roles/dch-proxy: Add haproxy config for Bitwarden
This commit adds an HAProxy backend for Bitwarden, and adds ACL rules to the frontend to proxy traffic to *bitwarden.pyrocufflink.blue* or *bitwarden.pyrocufflink.net* to it.
This commit is contained in:
@@ -19,6 +19,13 @@
|
||||
mode=0644
|
||||
notify: reload haproxy
|
||||
|
||||
- name: ensure bitwarden haproxy backend is configured
|
||||
template:
|
||||
src=backend-bitwarden.haproxy.cfg.j2
|
||||
dest=/etc/haproxy/70-backend-bitwarden.cfg
|
||||
mode=0644
|
||||
notify: reload haproxy
|
||||
|
||||
- name: ensure openvpn haproxy backend is configured
|
||||
template:
|
||||
src=backend-openvpn.haproxy.cfg.j2
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
backend bitwarden
|
||||
server bitwarden bitwarden.pyrocufflink.blue:80 check
|
||||
|
||||
|
||||
backend bitwarden-tls
|
||||
mode tcp
|
||||
server bitwarden bitwarden.pyrocufflink.blue:443 check
|
||||
@@ -5,6 +5,8 @@ frontend main
|
||||
use_backend gitea if { hdr(host) -i git.pyrocufflink.net }
|
||||
use_backend jenkins if { hdr(host) -i jenkins.pyrocufflink.blue }
|
||||
use_backend jenkins if { hdr(host) -i jenkins.pyrocufflink.net }
|
||||
use_backend bitwarden if { hdr(host) -i bitwarden.pyrocufflink.blue }
|
||||
use_backend bitwarden if { hdr(host) -i bitwarden.pyrocufflink.net }
|
||||
default_backend web
|
||||
|
||||
|
||||
@@ -20,6 +22,8 @@ frontend main-tls
|
||||
use_backend gitea-tls if { req_ssl_sni -i git.pyrocufflink.net }
|
||||
use_backend jenkins-tls if { req_ssl_sni -i jenkins.pyrocufflink.blue }
|
||||
use_backend jenkins-tls if { req_ssl_sni -i jenkins.pyrocufflink.net }
|
||||
use_backend bitwarden-tls if { req_ssl_sni -i bitwarden.pyrocufflink.blue }
|
||||
use_backend bitwarden-tls if { req_ssl_sni -i bitwarden.pyrocufflink.net }
|
||||
use_backend web-tls if { req_ssl_sni -i darkchestofwonders.us }
|
||||
use_backend web-tls if { req_ssl_sni -i pyrocufflink.net }
|
||||
default_backend openvpn
|
||||
|
||||
Reference in New Issue
Block a user