This Cloudflare Worker can be used to execute a cache purge on a given Cloudflare zone when invoked. It uses HTTP Basic Authentication to allow only authorized users. This is the only authentication scheme currently supported by Ghost Webhooks. This can be used to automate cache purging on certain actions on Ghost, for example new post publishing.
What it does:
- It accepts a request including an HTTP Basic Authentication header.
- If the credentials are invalid, an
HTTP 401response is returned. - It decodes the header and compares it with pre-configured credentials.
- If valid, it issues a Cloudflare API call for a specific zone, and purges everything.
- If the call is successful, it returns an
HTTP 200response, otherwise it returns anHTTP 500error.
You can read full setup instructions on the related blog article I wrote.
For ease of use, this script should be managed using Wrangler. Further documentation for Wrangler can be found here.
The worker requires environment variables that needs to be set in your wrangler.toml file alongside the other options.
See the provided wrangler.toml.example included in this repository. It also expects two secrets, which need to be configured
via wrangler.
- Clone the repository and set up
wrangler - Add a
wrangler.tomlfile to your foldercp wrangler.toml.example wrangler.toml - Edit the file, adding your Cloudflare Account Id, Zone ID and the
WEBHOOK_USER,CF_ZONE_IDvalues - Test your changes
- Use
wrangler secret putto configure two secrets for your worker:wrangler secret put CF_AUTH_TOKENwith a Cloudflare API token with the Cache Purge permission for the intended zone.wrangler secret put WEBHOOK_PASSWORDwith the password that will be associated to the aboveWEBHOOK_USER - Once happy, run
wrangler publishto deploy the worker