From 60b044a2cae296b4e458163b6c1a82e314ac5909 Mon Sep 17 00:00:00 2001 From: Simon L Date: Wed, 18 Oct 2023 13:42:53 +0200 Subject: [PATCH 1/2] allow to block vaultwarden admin interface Signed-off-by: Simon L --- start.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/start.sh b/start.sh index c4ad41e..4ac4ce4 100644 --- a/start.sh +++ b/start.sh @@ -33,13 +33,32 @@ if [ -f "/nextcloud/admin/files/nextcloud-aio-caddy/GeoLite2-Country.mmdb" ]; th cp /nextcloud/admin/files/nextcloud-aio-caddy/GeoLite2-Country.mmdb /data/ FILE_THERE=1 fi +if [ -f "/nextcloud/admin/files/nextcloud-aio-caddy/block-vaultwarden-admin" ]; then + VAULTWARDEN_BLOCK=1 +fi if [ -n "$(dig A +short nextcloud-aio-vaultwarden)" ] && ! grep -q nextcloud-aio-vaultwarden /Caddyfile; then cat << CADDY >> /Caddyfile https://bw.{\$NC_DOMAIN}:443 { # import GEOFILTER +CADDY + + if [ "$VAULTWARDEN_BLOCK" = 1 ]; then + cat << CADDY >> /Caddyfile + @blacklisted { + not { + path /admin* + } + } + reverse_proxy @blacklisted nextcloud-aio-vaultwarden:8812 +CADDY + else + cat << CADDY >> /Caddyfile reverse_proxy nextcloud-aio-vaultwarden:8812 +CADDY + fi + cat << CADDY >> /Caddyfile # TLS options tls { issuer acme { From 06145fbf3be609bda606b6756fa29e12a8b39366 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 12 Jul 2024 16:24:33 +0200 Subject: [PATCH 2/2] increase to v2 by default Signed-off-by: Simon L. --- .github/workflows/docker-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 0db8211..6ac490f 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -6,7 +6,7 @@ on: tagName: description: "Tag name" required: true - default: 'v1' + default: 'v2' jobs: push_to_registry: