65 lines
1.8 KiB
Django/Jinja
65 lines
1.8 KiB
Django/Jinja
prestataire.ludikevent.fr, intranet.ludikevent.fr, signature.ludikevent.fr, reservation.ludikevent.fr {
|
|
# Logs applicatifs
|
|
log {
|
|
output file {{ path }}/var/log/caddy.log
|
|
}
|
|
|
|
# Compression (Gzip + Zstd) pour la performance
|
|
encode zstd gzip
|
|
|
|
tls {
|
|
dns cloudflare KL6pZ-Z_12_zbnM2TtFDIsKM8A-HLPhU5GJJbKTW
|
|
}
|
|
|
|
root * {{ path }}/public
|
|
file_server
|
|
|
|
request_body {
|
|
max_size 100MB
|
|
}
|
|
|
|
# --- SÉCURITÉ & HEADERS ---
|
|
header {
|
|
# Headers de sécurité
|
|
X-Content-Type-Options "nosniff"
|
|
X-Frame-Options "DENY"
|
|
Referrer-Policy "strict-origin-when-cross-origin"
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
|
|
# Masquer le serveur pour plus de discrétion
|
|
-Server
|
|
}
|
|
|
|
# --- ROBOTS TAGGING ---
|
|
@noindex_hosts host intranet.ludikevent.fr signature.ludikevent.fr
|
|
header @noindex_hosts X-Robots-Tag "noindex, nofollow"
|
|
|
|
@index_host host reservation.ludikevent.fr
|
|
header @index_host -X-Robots-Tag
|
|
|
|
# --- REDIRECTIONS ---
|
|
handle_path /utm_reserve.js {
|
|
redir https://tools-security.esy-web.dev/script.js permanent
|
|
}
|
|
handle_path /ts.js {
|
|
redir https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js permanent
|
|
}
|
|
|
|
# --- ASSETS & CACHE ---
|
|
# Réécriture /assets -> /build (Vite/Webpack)
|
|
handle_path /assets/* {
|
|
rewrite * /build{path}
|
|
}
|
|
|
|
# --- PHP FASTCGI ---
|
|
php_fastcgi unix//run/php/php8.4-fpm.sock {
|
|
read_timeout 300s
|
|
write_timeout 300s
|
|
dial_timeout 100s
|
|
|
|
# Transmission de l'IP réelle Cloudflare à PHP
|
|
# Les autres headers Cloudflare (CF-Ray, etc.) sont transmis automatiquement
|
|
env REMOTE_ADDR {header.CF-Connecting-IP}
|
|
}
|
|
}
|