# Bitwarden Reverse Proxy ( linux based )
## I created a separate ssl.conf for bitwarden to get ridd of some errors in the console and named it bitssl.conf
### If the .conf errors out for you just change line 11 with correct ssl.conf & change line 16 to comment out geoblock.conf
#### Always change Apex, TLD, IP, Port to your own!

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name bw.FQDN.TLD;
    
    include /config/nginx/bitssl.conf;
    
    client_max_body_size 128M;
    
# Maxmind Geographic IP Block
    include /config/nginx/geoblock.conf;
    
    location /{
      proxy_pass http://IP:PORT;
      proxy_redirect off;
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-Protocol $scheme;
      proxy_set_header X-Url-Scheme $scheme;
      proxy_hide_header X-Frame-Options;
      proxy_hide_header   "x-webkit-csp";
      proxy_hide_header   "content-security-policy";
    }
    
    location /notifications/hub/negotiate {
      proxy_pass http://IP:PORT;
  }

  location /notifications/hub {
      proxy_pass http://IP:PORT;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
  }

}