Added proxy example for Lighttpd with sub-path for v1.29.0+

2024-09-27 12:58:58 +02:00 · 2023-11-11 13:54:44 +01:00 · 2023-11-11 13:54:44 +01:00 · 67f85acaa1
commit 67f85acaa1
parent e3f08747a0
1 changed files with 43 additions and 0 deletions
--- a/Proxy-examples.md
+++ b/Proxy-examples.md
@ -116,6 +116,49 @@ You'll have to set `IP_HEADER` to `X-Forwarded-For` instead of `X-Real-IP` in th

 </details>

+<details>
+<summary>lighttpd with sub-path - v1.29.0+ (by FlakyPi)</summary><br/>
+
+In this example Vaultwarden will be available via https://vaultwarden.example.tld/vault/<br/>
+If you want to use any other sub-path, like `bitwarden` or `secret-vault` you should change `vault` in the example below to match.<br/>
+
+```lighttpd
+server.modules += (
+"mod_openssl"
+)
+
+$SERVER["socket"] == ":443" {  
+    ssl.engine   = "enable"   
+    ssl.pemfile  = "/etc/letsencrypt/live/vaultwarden.example.tld/fullchain.pem"
+    ssl.privkey  = "/etc/letsencrypt/live/vaultwarden.example.tld/privkey.pem"
+}
+
+# Redirect HTTP requests (port 80) to HTTPS (port 443)
+$SERVER["socket"] == ":80" {  
+        $HTTP["host"] =~ "vaultwarden.example.tld" {  
+         url.redirect = ( "^/(.*)" => "https://vaultwarden.example.tld/$1" )  
+          server.name                 = "vaultwarden.example.tld"   
+        }  
+}
+
+server.modules += ( "mod_proxy" )
+
+$HTTP["host"] == "vaultwarden.example.tld" {
+    $HTTP["url"] =~ "/vault" {
+       proxy.server  = ( "" => ("vaultwarden" => ( "host" => "<SERVER>", "port" => 8080 )))
+       proxy.forwarded = ( "for" => 1 )
+       proxy.header = (
+           "https-remap" => "enable",
+           "upgrade" => "enable",
+           "connect" => "enable"
+       )
+    }
+}
+```
+You'll have to set `IP_HEADER` to `X-Forwarded-For` instead of `X-Real-IP` in the Vaultwarden environment.
+
+</details>
+
 <details>
 <summary>Nginx - v1.29.0+ (by <a href="https://github.com/BlackDex" target="_blank">@BlackDex</a>)</summary><br/>