First version

1 files changed, 49 insertions, 0 deletions

diff --git a/nginx-default.conf b/nginx-default.conf
new file mode 100644
index 000000000000..6bef369c99b6
--- /dev/null
+++ b/nginx-default.conf
@@ -0,0 +1,49 @@
+server {
+  listen 8080 default_server;
+  listen [::]:8080 default_server;
+  server_name test.mydom.com;
+
+  # X-Frame-Options is to prevent from click-jacking attack
+  #add_header X-Frame-Options SAMEORIGIN;
+
+  # Disable content-type sniffing on some browsers.
+  add_header X-Content-Type-Options nosniff;
+
+  # This header enables the Cross-site scripting (XSS) filter
+  add_header X-XSS-Protection "1; mode=block";
+
+  # This header controls what referrer information is shared
+  add_header Referrer-Policy same-origin;
+
+  # Content-Security-Policy is set via meta tag on the website so it is not included here
+
+  location / {
+    proxy_pass http://bitwarden-web/;
+  }
+
+  location = /app-id.json {
+    proxy_pass http://bitwarden-web:5000/app-id.json;
+    proxy_hide_header Content-Type;
+    add_header Content-Type $fido_content_type;
+  }
+
+  location /attachments/ {
+    proxy_pass http://bitwarden-attachments:5000/;
+  }
+
+  location /api/ {
+    proxy_pass http://bitwarden-api:5000/;
+  }
+
+  location /identity/ {
+    proxy_pass http://bitwarden-identity:5000/;
+  }
+
+  location /icons/ {
+    proxy_pass http://bitwarden-icons:5000/;
+  }
+
+  location /admin {
+    proxy_pass http://bitwarden-admin:5000;
+  }
+}