vaultwarden/haproxy.sh

#!/bin/bash

. ./env.sh
BLOCK_BEGIN="# === BEGIN vaultwarden config ==="
BLOCK_END="# === END vaultwarden config ==="

CONFIG=$(cat <<EOF
$BLOCK_BEGIN
frontend http_redirect
    bind *:80
    acl is_vw hdr(host) -i $DOMAIN
    http-request redirect scheme https code 301 if is_vw
frontend vw_https
    bind *:443 ssl crt $SSL_PATH/fullchain.pem alpn h2,http/1.1
    mode http
    acl is_vw hdr(host) -i $DOMAIN
    use_backend vw_backend if is_vw

backend vw_backend
    mode http
    option httpchk GET /
    server home 10.238.75.62:8885 check inter 5s fall 3 rise 2
    server local 127.0.0.1:8885 check backup
$BLOCK_END
EOF
)

sudo sed -i "/$BLOCK_BEGIN/,/$BLOCK_END/d" "$HAPROXY_CFG"

echo "$CONFIG" | sudo tee -a "$HAPROXY_CFG" > /dev/null

sudo systemctl reload haproxy
Use variables for config 2025-04-25 15:38:43 +02:00			`#!/bin/bash`

			`. ./env.sh`
			`BLOCK_BEGIN="# === BEGIN vaultwarden config ==="`
			`BLOCK_END="# === END vaultwarden config ==="`

			`CONFIG=$(cat <<EOF`
			`$BLOCK_BEGIN`
			`frontend http_redirect`
			`bind *:80`
			`acl is_vw hdr(host) -i $DOMAIN`
			`http-request redirect scheme https code 301 if is_vw`
			`frontend vw_https`
			`bind *:443 ssl crt $SSL_PATH/fullchain.pem alpn h2,http/1.1`
			`mode http`
			`acl is_vw hdr(host) -i $DOMAIN`
			`use_backend vw_backend if is_vw`

			`backend vw_backend`
			`mode http`
			`option httpchk GET /`
			`server home 10.238.75.62:8885 check inter 5s fall 3 rise 2`
			`server local 127.0.0.1:8885 check backup`
			`$BLOCK_END`
			`EOF`
			`)`

			`sudo sed -i "/$BLOCK_BEGIN/,/$BLOCK_END/d" "$HAPROXY_CFG"`

			`echo "$CONFIG" \| sudo tee -a "$HAPROXY_CFG" > /dev/null`

			`sudo systemctl reload haproxy`