feat: Ansible: Ajoute config Caddy et améliorations

Ajout config Caddy et améliorations playbook Ansible.

ansible/playbook.yml

@@ -25,11 +25,13 @@
         when: ansible_os_family == "Debian"
 
       - name: Installation des dépendances pour le module Ansible PostgreSQL
+          # Installe python3-psycopg2, nécessaire pour que les modules Ansible puissent communiquer avec PostgreSQL.
         ansible.builtin.apt:
             name: python3-psycopg2
             state: present
             update_cache: true
         when: ansible_os_family == "Debian"
+
       - name: Installation de PHP 8.3 et PHP 8.3-FPM avec les dépendances
           # Installe PHP 8.3, PHP-FPM et toutes les extensions nécessaires pour Symfony,
           # ainsi que le support Redis, Imagemagick, FFmpeg et PostgreSQL.
@@ -55,13 +57,15 @@
                 - ffmpeg             # Outil en ligne de commande pour la manipulation audio/vidéo
             state: present
         when: ansible_os_family == "Debian"
-      - name: Creates directory
-        ansible.builtin.file:
-            path: "{{path}}/var"
-            owner: www-data
-            group: www-data
-            mode: 0777
-            state: directory
+
+      - name: Démarrage et activation du service PHP 8.3 FPM
+          # S'assure que le service PHP 8.3 FPM est démarré et configuré pour démarrer au boot.
+        ansible.builtin.systemd:
+            name: php8.3-fpm
+            state: started
+            enabled: yes
+        when: ansible_os_family == "Debian"
+
       - name: Créer le fichier .env.local avec les secrets de production
           # Crée le fichier .env.local avec les variables d'environnement pour la production.
         ansible.builtin.copy:
@@ -70,8 +74,20 @@
                 VITE_LOAD=1
                 DATABASE_URL="postgresql://{{ db_user }}:{{ db_password }}@127.0.0.1:5432/{{ db_name }}?serverVersion=16&charset=utf8"
                 REDIS_DSN="redis://{{ redis_password }}@127.0.0.1:{{ redis_port }}"
+                REDIS_URL="redis://{{ redis_password }}@127.0.0.1:{{ redis_port }}"
+                MESSENGER_TRANSPORT_DSN="redis://{{ redis_password }}@127.0.0.1:{{ redis_port }}/messages"
+                APP_SECRET=939bbc67038c2e2d1232d86fc605bf2f
             dest: "{{ path }}/.env.local"
         when: ansible_os_family == "Debian"
+
+      - name: Creates directory
+        ansible.builtin.file:
+            path: "{{path}}/var"
+            owner: www-data
+            group: www-data
+            mode: 0777
+            state: directory
+
       - name: Creates directory log
         ansible.builtin.file:
             path: "{{path}}/var/log"
@@ -79,17 +95,13 @@
             group: www-data
             mode: 0777
             state: directory
-      - name: Supervisor config
-        ansible.builtin.template:
-            src: supervisor.j2
-            dest: "/etc/supervisor/conf.d/mainframe.conf"
-            mode: '0644'
-      - name: Reread Supervisor configuration
-        command: supervisorctl reread
-
-      - name: Update Supervisor (add/remove updated programs)
-        command: supervisorctl update
-
+      - name: Creates directory log
+        ansible.builtin.file:
+            path: "{{path}}/public/media"
+            owner: www-data
+            group: www-data
+            mode: 0777
+            state: directory
       - name: Exécuter 'composer install' dans le répertoire de l'application
           # Installe les dépendances PHP de production.
         ansible.builtin.command: composer install --no-dev --optimize-autoloader
@@ -111,3 +123,100 @@
         args:
             chdir: "{{ path }}"
         when: ansible_os_family == "Debian"
+
+      - name: Creates directory
+        ansible.builtin.file:
+            path: "{{path}}/var"
+            owner: www-data
+            group: www-data
+            mode: 0777
+            state: directory
+
+      - name: Creates directory log
+        ansible.builtin.file:
+            path: "{{path}}/var/log"
+            owner: www-data
+            group: www-data
+            mode: 0777
+            state: directory
+      - name: Creates directory log
+        ansible.builtin.file:
+            path: "{{path}}/public/media"
+            owner: www-data
+            group: www-data
+            mode: 0777
+            state: directory
+
+      - name: Supervisor config
+        ansible.builtin.template:
+            src: supervisor.j2
+            dest: "/etc/supervisor/conf.d/mainframe.conf"
+            mode: '0644'
+
+      - name: Reread Supervisor configuration
+        command: supervisorctl reread
+
+      - name: Update Supervisor (add/remove updated programs)
+        command: supervisorctl update
+
+      # --- Début de la section de purge Redis ---
+      - name: Purger la base de données Redis
+          # Exécute FLUSHALL pour vider toutes les clés de toutes les bases de données du serveur Redis.
+          # Utile pour s'assurer que le cache est propre après un déploiement.
+        ansible.builtin.command: "redis-cli -p {{ redis_port }} -a {{ redis_password }} FLUSHALL"
+        when: ansible_os_family == "Debian"
+
+      # --- Fin de la section de purge Redis ---
+      - name: Generate Caddy site configuration
+        ansible.builtin.template:
+            src: caddy.j2
+            dest: "/etc/caddy/sites/mainframe.conf"
+            mode: '0644'
+
+      - name: Reload Caddy to apply new configuration
+        systemd:
+            name: caddy
+            state: reloaded
+            enabled: yes
+
+      - name: Exécuter cache:clear dans le répertoire de l application
+        ansible.builtin.command: php bin/console cache:clear
+        become: false
+        args:
+            chdir: "{{ path }}"
+        when: ansible_os_family == "Debian"
+      - name: Creates directory log
+        ansible.builtin.file:
+            path: "{{path}}/public/media"
+            owner: www-data
+            group: www-data
+            mode: 0777
+            state: directory
+      - name: Exécuter liip:imagine:cache:remove dans le répertoire de l application
+        ansible.builtin.command: php bin/console liip:imagine:cache:remove
+        become: false
+        args:
+            chdir: "{{ path }}"
+        when: ansible_os_family == "Debian"
+      - name: Creates directory
+        ansible.builtin.file:
+            path: "{{path}}/var"
+            owner: www-data
+            group: www-data
+            mode: 0777
+            state: directory
+
+      - name: Creates directory log
+        ansible.builtin.file:
+            path: "{{path}}/var/log"
+            owner: www-data
+            group: www-data
+            mode: 0777
+            state: directory
+      - name: Creates directory log
+        ansible.builtin.file:
+            path: "{{path}}/public/media"
+            owner: www-data
+            group: www-data
+            mode: 0777
+            state: directory

ansible/templates/caddy.j2

@@ -0,0 +1,21 @@
+mainframe.esy-web.dev {
+    tls {
+        dns cloudflare bnbe6SmF2kYBnDi4rEeoPI0wNXeFDWn0xZv7Dnfp
+    }
+    root * {{ path }}/public
+
+    file_server
+    request_body {
+        max_size 100MB
+    }
+    header {
+        Permissions-Policy "accelerometer=(), autoplay=(), camera=(), clipboard-write=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), usb=(), vr=(), screen-wake-lock=(), xr-spatial-tracking=(), bluetooth=(), ambient-light-sensor=(), battery=(), gamepad=(), notifications=(), push=()"
+    }
+
+    php_fastcgi unix//run/php/php8.3-fpm.sock {
+        read_timeout 300s
+        write_timeout 300s
+        dial_timeout 100s
+        env HTTP_PROXY ""
+    }
+}