roles/caddy/templates: closer to supporting WordPress

I still wouldn't want to deploy WordPress on Caddy until it's more obvious and standard to block paths that shouldn't be accessible. It seems that this is still left as an exercise to the site admin. This discussion has some tips, but it is four years old and hasn't changed since I last looked. See: https://caddy.community/t/using-caddy-to-harden-wordpress/13575
2025-03-29 22:09:37 +03:00 · 2025-03-29 22:09:37 +03:00 · 22c16e1ed3
commit 22c16e1ed3
parent 5aa6a33e51
1 changed files with 8 additions and 1 deletions
--- a/roles/caddy/templates/etc/caddy/conf.d/vhost.j2
+++ b/roles/caddy/templates/etc/caddy/conf.d/vhost.j2
@ -33,7 +33,14 @@
    encode zstd gzip

    file_server
-    {% endif %}
+    {% elif has_wordpress -%}
+    root * {{ document_root }}
+    encode
+    {%   if ansible_distribution == 'Debian' and ansible_distribution_major_version is version('12', '==') -%}
+    php_fastcgi unix//run/php/php8.2-fpm-{{ domain_name }}.sock
+    {%   endif -%}
+    file_server
+    {% endif -%}

    import security-headers
 }