```
🗑️ remove(Security/RedirecListener.php): Supprime le listener de redirection obsolète. ✨ feat(ansible/templates/caddy.j2): Ajoute la gestion du rewrite invisible pour la réservation. 🐛 fix(config/packages/pwa.yaml): Corrige la hauteur de l'image PWA pour l'accueil. ```
This commit is contained in:
Serreau Jovann
@@ -10,6 +10,16 @@ intranet.ludikevent.fr, signature.ludikevent.fr, reservation.ludikevent.fr {
|
||||
max_size 100MB
|
||||
}
|
||||
|
||||
# --- GESTION DU REWRITE INVISIBLE (RESERVATION) ---
|
||||
@is_reservation host reservation.ludikevent.fr
|
||||
handle @is_reservation {
|
||||
# Si l'utilisateur demande la racine /, on réécrit vers /reservation en interne
|
||||
rewrite / /reservation/
|
||||
|
||||
# Pour que PHP-FPM trouve le bon fichier index.php dans le sous-dossier
|
||||
try_files {path} {path}/ /reservation/index.php?{query}
|
||||
}
|
||||
|
||||
# --- NO-INDEX MATCHER ---
|
||||
@noindex_hosts host intranet.ludikevent.fr signature.ludikevent.fr
|
||||
header @noindex_hosts X-Robots-Tag "noindex, nofollow"
|
||||
@@ -17,12 +27,14 @@ intranet.ludikevent.fr, signature.ludikevent.fr, reservation.ludikevent.fr {
|
||||
@index_host host reservation.ludikevent.fr
|
||||
header @index_host -X-Robots-Tag
|
||||
|
||||
# --- REDIRECTIONS EXTERNES ---
|
||||
handle_path /utm_reserve.js {
|
||||
redir https://tools-security.esy-web.dev/script.js
|
||||
}
|
||||
handle_path /ts.js {
|
||||
redir https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
|
||||
}
|
||||
|
||||
# --- BLOC HEADER AVEC CSP ---
|
||||
header {
|
||||
X-Content-Type-Options "nosniff"
|
||||
@@ -30,24 +42,24 @@ intranet.ludikevent.fr, signature.ludikevent.fr, reservation.ludikevent.fr {
|
||||
Referrer-Policy "strict-origin-when-cross-origin"
|
||||
|
||||
# Injection des headers Cloudflare pour PHP
|
||||
# Cela permet à PHP de les lire via $_SERVER['HTTP_CF_CONNECTING_IP'] etc.
|
||||
CF-Connecting-IP {header.CF-Connecting-IP}
|
||||
CF-IPCountry {header.CF-IPCountry}
|
||||
CF-RegionCode {header.CF-RegionCode}
|
||||
CF-IPCity {header.CF-IPCity}
|
||||
X-Real-IP {remote_host}
|
||||
}
|
||||
|
||||
# --- ASSETS ---
|
||||
handle_path /assets/* {
|
||||
rewrite * /build{path}
|
||||
}
|
||||
|
||||
# --- PHP FASTCGI ---
|
||||
# Ici, Caddy transmet automatiquement tous les headers définis ci-dessus au socket PHP
|
||||
php_fastcgi unix//run/php/php8.4-fpm.sock {
|
||||
read_timeout 300s
|
||||
write_timeout 300s
|
||||
dial_timeout 100s
|
||||
|
||||
# Optionnel : Forcer explicitement certains paramètres FastCGI si nécessaire
|
||||
env REMOTE_ADDR {header.CF-Connecting-IP}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user