websites/p-bitwarden: Redirect .blue to .net

Avoid confusion with WebAuthn by ensuring users only access the
application by its canonical name.

roles/websites/proxy-bitwarden/templates/bitwarden.httpd.conf.j2

@@ -1,6 +1,15 @@
 <VirtualHost *:443>
 ServerName bitwarden.pyrocufflink.blue
-ServerAlias bitwarden.pyrocufflink.net
+
+Include conf.d/ssl.include
+SSLCertificateFile /etc/pki/tls/certs/pyrocufflink.net.cer
+SSLCertificateKeyFile /etc/pki/tls/private/pyrocufflink.net.key
+
+Redirect permanent / https://bitwarden.pyrocufflink.net/
+</VirtualHost>
+
+<VirtualHost *:443>
+ServerName bitwarden.pyrocufflink.net
 
 Include conf.d/ssl.include
 SSLCertificateFile /etc/pki/tls/certs/pyrocufflink.net.cer