Lucas/reverse-proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add pauline ghost and wp

Browse Source
This commit is contained in:
Lucas
2026-02-18 11:06:14 +00:00
parent 9990b7deab
commit ae6d1b775f
2 changed files with 65 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
Caddyfile
View File

@@ -413,3 +413,64 @@ csv.lucasroyer.fr {
header Content-Type "text/csv; charset=utf-8" header Content-Type "text/csv; charset=utf-8"
header Access-Control-Allow-Origin "*" header Access-Control-Allow-Origin "*"
} }
ghost.pauline.lucasroyer.fr {
# Security
header {
X-Frame-Options "SAMEORIGIN"
X-Content-Type-Options "nosniff"
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Referrer-Policy "strict-origin-when-cross-origin"
X-XSS-Protection "1; mode=block"
Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net; img-src 'self' data: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com;"
}
# Compression
encode zstd gzip
# Log
log {
output file /data/pauline_ghost_access.log
}
# Redirect
reverse_proxy ghost:2368
}
paulinebouillaud.fr {
root * /var/www/html
# Security
header {
X-Frame-Options "SAMEORIGIN"
X-Content-Type-Options "nosniff"
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Referrer-Policy "strict-origin-when-cross-origin"
X-XSS-Protection "1; mode=block"
Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://*.youtube-nocookie.com https://*.youtube.com https://*.vimeo.com https://*.doubleclick.net; img-src 'self' data: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-ancestors 'self';"
}
# Compression
encode zstd gzip
# Logs
log {
output file /data/pauline_wordpress_access.log
}
# --- Wordpress FPM ---
file_server
php_fastcgi wordpress-app:9000 {
resolve_root_symlink
}
# Security
@forbidden {
path /xmlrpc.php
path /.htaccess
path /wp-config.php
path /readme.html
}
respond @forbidden 403
}

9
docker-compose.yml
View File

@@ -15,23 +15,22 @@ services:
- /home/lucas/services/n8n/local-files/csv:/srv/csv:ro - /home/lucas/services/n8n/local-files/csv:/srv/csv:ro
- /home/lucas/services/static-sites/site-spationautes:/srv/site-spationautes:ro - /home/lucas/services/static-sites/site-spationautes:/srv/site-spationautes:ro
- /home/lucas/services/static-sites/site-veloboomboom:/srv/site-veloboomboom:ro - /home/lucas/services/static-sites/site-veloboomboom:/srv/site-veloboomboom:ro
- wp_data:/var/www/html:ro
networks: networks:
- reverse-proxy - reverse-proxy
ports: ports:
- "80:80" - "80:80"
- "443:443" - "443:443"
- "443:443/udp" - "443:443/udp"
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
volumes: volumes:
caddy_data: caddy_data:
name: caddy_data name: caddy_data
caddy_config: caddy_config:
name: caddy_config name: caddy_config
wp_data:
external: true
name : wordpress_wp_data
networks: networks:
reverse-proxy: reverse-proxy: