From f02608e2cf0d5f068cb02e397db2ccf19e4b39df Mon Sep 17 00:00:00 2001
From: Eric Nemchik <eric@nemchik.com>
Date: Sat, 11 Nov 2023 13:36:10 -0600
Subject: [PATCH 1/3] update bitwarden/vaultwarden templates

Signed-off-by: Eric Nemchik <eric@nemchik.com>
---
 bitwarden.subdomain.conf.sample   | 5 ++---
 bitwarden.subfolder.conf.sample   | 5 ++---
 vaultwarden.subdomain.conf.sample | 5 ++---
 vaultwarden.subfolder.conf.sample | 5 ++---
 4 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/bitwarden.subdomain.conf.sample b/bitwarden.subdomain.conf.sample
index 4621ec9..36e14b0 100644
--- a/bitwarden.subdomain.conf.sample
+++ b/bitwarden.subdomain.conf.sample
@@ -1,7 +1,6 @@
-## Version 2023/05/31
+## Version 2023/11/11
 # make sure that your bitwarden container is named bitwarden
 # make sure that your dns has a cname set for bitwarden
-# set the environment variable WEBSOCKET_ENABLED=true on your bitwarden container
 
 server {
     listen 443 ssl http2;
@@ -82,7 +81,7 @@ server {
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app bitwarden;
-        set $upstream_port 3012;
+        set $upstream_port 80;
         set $upstream_proto http;
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
diff --git a/bitwarden.subfolder.conf.sample b/bitwarden.subfolder.conf.sample
index b41a86d..0d11e2b 100644
--- a/bitwarden.subfolder.conf.sample
+++ b/bitwarden.subfolder.conf.sample
@@ -1,8 +1,7 @@
-## Version 2023/02/13
+## Version 2023/11/11
 # make sure that your bitwarden container is named bitwarden
 # make sure that bitwarden is set to work with the base url /bitwarden/
 ## Environmental Variable DOMAIN=https://<DOMAIN>/bitwarden must be set in bitwarden container including subfolder.
-## This is using ports 80 and 3012
 
 location /bitwarden {
     return 301 $scheme://$host/bitwarden/;
@@ -68,7 +67,7 @@ location ~ (/bitwarden)?/notifications/hub {
     include /config/nginx/proxy.conf;
     include /config/nginx/resolver.conf;
     set $upstream_app bitwarden;
-    set $upstream_port 3012;
+    set $upstream_port 80;
     set $upstream_proto http;
     proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
diff --git a/vaultwarden.subdomain.conf.sample b/vaultwarden.subdomain.conf.sample
index 475d84c..d7d2087 100644
--- a/vaultwarden.subdomain.conf.sample
+++ b/vaultwarden.subdomain.conf.sample
@@ -1,7 +1,6 @@
-## Version 2023/05/31
+## Version 2023/11/11
 # make sure that your vaultwarden container is named vaultwarden
 # make sure that your dns has a cname set for vaultwarden
-# set the environment variable WEBSOCKET_ENABLED=true on your vaultwarden container
 
 server {
     listen 443 ssl http2;
@@ -82,7 +81,7 @@ server {
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app vaultwarden;
-        set $upstream_port 3012;
+        set $upstream_port 80;
         set $upstream_proto http;
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
diff --git a/vaultwarden.subfolder.conf.sample b/vaultwarden.subfolder.conf.sample
index 85aedfe..2a5b8b4 100644
--- a/vaultwarden.subfolder.conf.sample
+++ b/vaultwarden.subfolder.conf.sample
@@ -1,8 +1,7 @@
-## Version 2023/03/27
+## Version 2023/11/11
 # make sure that your vaultwarden container is named vaultwarden
 # make sure that vaultwarden is set to work with the base url /vaultwarden/
 ## Environmental Variable DOMAIN=https://<DOMAIN>/vaultwarden must be set in vaultwarden container including subfolder.
-## This is using ports 80 and 3012
 
 location /vaultwarden {
     return 301 $scheme://$host/vaultwarden/;
@@ -68,7 +67,7 @@ location ~ (/vaultwarden)?/notifications/hub {
     include /config/nginx/proxy.conf;
     include /config/nginx/resolver.conf;
     set $upstream_app vaultwarden;
-    set $upstream_port 3012;
+    set $upstream_port 80;
     set $upstream_proto http;
     proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 

From 778c764abc6fd30701637c208f2ce329e2d574ce Mon Sep 17 00:00:00 2001
From: Eric Nemchik <eric@nemchik.com>
Date: Sat, 11 Nov 2023 14:06:52 -0600
Subject: [PATCH 2/3] remove unused negotiate endpoint

Signed-off-by: Eric Nemchik <eric@nemchik.com>
---
 bitwarden.subdomain.conf.sample   | 10 ----------
 bitwarden.subfolder.conf.sample   | 10 ----------
 vaultwarden.subdomain.conf.sample | 10 ----------
 vaultwarden.subfolder.conf.sample | 10 ----------
 4 files changed, 40 deletions(-)

diff --git a/bitwarden.subdomain.conf.sample b/bitwarden.subdomain.conf.sample
index 36e14b0..44b939a 100644
--- a/bitwarden.subdomain.conf.sample
+++ b/bitwarden.subdomain.conf.sample
@@ -86,14 +86,4 @@ server {
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
     }
-
-    location ~ (/bitwarden)?/notifications/hub/negotiate {
-        include /config/nginx/proxy.conf;
-        include /config/nginx/resolver.conf;
-        set $upstream_app bitwarden;
-        set $upstream_port 80;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-    }
 }
diff --git a/bitwarden.subfolder.conf.sample b/bitwarden.subfolder.conf.sample
index 0d11e2b..b9caeae 100644
--- a/bitwarden.subfolder.conf.sample
+++ b/bitwarden.subfolder.conf.sample
@@ -73,13 +73,3 @@ location ~ (/bitwarden)?/notifications/hub {
 
 }
 
-location ~ (/bitwarden)?/notifications/hub/negotiate {
-    include /config/nginx/proxy.conf;
-    include /config/nginx/resolver.conf;
-    set $upstream_app bitwarden;
-    set $upstream_port 80;
-    set $upstream_proto http;
-    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-}
-
diff --git a/vaultwarden.subdomain.conf.sample b/vaultwarden.subdomain.conf.sample
index d7d2087..0b82bcd 100644
--- a/vaultwarden.subdomain.conf.sample
+++ b/vaultwarden.subdomain.conf.sample
@@ -86,14 +86,4 @@ server {
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
     }
-
-    location ~ (/vaultwarden)?/notifications/hub/negotiate {
-        include /config/nginx/proxy.conf;
-        include /config/nginx/resolver.conf;
-        set $upstream_app vaultwarden;
-        set $upstream_port 80;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-    }
 }
diff --git a/vaultwarden.subfolder.conf.sample b/vaultwarden.subfolder.conf.sample
index 2a5b8b4..3b7b3db 100644
--- a/vaultwarden.subfolder.conf.sample
+++ b/vaultwarden.subfolder.conf.sample
@@ -73,13 +73,3 @@ location ~ (/vaultwarden)?/notifications/hub {
 
 }
 
-location ~ (/vaultwarden)?/notifications/hub/negotiate {
-    include /config/nginx/proxy.conf;
-    include /config/nginx/resolver.conf;
-    set $upstream_app vaultwarden;
-    set $upstream_port 80;
-    set $upstream_proto http;
-    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-}
-

From ddcc002e2b810a04990df8f587695ed6a2b4ad1b Mon Sep 17 00:00:00 2001
From: Eric Nemchik <eric@nemchik.com>
Date: Sun, 12 Nov 2023 10:26:28 -0600
Subject: [PATCH 3/3] clarify correct config for *warden

Signed-off-by: Eric Nemchik <eric@nemchik.com>
---
 bitwarden.subdomain.conf.sample   | 14 +++---
 bitwarden.subfolder.conf.sample   | 75 -------------------------------
 vaultwarden.subdomain.conf.sample |  6 ++-
 vaultwarden.subfolder.conf.sample |  9 +++-
 4 files changed, 21 insertions(+), 83 deletions(-)
 delete mode 100644 bitwarden.subfolder.conf.sample

diff --git a/bitwarden.subdomain.conf.sample b/bitwarden.subdomain.conf.sample
index 44b939a..0b5eeb9 100644
--- a/bitwarden.subdomain.conf.sample
+++ b/bitwarden.subdomain.conf.sample
@@ -1,6 +1,10 @@
-## Version 2023/11/11
+## Version 2023/11/12
 # make sure that your bitwarden container is named bitwarden
 # make sure that your dns has a cname set for bitwarden
+# if you are using bitwarden (the official image), use the bitwarden conf
+# if you are using vaultwarden (an unofficial implementation), use the vaultwarden conf
+#
+# bitwarden defaults to port 8080 and can be changed using the environment variable BW_PORT_HTTP on the bitwarden container
 
 server {
     listen 443 ssl http2;
@@ -38,7 +42,7 @@ server {
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app bitwarden;
-        set $upstream_port 80;
+        set $upstream_port 8080;
         set $upstream_proto http;
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
@@ -61,7 +65,7 @@ server {
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app bitwarden;
-        set $upstream_port 80;
+        set $upstream_port 8080;
         set $upstream_proto http;
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
@@ -71,7 +75,7 @@ server {
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app bitwarden;
-        set $upstream_port 80;
+        set $upstream_port 8080;
         set $upstream_proto http;
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
@@ -81,7 +85,7 @@ server {
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app bitwarden;
-        set $upstream_port 80;
+        set $upstream_port 8080;
         set $upstream_proto http;
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
diff --git a/bitwarden.subfolder.conf.sample b/bitwarden.subfolder.conf.sample
deleted file mode 100644
index b9caeae..0000000
--- a/bitwarden.subfolder.conf.sample
+++ /dev/null
@@ -1,75 +0,0 @@
-## Version 2023/11/11
-# make sure that your bitwarden container is named bitwarden
-# make sure that bitwarden is set to work with the base url /bitwarden/
-## Environmental Variable DOMAIN=https://<DOMAIN>/bitwarden must be set in bitwarden container including subfolder.
-
-location /bitwarden {
-    return 301 $scheme://$host/bitwarden/;
-}
-
-location ^~ /bitwarden/ {
-    # enable the next two lines for http auth
-    #auth_basic "Restricted";
-    #auth_basic_user_file /config/nginx/.htpasswd;
-
-    # enable for ldap auth (requires ldap-server.conf in the server block)
-    #include /config/nginx/ldap-location.conf;
-
-    # enable for Authelia (requires authelia-server.conf in the server block)
-    #include /config/nginx/authelia-location.conf;
-
-    # enable for Authentik (requires authentik-server.conf in the server block)
-    #include /config/nginx/authentik-location.conf;
-
-    include /config/nginx/proxy.conf;
-    include /config/nginx/resolver.conf;
-    set $upstream_app bitwarden;
-    set $upstream_port 80;
-    set $upstream_proto http;
-    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-}
-
-location ~ (/bitwarden)?/admin {
-    # enable the next two lines for http auth
-    #auth_basic "Restricted";
-    #auth_basic_user_file /config/nginx/.htpasswd;
-
-    # enable for ldap auth (requires ldap-server.conf in the server block)
-    #include /config/nginx/ldap-location.conf;
-
-    # enable for Authelia (requires authelia-server.conf in the server block)
-    #include /config/nginx/authelia-location.conf;
-
-    # enable for Authentik (requires authentik-server.conf in the server block)
-    #include /config/nginx/authentik-location.conf;
-
-    include /config/nginx/proxy.conf;
-    include /config/nginx/resolver.conf;
-    set $upstream_app bitwarden;
-    set $upstream_port 80;
-    set $upstream_proto http;
-    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-}
-
-location ~ (/bitwarden)?/api {
-    include /config/nginx/proxy.conf;
-    include /config/nginx/resolver.conf;
-    set $upstream_app bitwarden;
-    set $upstream_port 80;
-    set $upstream_proto http;
-    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-}
-
-location ~ (/bitwarden)?/notifications/hub {
-    include /config/nginx/proxy.conf;
-    include /config/nginx/resolver.conf;
-    set $upstream_app bitwarden;
-    set $upstream_port 80;
-    set $upstream_proto http;
-    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-}
-
diff --git a/vaultwarden.subdomain.conf.sample b/vaultwarden.subdomain.conf.sample
index 0b82bcd..a7ac06d 100644
--- a/vaultwarden.subdomain.conf.sample
+++ b/vaultwarden.subdomain.conf.sample
@@ -1,6 +1,10 @@
-## Version 2023/11/11
+## Version 2023/11/12
 # make sure that your vaultwarden container is named vaultwarden
 # make sure that your dns has a cname set for vaultwarden
+# if you are using bitwarden (the official image), use the bitwarden conf
+# if you are using vaultwarden (an unofficial implementation), use the vaultwarden conf
+#
+# vaultwarden defaults to port 80 and can be changed using the environment variable ROCKET_PORT on the vaultwarden container
 
 server {
     listen 443 ssl http2;
diff --git a/vaultwarden.subfolder.conf.sample b/vaultwarden.subfolder.conf.sample
index 3b7b3db..2bba167 100644
--- a/vaultwarden.subfolder.conf.sample
+++ b/vaultwarden.subfolder.conf.sample
@@ -1,7 +1,12 @@
-## Version 2023/11/11
+## Version 2023/11/12
 # make sure that your vaultwarden container is named vaultwarden
 # make sure that vaultwarden is set to work with the base url /vaultwarden/
-## Environmental Variable DOMAIN=https://<DOMAIN>/vaultwarden must be set in vaultwarden container including subfolder.
+# if you are using bitwarden (the official image), use the bitwarden conf
+# if you are using vaultwarden (an unofficial implementation), use the vaultwarden conf
+#
+# vaultwarden defaults to port 80 and can be changed using the environment variable ROCKET_PORT on the vaultwarden container
+#
+# Environmental Variable DOMAIN=https://<DOMAIN>/vaultwarden must be set in vaultwarden container including subfolder.
 
 location /vaultwarden {
     return 301 $scheme://$host/vaultwarden/;