✨ feat(ansible/templates): Simplifie et améliore la configuration Caddy.

2026-01-28 13:11:48 +01:00
parent a01390d3b7
commit 89ad16c5cb
1 changed files with 7 additions and 33 deletions
--- a/ansible/templates/caddy.j2
+++ b/ansible/templates/caddy.j2
@@ -6,60 +6,34 @@ intranet.ludikevent.fr, signature.ludikevent.fr, reservation.ludikevent.fr {
    root * {{ path }}/public
    file_server

-    request_body {
-        max_size 100MB
+    # --- REWRITE INVISIBLE POUR LE SITE VISITEUR ---
+    @visitor_home {
+        host reservation.ludikevent.fr
+        path /
    }
+    rewrite @visitor_home /reservation

-    # --- GESTION DU REWRITE INVISIBLE (RESERVATION) ---
-    @is_reservation host reservation.ludikevent.fr
-    handle @is_reservation {
-        # Si l'utilisateur demande la racine /, on réécrit vers /reservation en interne
-        rewrite / /reservation/
-
-        # Pour que PHP-FPM trouve le bon fichier index.php dans le sous-dossier
-        try_files {path} {path}/ /reservation/index.php?{query}
-    }
-
-    # --- NO-INDEX MATCHER ---
+    # --- NO-INDEX ---
    @noindex_hosts host intranet.ludikevent.fr signature.ludikevent.fr
    header @noindex_hosts X-Robots-Tag "noindex, nofollow"

    @index_host host reservation.ludikevent.fr
    header @index_host -X-Robots-Tag

-    # --- REDIRECTIONS EXTERNES ---
-    handle_path /utm_reserve.js {
-        redir https://tools-security.esy-web.dev/script.js
-    }
-    handle_path /ts.js {
-        redir https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
-    }
-
-    # --- BLOC HEADER AVEC CSP ---
+    # --- HEADERS & PHP ---
    header {
        X-Content-Type-Options "nosniff"
        X-Frame-Options "DENY"
        Referrer-Policy "strict-origin-when-cross-origin"
-
-        # Injection des headers Cloudflare pour PHP
        CF-Connecting-IP {header.CF-Connecting-IP}
-        CF-IPCountry {header.CF-IPCountry}
-        CF-RegionCode {header.CF-RegionCode}
-        CF-IPCity {header.CF-IPCity}
        X-Real-IP {remote_host}
    }

-    # --- ASSETS ---
    handle_path /assets/* {
        rewrite * /build{path}
    }

-    # --- PHP FASTCGI ---
    php_fastcgi unix//run/php/php8.4-fpm.sock {
-        read_timeout 300s
-        write_timeout 300s
-        dial_timeout 100s
-
        env REMOTE_ADDR {header.CF-Connecting-IP}
    }
 }