jp.net
  acl linkding hdr(host) -i linkding.benoit.jp.net
  acl mastodon hdr(host) -i mastodon.benoit.jp.net
+  acl vaultwarden hdr(host) -i vaultwarden.benoit.jp.net

  http-request deny if adguard !JP !SG !letsencrypt

@ -319,5 +320,6 @@ frontend frontend_default
  use_backend letsencrypt if letsencrypt
  use_backend linkding if linkding
  use_backend mastodon if mastodon
+  use_backend vaultwarden if vaultwarden

  default_backend default
--- a/05backends.cfg
+++ b/05backends.cfg
@ -64,3 +64,13 @@ backend adguard
  http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
  http-response set-header Cross-Origin-Resource-Policy "same-origin"
  server adguard adguard.incus:3000 check
+
+backend vaultwarden
+  # set HSTS for one year after all responses
+  http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+  # add some Security headers
+  http-response set-header X-Frame-Options "SAMEORIGIN"
+  http-response set-header X-Content-Type-Options "nosniff"
+  http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
+  http-response set-header Cross-Origin-Resource-Policy "same-origin"
+  server vaultwarden vaultwarden.incus:80 check