admin/ludikevent_crm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(ansible/templates): Simplifie et améliore la configuration Caddy.

Browse Source
This commit is contained in:
Serreau Jovann
2026-01-28 13:11:48 +01:00
parent a01390d3b7
commit 89ad16c5cb
1 changed files with 7 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
ansible/templates/caddy.j2
View File

@@ -6,60 +6,34 @@ intranet.ludikevent.fr, signature.ludikevent.fr, reservation.ludikevent.fr {
root * {{ path }}/public root * {{ path }}/public
file_server file_server
request_body { # --- REWRITE INVISIBLE POUR LE SITE VISITEUR ---
max_size 100MB @visitor_home {
host reservation.ludikevent.fr
path /
} }
rewrite @visitor_home /reservation
# --- GESTION DU REWRITE INVISIBLE (RESERVATION) --- # --- NO-INDEX ---
@is_reservation host reservation.ludikevent.fr
handle @is_reservation {
# Si l'utilisateur demande la racine /, on réécrit vers /reservation en interne
rewrite / /reservation/
# Pour que PHP-FPM trouve le bon fichier index.php dans le sous-dossier
try_files {path} {path}/ /reservation/index.php?{query}
}
# --- NO-INDEX MATCHER ---
@noindex_hosts host intranet.ludikevent.fr signature.ludikevent.fr @noindex_hosts host intranet.ludikevent.fr signature.ludikevent.fr
header @noindex_hosts X-Robots-Tag "noindex, nofollow" header @noindex_hosts X-Robots-Tag "noindex, nofollow"
@index_host host reservation.ludikevent.fr @index_host host reservation.ludikevent.fr
header @index_host -X-Robots-Tag header @index_host -X-Robots-Tag
# --- REDIRECTIONS EXTERNES --- # --- HEADERS & PHP ---
handle_path /utm_reserve.js {
redir https://tools-security.esy-web.dev/script.js
}
handle_path /ts.js {
redir https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
}
# --- BLOC HEADER AVEC CSP ---
header { header {
X-Content-Type-Options "nosniff" X-Content-Type-Options "nosniff"
X-Frame-Options "DENY" X-Frame-Options "DENY"
Referrer-Policy "strict-origin-when-cross-origin" Referrer-Policy "strict-origin-when-cross-origin"
# Injection des headers Cloudflare pour PHP
CF-Connecting-IP {header.CF-Connecting-IP} CF-Connecting-IP {header.CF-Connecting-IP}
CF-IPCountry {header.CF-IPCountry}
CF-RegionCode {header.CF-RegionCode}
CF-IPCity {header.CF-IPCity}
X-Real-IP {remote_host} X-Real-IP {remote_host}
} }
# --- ASSETS ---
handle_path /assets/* { handle_path /assets/* {
rewrite * /build{path} rewrite * /build{path}
} }
# --- PHP FASTCGI ---
php_fastcgi unix//run/php/php8.4-fpm.sock { php_fastcgi unix//run/php/php8.4-fpm.sock {
read_timeout 300s
write_timeout 300s
dial_timeout 100s
env REMOTE_ADDR {header.CF-Connecting-IP} env REMOTE_ADDR {header.CF-Connecting-IP}
} }
} }