themes/ecosplay/email/html/template.ftl

<#macro emailLayout>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>E-Cosplay</title>
</head>
<body style="margin:0;padding:0;background-color:#fbfbfb;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,Helvetica,Arial,sans-serif;color:#111827;">
    <table role="presentation" cellpadding="0" cellspacing="0" border="0" width="100%" style="background-color:#fbfbfb;padding:40px 16px;">
        <tr>
            <td align="center">
                <table role="presentation" cellpadding="0" cellspacing="0" border="0" width="600" style="max-width:600px;width:100%;">

                    <!-- Top bar -->
                    <tr>
                        <td style="background-color:#111827;border:4px solid #111827;padding:18px 24px;color:#ffffff;font-weight:900;text-transform:uppercase;letter-spacing:0.25em;font-size:12px;font-style:italic;">
                            // Authentification // E-Cosplay
                        </td>
                    </tr>

                    <!-- Logo -->
                    <tr>
                        <td style="background-color:#ffffff;border:4px solid #111827;border-top:0;padding:24px 24px 0 24px;text-align:center;">
                            <img src="data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAYEBAUEBAYFBQUGBgYHCQ4JCQgICRINDQoOFRIWFhUSFBQXGiEcFxgfGRQUHScdHyIjJSUlFhwpLCgkKyEkJST/2wBDAQYGBgkICREJCREkGBQYJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCT/wAARCAGQAZADASIAAhEBAxEB/8QAHQABAAICAwEBAAAAAAAAAAAAAAcIBQYDBAkBAv/EAFgQAAEDAwEFAgcIDgUKBQUAAAEAAgMEBQYRBwgSITETQSIyUWFxgZEUQnKCkqGx0RUWGCNDUlNik5SissHSJDNWwtMXJURGVGNzg4SjJlV0w/A2N2SF4f/EABsBAQACAwEBAAAAAAAAAAAAAAADBAIFBgEH/8QAOBEBAAEDAQMJBgQGAwAAAAAAAAECAwQRBTFBBhIhMlFhcZGhExUWgbHRFELB4TNSU4Ki4kPw8f/aAAwDAQACEQMRAD8AtSiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiDE5VkcOJ2OpvNTR1tXTUo45m0cQkkYzvfw6gkN6nTnpqdOS1WwbfdmeSBgo8utsMj/wdY40ztfJ98A+ZSAQHAgjUFUx3ltgTsOq5svxql/zFUP1qqaMcqGRx6gd0bj8knToQguTS1lPXQNnpZ4p4X82yRPDmn0Ecly6g9F5gWjIrzj83bWe7XC3Sa68VLUPiP7JCkSxbzu1Gx8LTkDbjE38HX07JdfS4AO+dBftFVDH99qrZwsyHEoZR76a31JZp8R4P7ykvH97LZneyxlVX11nkd72vpjw6/CZxD26IJkRYeyZjjmSUxqrNfbZcIWt4nOp6lj+AefQ8vWo4znek2f4dJLS0tZLfq6MlpitwDo2u8hlPg+ziQS+vhcACSQAOevcqWZXvhZzeXPjsNLb7BTnXhcGe6JgPO544fY1RPkO0DLssc43zJLrXh34OWpd2Y9DAQ0exBf++bW8Cxtzo7pltmp5W+NEKlr5B8Vup+ZaNdt7XZhbi4U9fcbmW/7JROAPrk4QqMaadBoviC59g3rW5xk9FjuI4VX1lTWSBokrKpsTYmdXSODQ7RrRqTz83Uqf1Xfd2tuzzZjjvu+45jjL8iuUbXVTjcYf6MzqIWni7urj3u8wCmJu0/BX+LmeOH/9lD/Mg2ZFrzdo2Fu6Zdjx9Fxh/mXI3PcSf4uUWN3or4T/AHkGdRYdmZY3J4mQWh3orIj/AHlzx5HZZf6u7W9/walh/igyKLpi8213S4Uh9EzfrXI25UT/ABaunPokb9aDsIuEVlOek8XywuVj2yN4mODh5QdUH1ERAREQEREBERAREQEREBERARNVw1VdS0UZkqqiGBg99K8MHtKDmRdC1X+0X0TG1XSiuAgcGSmlnbKI3aa6EtJ0Oncu+gIiICIiAiIgIiICInEPKEBcNZR09wpJqSrgjnp52OjlikaHNe0jQtIPUELl4h5QnEPKEFE94TYTUbL7sbtaI5JsZrZNInc3GjkPPsnnyfiuPUcjzHOHF6g3uzW3I7TVWi600VXQ1cZimhkGoe0/Qe8EcwQCFQbbbsbuGyXIjGO0qbHWOc6hrCOo/Jv8j2/OOY7wA1O0YZkV+t0txtFmrbhTQv7OV9LH2hjdproWt5jl5uaxtXQ1Vvl7Kspp6WUdWTRlh9h0WbwHO7ps+v8AFdra/ib4lRTuJDKiLvY76Qe481cWxZBZs9x+nudKIa+hqB/V1EbZDG4eMx7Tro4d/qPQhaHae1b+BXE1W+dRO6YnTTunf8l3Fxab8TEVaVKMtJbqWkjUaEjlqFy0lHUV1TFS0kEtRUSuDI4omlznuPcAOZKuLeNjWz+9lz58apaeR3v6Jzqc+xp4fmXPhOy7GNn8s9RZqWV1VNqDVVTxJKxn4jToOFvl0Gp7yqlXKvH9nNVNE87snT6p42Vd52kzGiCce3acuujGS3WehssbhrwTOMsw+IzkPQXBSHZN2XErfwyXe43K6OHNw4m00Xn14dXafGUv6r4ucyNv5178/Nju6PXf6thb2dZp3xr4qV7SbvjlxyOSHFLXTW6z0Y7CAxg8VToecri4knU9NegA861XUeUe1X8MMBHOCA+mJp/gvwaSlPWkpT6YGfUttZ5UxaoiiLUzp21az8+hUq2VVM686PJQbRn5q+jg/M+ZX1fbbe/x7fQu9NMw/wAFwusVnd41mtZ9NHF/Kpo5W08bU+f7MfdNX80KIeB+Z8yas/M+ZXu+16yf+SWn9Si/lXw43YncjYrQfTQxfyr34sp/pT5/s8901/zQoiS3835l+Tp+ar1Pw/GZPHxqxu9NBF/KtJ2oVuDbOLCax+K49Pc6nVlFSuoYvDcOr3cvEb3+U6Dv5S2OU8XrkWqLMzVPfDC5sybdM1VVRpCpWgTTRc1TUPq6mWol4OOV5e7gYGt1J15NHIDzBcS6prEg7Fdk9w2sZWygjdLBaqUtluFW38FHrya3892hA9Z6BegVls1Bj9qpbVbKaOloqSNsUMLOjGgch5/T1J5qomz/AHnca2ZYvT2Gw4HUuDPDnqJbg1r6mUjwpHaRnme4dwAAWXm336939RhFMz/iXFx+iMILYoqfzb6+Tu17DFrOzycc0rvoIXQqN8/PZGkQWbHIfOYZnf8AuILnoqOVO9ztOn17Oaz02v5KiB0+U4rEVW87tYqtf/FAhB7oqKBv9xBfrUeUJqvO2r26bTa3Xtc2vLdfyMwi/dAWv1udZZcSTXZPe6nXr21dK76XIPS6apgp28U00cQ8r3Bv0rD1mdYpbtfduTWWm069tXRN+ly80ZqmaqdxTzyzO8sjy76UjpZZf6uCR/wWEpM6Mqaaqp0pjV6IVm3TZnQ69rm1kdp17KoEv7mq124b1OyqhJbHfp6xw7qeimPzloCo3HZLi/xaKf1t0+lc8eM3R550wZ53vaP4rCbtEb6oW6Nm5dfUtVT/AGz9luLjvo4NTktorPkFWe4mKKNp9ryfmWt3DfeYPBt2EyO/OqLgB8zWH6VXSPEq5x8OWnYPhE/QF24sOH4WtPxI/rKjnKtRxXbXJ3aNzdamPHSPrKXbjvpZnM1zaDH7FS69DL2spH7TQtUum9JtUuYLY77T0DT72ko4m6etwcfnWrR4lQN8eSok+MB9AXZZjtrj5+5Q/wCG9x/iopzrcbtV+3yQzqutNMfP7RLo3Xavn15193ZlfpWnqwVj2N+S0gLWKqrqK2QyVVRNUP6l0ry8/OVncpZS0kUFNT08MTnEyOLGgHQchz9qyuxTDDnm0yyWeSPjpRMKmr5cuxj8JwPp0DfjKxaue0p5zSbRwpw782JqiqY01081z937CP
                        </td>
                    </tr>

                    <!-- Main card -->
                    <tr>
                        <td style="background-color:#ffffff;border:4px solid #111827;border-top:0;padding:32px 32px 40px 32px;">
                            <p style="margin:0 0 24px 0;color:#4f46e5;font-weight:900;text-transform:uppercase;letter-spacing:0.3em;font-size:11px;font-style:italic;">// Connexion sécurisée</p>
                            <div style="font-size:16px;line-height:1.65;font-weight:600;color:#1f2937;font-style:normal;">
                                <#nested>
                            </div>
                        </td>
                    </tr>

                    <!-- Yellow accent bar -->
                    <tr>
                        <td style="background-color:#facc15;border:4px solid #111827;border-top:0;padding:14px 24px;color:#111827;font-weight:900;text-transform:uppercase;letter-spacing:0.18em;font-size:11px;font-style:italic;text-align:center;">
                            Communauté Inclusive // Hauts-de-France
                        </td>
                    </tr>

                    <!-- Footer -->
                    <tr>
                        <td style="padding:24px 8px 0 8px;text-align:center;color:#6b7280;font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:0.1em;font-style:italic;line-height:1.6;">
                            &copy; E-Cosplay &middot; <a href="https://www.e-cosplay.fr" style="color:#4f46e5;text-decoration:underline;">www.e-cosplay.fr</a><br/>
                            Cet email vous a été envoyé suite à une action sur votre compte. Si vous n'êtes pas à l'origine de cette demande, ignorez ce message.
                        </td>
                    </tr>
                </table>
            </td>
        </tr>
    </table>
</body>
</html>
</#macro>
Go-live, ecosplay realm-as-code, and full theme coverage Go-live: - Switch keycloak from start-dev to start --import-realm (production mode with auto-build at boot, no Dockerfile needed yet). - Set KC_HOSTNAME=https://auth.e-cosplay.fr and KC_PROXY_HEADERS= xforwarded so Keycloak emits correct issuer URLs and trusts Caddy's X-Forwarded-* headers. - Replace deprecated KEYCLOAK_ADMIN env vars with KC_BOOTSTRAP_ADMIN_*. - Bind the public port to 127.0.0.1 only (Caddy is colocated). - Add a Keycloak healthcheck against /health/ready on the management port (9000) using bash /dev/tcp; init container now waits on service_healthy instead of service_started. Architecture: - New realms/ecosplay-realm.json mounted into /opt/keycloak/data/import and imported on first boot. Defines the dedicated 'ecosplay' realm (separate from master) with French i18n, brute-force protection, strong password policy, SES SMTP, and an OIDC client 'ecosplay-web' pointing at e-cosplay.fr (confidential + PKCE S256). Theme coverage: - themes/ecosplay/account: PatternFly v5 overlay (parent=keycloak.v2) bringing the neo-brutalist colors, thick borders, italic uppercase typography, and offset hard shadows to the user account console. - themes/ecosplay/email: branded HTML wrapper template (table layout with inline styles for email-client safety) plus a matching plain text wrapper. All Keycloak emails now ship with the E-Cosplay identity without needing per-template overrides. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-10 11:22:40 +02:00			`<#macro emailLayout>`
			`<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html xmlns="http://www.w3.org/1999/xhtml">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />`
			`<meta name="viewport" content="width=device-width, initial-scale=1.0" />`
			`<title>E-Cosplay</title>`
			`</head>`
			`<body style="margin:0;padding:0;background-color:#fbfbfb;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,Helvetica,Arial,sans-serif;color:#111827;">`
			`<table role="presentation" cellpadding="0" cellspacing="0" border="0" width="100%" style="background-color:#fbfbfb;padding:40px 16px;">`
			`<tr>`
			`<td align="center">`
			`<table role="presentation" cellpadding="0" cellspacing="0" border="0" width="600" style="max-width:600px;width:100%;">`

			`<!-- Top bar -->`
			`<tr>`
			`<td style="background-color:#111827;border:4px solid #111827;padding:18px 24px;color:#ffffff;font-weight:900;text-transform:uppercase;letter-spacing:0.25em;font-size:12px;font-style:italic;">`
			`// Authentification // E-Cosplay`
			`</td>`
			`</tr>`

Add E-Cosplay logo to login, account, and email themes - Bundle logo.jpg in the repo root as the source asset and copy it into themes/ecosplay/login/resources/img and themes/ecosplay/account/resources/img so Keycloak serves it under ${url.resourcesPath}/img/logo.jpg. - Login: render the logo above the auth card in a brutalist white frame (black border, offset hard shadow), 160x160. - Account console: inject a 64x64 brand mark in the masthead via a ::before pseudo-element on .pf-v5-c-masthead__brand using the theme's resources/img/logo.jpg as background. - Email: inline the logo as a base64 data URI (resized to 400x400 JPEG @ q82 ~14KB) directly in html/template.ftl, so external image blocking in mail clients does not hide it. Rendered as a 160x160 framed brand mark above the message body. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-10 14:45:31 +02:00			`<!-- Logo -->`
			`<tr>`
			`<td style="background-color:#ffffff;border:4px solid #111827;border-top:0;padding:24px 24px 0 24px;text-align:center;">`
			<img src="data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAYEBAUEBAYFBQUGBgYHCQ4JCQgICRINDQoOFRIWFhUSFBQXGiEcFxgfGRQUHScdHyIjJSUlFhwpLCgkKyEkJST/2wBDAQYGBgkICREJCREkGBQYJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCT/wAARCAGQAZADASIAAhEBAxEB/8QAHQABAAICAwEBAAAAAAAAAAAAAAcIBQYDBAkBAv/EAFgQAAEDAwEFAgcIDgUKBQUAAAEAAgMEBQYRBwgSITETQSIyUWFxgZEUQnKCkqGx0RUWGCNDUlNik5SissHSJDNWwtMXJURGVGNzg4SjJlV0w/A2N2SF4f/EABsBAQACAwEBAAAAAAAAAAAAAAADBAIFBgEH/8QAOBEBAAEDAQMJBgQGAwAAAAAAAAECAwQRBTFBBhIhMlFhcZGhExUWgbHRFELB4TNSU4Ki4kPw8f/aAAwDAQACEQMRAD8AtSiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiDE5VkcOJ2OpvNTR1tXTUo45m0cQkkYzvfw6gkN6nTnpqdOS1WwbfdmeSBgo8utsMj/wdY40ztfJ98A+ZSAQHAgjUFUx3ltgTsOq5svxql/zFUP1qqaMcqGRx6gd0bj8knToQguTS1lPXQNnpZ4p4X82yRPDmn0Ecly6g9F5gWjIrzj83bWe7XC3Sa68VLUPiP7JCkSxbzu1Gx8LTkDbjE38HX07JdfS4AO+dBftFVDH99qrZwsyHEoZR76a31JZp8R4P7ykvH97LZneyxlVX11nkd72vpjw6/CZxD26IJkRYeyZjjmSUxqrNfbZcIWt4nOp6lj+AefQ8vWo4znek2f4dJLS0tZLfq6MlpitwDo2u8hlPg+ziQS+vhcACSQAOevcqWZXvhZzeXPjsNLb7BTnXhcGe6JgPO544fY1RPkO0DLssc43zJLrXh34OWpd2Y9DAQ0exBf++bW8Cxtzo7pltmp5W+NEKlr5B8Vup+ZaNdt7XZhbi4U9fcbmW/7JROAPrk4QqMaadBoviC59g3rW5xk9FjuI4VX1lTWSBokrKpsTYmdXSODQ7RrRqTz83Uqf1Xfd2tuzzZjjvu+45jjL8iuUbXVTjcYf6MzqIWni7urj3u8wCmJu0/BX+LmeOH/9lD/Mg2ZFrzdo2Fu6Zdjx9Fxh/mXI3PcSf4uUWN3or4T/AHkGdRYdmZY3J4mQWh3orIj/AHlzx5HZZf6u7W9/walh/igyKLpi8213S4Uh9EzfrXI25UT/ABaunPokb9aDsIuEVlOek8XywuVj2yN4mODh5QdUH1ERAREQEREBERAREQEREBERARNVw1VdS0UZkqqiGBg99K8MHtKDmRdC1X+0X0TG1XSiuAgcGSmlnbKI3aa6EtJ0Oncu+gIiICIiAiIgIiICInEPKEBcNZR09wpJqSrgjnp52OjlikaHNe0jQtIPUELl4h5QnEPKEFE94TYTUbL7sbtaI5JsZrZNInc3GjkPPsnnyfiuPUcjzHOHF6g3uzW3I7TVWi600VXQ1cZimhkGoe0/Qe8EcwQCFQbbbsbuGyXIjGO0qbHWOc6hrCOo/Jv8j2/OOY7wA1O0YZkV+t0txtFmrbhTQv7OV9LH2hjdproWt5jl5uaxtXQ1Vvl7Kspp6WUdWTRlh9h0WbwHO7ps+v8AFdra/ib4lRTuJDKiLvY76Qe481cWxZBZs9x+nudKIa+hqB/V1EbZDG4eMx7Tro4d/qPQhaHae1b+BXE1W+dRO6YnTTunf8l3Fxab8TEVaVKMtJbqWkjUaEjlqFy0lHUV1TFS0kEtRUSuDI4omlznuPcAOZKuLeNjWz+9lz58apaeR3v6Jzqc+xp4fmXPhOy7GNn8s9RZqWV1VNqDVVTxJKxn4jToOFvl0Gp7yqlXKvH9nNVNE87snT6p42Vd52kzGiCce3acuujGS3WehssbhrwTOMsw+IzkPQXBSHZN2XErfwyXe43K6OHNw4m00Xn14dXafGUv6r4ucyNv5178/Nju6PXf6thb2dZp3xr4qV7SbvjlxyOSHFLXTW6z0Y7CAxg8VToecri4knU9NegA861XUeUe1X8MMBHOCA+mJp/gvwaSlPWkpT6YGfUttZ5UxaoiiLUzp21az8+hUq2VVM686PJQbRn5q+jg/M+ZX1fbbe/x7fQu9NMw/wAFwusVnd41mtZ9NHF/Kpo5W08bU+f7MfdNX80KIeB+Z8yas/M+ZXu+16yf+SWn9Si/lXw43YncjYrQfTQxfyr34sp/pT5/s8901/zQoiS3835l+Tp+ar1Pw/GZPHxqxu9NBF/KtJ2oVuDbOLCax+K49Pc6nVlFSuoYvDcOr3cvEb3+U6Dv5S2OU8XrkWqLMzVPfDC5sybdM1VVRpCpWgTTRc1TUPq6mWol4OOV5e7gYGt1J15NHIDzBcS6prEg7Fdk9w2sZWygjdLBaqUtluFW38FHrya3892hA9Z6BegVls1Bj9qpbVbKaOloqSNsUMLOjGgch5/T1J5qomz/AHnca2ZYvT2Gw4HUuDPDnqJbg1r6mUjwpHaRnme4dwAAWXm336939RhFMz/iXFx+iMILYoqfzb6+Tu17DFrOzycc0rvoIXQqN8/PZGkQWbHIfOYZnf8AuILnoqOVO9ztOn17Oaz02v5KiB0+U4rEVW87tYqtf/FAhB7oqKBv9xBfrUeUJqvO2r26bTa3Xtc2vLdfyMwi/dAWv1udZZcSTXZPe6nXr21dK76XIPS6apgp28U00cQ8r3Bv0rD1mdYpbtfduTWWm069tXRN+ly80ZqmaqdxTzyzO8sjy76UjpZZf6uCR/wWEpM6Mqaaqp0pjV6IVm3TZnQ69rm1kdp17KoEv7mq124b1OyqhJbHfp6xw7qeimPzloCo3HZLi/xaKf1t0+lc8eM3R550wZ53vaP4rCbtEb6oW6Nm5dfUtVT/AGz9luLjvo4NTktorPkFWe4mKKNp9ryfmWt3DfeYPBt2EyO/OqLgB8zWH6VXSPEq5x8OWnYPhE/QF24sOH4WtPxI/rKjnKtRxXbXJ3aNzdamPHSPrKXbjvpZnM1zaDH7FS69DL2spH7TQtUum9JtUuYLY77T0DT72ko4m6etwcfnWrR4lQN8eSok+MB9AXZZjtrj5+5Q/wCG9x/iopzrcbtV+3yQzqutNMfP7RLo3Xavn15193ZlfpWnqwVj2N+S0gLWKqrqK2QyVVRNUP6l0ry8/OVncpZS0kUFNT08MTnEyOLGgHQchz9qyuxTDDnm0yyWeSPjpRMKmr5cuxj8JwPp0DfjKxaue0p5zSbRwpw782JqiqY01081z937CP
			`</td>`
			`</tr>`

Go-live, ecosplay realm-as-code, and full theme coverage Go-live: - Switch keycloak from start-dev to start --import-realm (production mode with auto-build at boot, no Dockerfile needed yet). - Set KC_HOSTNAME=https://auth.e-cosplay.fr and KC_PROXY_HEADERS= xforwarded so Keycloak emits correct issuer URLs and trusts Caddy's X-Forwarded-* headers. - Replace deprecated KEYCLOAK_ADMIN env vars with KC_BOOTSTRAP_ADMIN_*. - Bind the public port to 127.0.0.1 only (Caddy is colocated). - Add a Keycloak healthcheck against /health/ready on the management port (9000) using bash /dev/tcp; init container now waits on service_healthy instead of service_started. Architecture: - New realms/ecosplay-realm.json mounted into /opt/keycloak/data/import and imported on first boot. Defines the dedicated 'ecosplay' realm (separate from master) with French i18n, brute-force protection, strong password policy, SES SMTP, and an OIDC client 'ecosplay-web' pointing at e-cosplay.fr (confidential + PKCE S256). Theme coverage: - themes/ecosplay/account: PatternFly v5 overlay (parent=keycloak.v2) bringing the neo-brutalist colors, thick borders, italic uppercase typography, and offset hard shadows to the user account console. - themes/ecosplay/email: branded HTML wrapper template (table layout with inline styles for email-client safety) plus a matching plain text wrapper. All Keycloak emails now ship with the E-Cosplay identity without needing per-template overrides. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-10 11:22:40 +02:00			`<!-- Main card -->`
			`<tr>`
Add E-Cosplay logo to login, account, and email themes - Bundle logo.jpg in the repo root as the source asset and copy it into themes/ecosplay/login/resources/img and themes/ecosplay/account/resources/img so Keycloak serves it under ${url.resourcesPath}/img/logo.jpg. - Login: render the logo above the auth card in a brutalist white frame (black border, offset hard shadow), 160x160. - Account console: inject a 64x64 brand mark in the masthead via a ::before pseudo-element on .pf-v5-c-masthead__brand using the theme's resources/img/logo.jpg as background. - Email: inline the logo as a base64 data URI (resized to 400x400 JPEG @ q82 ~14KB) directly in html/template.ftl, so external image blocking in mail clients does not hide it. Rendered as a 160x160 framed brand mark above the message body. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-10 14:45:31 +02:00			`<td style="background-color:#ffffff;border:4px solid #111827;border-top:0;padding:32px 32px 40px 32px;">`
Go-live, ecosplay realm-as-code, and full theme coverage Go-live: - Switch keycloak from start-dev to start --import-realm (production mode with auto-build at boot, no Dockerfile needed yet). - Set KC_HOSTNAME=https://auth.e-cosplay.fr and KC_PROXY_HEADERS= xforwarded so Keycloak emits correct issuer URLs and trusts Caddy's X-Forwarded-* headers. - Replace deprecated KEYCLOAK_ADMIN env vars with KC_BOOTSTRAP_ADMIN_*. - Bind the public port to 127.0.0.1 only (Caddy is colocated). - Add a Keycloak healthcheck against /health/ready on the management port (9000) using bash /dev/tcp; init container now waits on service_healthy instead of service_started. Architecture: - New realms/ecosplay-realm.json mounted into /opt/keycloak/data/import and imported on first boot. Defines the dedicated 'ecosplay' realm (separate from master) with French i18n, brute-force protection, strong password policy, SES SMTP, and an OIDC client 'ecosplay-web' pointing at e-cosplay.fr (confidential + PKCE S256). Theme coverage: - themes/ecosplay/account: PatternFly v5 overlay (parent=keycloak.v2) bringing the neo-brutalist colors, thick borders, italic uppercase typography, and offset hard shadows to the user account console. - themes/ecosplay/email: branded HTML wrapper template (table layout with inline styles for email-client safety) plus a matching plain text wrapper. All Keycloak emails now ship with the E-Cosplay identity without needing per-template overrides. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-10 11:22:40 +02:00			`<p style="margin:0 0 24px 0;color:#4f46e5;font-weight:900;text-transform:uppercase;letter-spacing:0.3em;font-size:11px;font-style:italic;">// Connexion sécurisée</p>`
			`<div style="font-size:16px;line-height:1.65;font-weight:600;color:#1f2937;font-style:normal;">`
			`<#nested>`
			`</div>`
			`</td>`
			`</tr>`

			`<!-- Yellow accent bar -->`
			`<tr>`
			`<td style="background-color:#facc15;border:4px solid #111827;border-top:0;padding:14px 24px;color:#111827;font-weight:900;text-transform:uppercase;letter-spacing:0.18em;font-size:11px;font-style:italic;text-align:center;">`
			`Communauté Inclusive // Hauts-de-France`
			`</td>`
			`</tr>`

			`<!-- Footer -->`
			`<tr>`
			`<td style="padding:24px 8px 0 8px;text-align:center;color:#6b7280;font-size:11px;font-weight:700;text-transform:uppercase;letter-spacing:0.1em;font-style:italic;line-height:1.6;">`
			`© E-Cosplay · <a href="https://www.e-cosplay.fr" style="color:#4f46e5;text-decoration:underline;">www.e-cosplay.fr</a><br/>`
			`Cet email vous a été envoyé suite à une action sur votre compte. Si vous n'êtes pas à l'origine de cette demande, ignorez ce message.`
			`</td>`
			`</tr>`
			`</table>`
			`</td>`
			`</tr>`
			`</table>`
			`</body>`
			`</html>`
			`</#macro>`