Hello
I installed bitwarden via their install script a while back and all was working well.
recently I wanted to start running a reverse proxy because security and also its cooler to type in a domain name instead of numbers. I disabled the ngnix instance that bitwarden had installed because it was hogging the same ports a Ngnix Proxy Manager.
Now how should I get Bitwarden accessable? I have the .conf file from the bitwarden Ngnix instance, can I just load that into NMP somewhere?
or should I just change the ports the old ngnix operates on and point NPM at it when the bitwarden subdomain is accessed?
if it was just one service it would be simple but there are many running in the bitwarden stack, all on the same port and I’m very new to ngnix so I can’t fully grasp what the .conf file is doing and I’m unable to add new passwords to bitwarden until I get this sorted out.
Thanks
CumBroth@discuss.tchncs.de 1 year ago
SWAG is great for overwhelmed Nginx beginners. It comes preconfigured with reasonable defaults and also provides configs for a bunch of popular services: github.com/linuxserver/reverse-proxy-confs. Both Bitwarden and Vaultwarden are on there. Note that this setup assumes that you will run your service (Bitwarden/Vaultwarden) in a Docker container. You can make SWAG work with something that’s running directly on the host, but I’d recommend not starting with that until you’ve fooled around with this container setup a bit and gained a better understanding of how Nginx and reverse proxies work.
spez_@lemmy.world 1 year ago
SWAG works perfectly, so much easier. It also handles the Let’s Encrypt certificates automatically - no more having expired domains.
If a service config isn’t available, you can confidently copy another and make a few modifications and have it up and running in no time
Contend6248@feddit.de 1 year ago
Nginx Proxy Manager does also manage certificates, it makes it even easier to create separate certificates for different subdomains, which is nice for my sanity.
I don’t like that anybody checking out one certificate of any service and get all the subdomains I’m running too. Wildcard certificates are bad practice.