From bdae7b1060737bb2a55186da14dd0fca089ba6dc Mon Sep 17 00:00:00 2001
From: VC <veretcle+framagit@mateu.be>
Date: Fri, 7 Feb 2025 16:35:43 +0100
Subject: [PATCH] =?UTF-8?q?=E2=9A=A1=EF=B8=8F:=20improve=20configuration?=
 =?UTF-8?q?=20for=20nginx?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 inventory/host_vars/pt1.dmz.mateu.be.yml       | 1 +
 inventory/host_vars/vlt1.dmz.mateu.be.yml      | 2 ++
 roles/nginx/defaults/main.yml                  | 1 +
 roles/nginx/templates/nginx.conf.j2            | 2 +-
 roles/vaultwarden/templates/vaultwarden.env.j2 | 2 +-
 5 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/inventory/host_vars/pt1.dmz.mateu.be.yml b/inventory/host_vars/pt1.dmz.mateu.be.yml
index c4fd4b2..4b241b6 100644
--- a/inventory/host_vars/pt1.dmz.mateu.be.yml
+++ b/inventory/host_vars/pt1.dmz.mateu.be.yml
@@ -1,3 +1,4 @@
 ---
 web_hostname:
   - host: p.nintendojo.fr
+nginx_other_headers: false
diff --git a/inventory/host_vars/vlt1.dmz.mateu.be.yml b/inventory/host_vars/vlt1.dmz.mateu.be.yml
index c8981fe..7f4d7c5 100644
--- a/inventory/host_vars/vlt1.dmz.mateu.be.yml
+++ b/inventory/host_vars/vlt1.dmz.mateu.be.yml
@@ -19,3 +19,5 @@ vaultwarden_admin_token: !vault |
           38326263353137386437383337343964373032323535663732663639653638656266653436363063
           33363662653463353965366565613531663339363563633039393234323330383430643734376436
           3139313735663133366334376130353438343863343534663034
+
+nginx_other_headers: false
diff --git a/roles/nginx/defaults/main.yml b/roles/nginx/defaults/main.yml
index 506ac3d..b1fefff 100644
--- a/roles/nginx/defaults/main.yml
+++ b/roles/nginx/defaults/main.yml
@@ -1,3 +1,4 @@
 ---
 
 nginx_extra_mods: []
+nginx_other_headers: true
diff --git a/roles/nginx/templates/nginx.conf.j2 b/roles/nginx/templates/nginx.conf.j2
index 165dda7..d5395d7 100644
--- a/roles/nginx/templates/nginx.conf.j2
+++ b/roles/nginx/templates/nginx.conf.j2
@@ -54,7 +54,7 @@ http {
 	gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;
 	
 	include nginx.ssl.conf;
-{% if inventory_hostname != 'pt1.dmz.mateu.be' %}
+{% if nginx_other_headers %}
 	include nginx.other_headers.conf;
 {% endif %}
 
diff --git a/roles/vaultwarden/templates/vaultwarden.env.j2 b/roles/vaultwarden/templates/vaultwarden.env.j2
index de74293..2b736b0 100644
--- a/roles/vaultwarden/templates/vaultwarden.env.j2
+++ b/roles/vaultwarden/templates/vaultwarden.env.j2
@@ -182,7 +182,7 @@ WEB_VAULT_FOLDER=/usr/share/vaultwarden-web-vault/
 ## For public server (URL with port number)
 # DOMAIN=https://vw.domain.tld:8443
 ## For public server (URL with path)
-# DOMAIN=https://domain.tld/vw
+DOMAIN=https://{{ web_hostname[0].host }}
 
 ## Controls whether users are allowed to create Bitwarden Sends.
 ## This setting applies globally to all users.