From 507500e20d85084f37d14945d459321224c04353 Mon Sep 17 00:00:00 2001
From: Serreau Jovann <jovann@siteconseil.fr>
Date: Wed, 18 Mar 2026 20:52:01 +0100
Subject: [PATCH] Update deployment pipeline, Makefile and README

- Makefile: add install_dev, install_prod, migrations, clear_prod, maintenance commands
- Playbook: full deploy flow (maintenance, stop, install, start, migrate, clear, caddy, messenger)
- Supervisor config for 2 messenger instances
- Workflow: SSH key setup with server IP
- hosts.ini: use IP instead of domain, sudo without password
- README: full documentation

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .gitea/workflows/deploy.yml |   9 ++-
 Makefile                    |  14 ++++-
 README.md                   | 119 +++++++++++++++++++++++++++++++-----
 ansible/deploy-caddy.yml    |  49 +++++++++++++++
 ansible/hosts.ini           |   2 +-
 ansible/messenger.j2        |  12 ++++
 6 files changed, 188 insertions(+), 17 deletions(-)
 create mode 100644 ansible/messenger.j2

diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
index 5271314..292ed5b 100644
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -13,5 +13,12 @@ jobs:
       - name: Install Ansible
         run: apt-get update && apt-get install -y ansible
 
-      - name: Deploy Caddy config
+      - name: Setup SSH key
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
+          chmod 600 ~/.ssh/id_ed25519
+          ssh-keyscan 34.90.187.4 >> ~/.ssh/known_hosts
+
+      - name: Deploy
         run: ansible-playbook -i ansible/hosts.ini ansible/deploy-caddy.yml --vault-password-file <(echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}")
diff --git a/Makefile b/Makefile
index 861a924..6bc51e9 100644
--- a/Makefile
+++ b/Makefile
@@ -32,7 +32,7 @@ install_dev: ## Install les dependances dev via Docker
 	docker compose -f docker-compose-dev.yml exec bun bun install
 
 install_prod: ## Install les dependances et build les assets pour la prod
-	composer install --no-dev --optimize-autoloader
+	docker compose -f docker-compose-prod.yml exec php composer install --no-dev --optimize-autoloader
 	bun install
 	bun run build
 
@@ -45,3 +45,15 @@ migrate_dev: ## Execute les migrations via Docker dev
 
 migrate_prod: ## Execute les migrations en prod via Docker
 	docker compose -f docker-compose-prod.yml exec php php bin/console doctrine:migrations:migrate --no-interaction --env=prod
+
+## —— Cache ————————————————————————————————————————
+clear_prod: ## Clear le cache Symfony et le pool opcache en prod via Docker
+	docker compose -f docker-compose-prod.yml exec php php bin/console cache:clear --env=prod
+	docker compose -f docker-compose-prod.yml exec php php bin/console cache:pool:clear --all --env=prod
+
+## —— Maintenance ——————————————————————————————————
+maintenance_on: ## Active le mode maintenance
+	touch public/.update
+
+maintenance_off: ## Desactive le mode maintenance
+	rm -f public/.update
diff --git a/README.md b/README.md
index 04982b8..c8a9a4d 100644
--- a/README.md
+++ b/README.md
@@ -1,31 +1,122 @@
 # E-Ticket
 
-Plateforme destinée aux associations pour la vente de tickets événementiels, la réservation de tables, l'organisation de brocantes et le vote en ligne.
+Plateforme destinee aux associations pour la vente de tickets evenementiels, la reservation de tables, l'organisation de brocantes et le vote en ligne.
 
 ## Stack technique
 
-- Symfony 8
-- PHP 8.4
-- PostgreSQL
+| Composant | Technologie |
+|-----------|-------------|
+| Backend | Symfony 8 / PHP 8.4 |
+| Base de donnees | PostgreSQL 16 |
+| Cache / Queue | Redis 7 |
+| Async | Symfony Messenger |
+| Frontend | Bun / Vite / Tailwind CSS |
+| Serveur web | Caddy |
+| Email | Amazon SES |
+| DNS / CDN | Cloudflare |
+| Deploiement | Ansible / Gitea Actions |
+
+## Architecture
+
+### Developpement
+
+| Service | Port |
+|---------|------|
+| Caddy (web) | `localhost:8000` |
+| Vite (HMR) | `localhost:5173` |
+| PostgreSQL | `localhost:5432` |
+| Redis | `localhost:6379` |
+| Mailpit (SMTP) | `localhost:1025` |
+| Mailpit (UI) | `localhost:8025` |
+| RedisInsight | `localhost:5540` |
+
+### Production
+
+- 2x PHP-FPM (load balancing via Caddy)
+- PostgreSQL master / slave (replication)
+- PgBouncer (connection pooling)
+- 2x Messenger workers
 - Redis
-- Messenger
-- Amazon SES
-- Cloudflare
+- Caddy installe sur la machine hote
 
-## Prérequis
+## Prerequis
 
-- PHP 8.4+
-- Composer
-- Symfony CLI
+- Docker & Docker Compose
+- Make
 
 ## Installation
 
 ```bash
-composer install
+# Build les images
+make build_dev
+
+# Lance les containers
+make start_dev
+
+# Install les dependances
+make install_dev
 ```
 
-## Lancement
+## Commandes disponibles
 
 ```bash
-symfony server:start
+make help
 ```
+
+| Commande | Description |
+|----------|-------------|
+| `make build_dev` | Build les images Docker dev |
+| `make build_prod` | Build les images Docker prod |
+| `make start_dev` | Lance les containers dev |
+| `make start_prod` | Lance les containers prod (background) |
+| `make stop_dev` | Arrete les containers dev |
+| `make stop_prod` | Arrete les containers prod |
+| `make purge_dev` | Arrete et purge tout (volumes, images) |
+| `make install_dev` | Install les dependances via Docker |
+| `make install_prod` | Install les dependances et build les assets |
+| `make migration_dev` | Genere une migration |
+| `make migrate_dev` | Execute les migrations en dev |
+| `make migrate_prod` | Execute les migrations en prod |
+
+## Base de donnees
+
+### Dev
+
+| Param | Valeur |
+|-------|--------|
+| Host | `localhost` |
+| Port | `5432` |
+| Database | `e-ticket` |
+| User | `app` |
+| Password | `secret` |
+
+### Prod
+
+PostgreSQL master/slave avec PgBouncer. Replication streaming asynchrone.
+
+## Deploiement
+
+Le deploiement se fait via Gitea Actions (declenchement manuel) + Ansible.
+
+```bash
+# Deployer la config Caddy
+ansible-playbook -i ansible/hosts.ini ansible/deploy-caddy.yml --ask-vault-pass
+```
+
+### Mode maintenance
+
+Pour activer la maintenance :
+
+```bash
+touch /var/www/e-ticket/public/.update
+```
+
+Pour desactiver :
+
+```bash
+rm /var/www/e-ticket/public/.update
+```
+
+## Licence
+
+Licence proprietaire. Voir [LICENSE.md](LICENSE.md).
diff --git a/ansible/deploy-caddy.yml b/ansible/deploy-caddy.yml
index 6f45733..16fbdca 100644
--- a/ansible/deploy-caddy.yml
+++ b/ansible/deploy-caddy.yml
@@ -5,6 +5,12 @@
   vars_files:
     - vault.yml
 
+  pre_tasks:
+    - name: Enable maintenance mode
+      command: make maintenance_on
+      args:
+        chdir: /var/www/e-ticket
+
   tasks:
     - name: Ensure Caddy sites directory exists
       file:
@@ -14,6 +20,31 @@
         group: root
         mode: "0755"
 
+    - name: Stop production containers
+      command: make stop_prod
+      args:
+        chdir: /var/www/e-ticket
+
+    - name: Install dependencies and build assets
+      command: make install_prod
+      args:
+        chdir: /var/www/e-ticket
+
+    - name: Start production containers
+      command: make start_prod
+      args:
+        chdir: /var/www/e-ticket
+
+    - name: Run migrations
+      command: make migrate_prod
+      args:
+        chdir: /var/www/e-ticket
+
+    - name: Clear cache
+      command: make clear_prod
+      args:
+        chdir: /var/www/e-ticket
+
     - name: Deploy Caddy config
       template:
         src: caddy.j2
@@ -23,8 +54,26 @@
         mode: "0644"
       notify: Reload Caddy
 
+    - name: Deploy Messenger supervisor config
+      template:
+        src: messenger.j2
+        dest: /etc/supervisor/conf.d/e-ticket.conf
+        owner: root
+        group: root
+        mode: "0644"
+      notify: Reload Supervisor
+
+  post_tasks:
+    - name: Disable maintenance mode
+      command: make maintenance_off
+      args:
+        chdir: /var/www/e-ticket
+
   handlers:
     - name: Reload Caddy
       systemd:
         name: caddy
         state: reloaded
+
+    - name: Reload Supervisor
+      command: supervisorctl reread && supervisorctl update
diff --git a/ansible/hosts.ini b/ansible/hosts.ini
index cfc0775..af0181a 100644
--- a/ansible/hosts.ini
+++ b/ansible/hosts.ini
@@ -1,5 +1,5 @@
 [production]
-ticket.e-cosplay.fr ansible_user=bot
+34.90.187.4 ansible_user=bot ansible_become=yes ansible_become_method=sudo
 
 [production:vars]
 deploy_path=/var/www/e-ticket/
diff --git a/ansible/messenger.j2 b/ansible/messenger.j2
new file mode 100644
index 0000000..2c360e3
--- /dev/null
+++ b/ansible/messenger.j2
@@ -0,0 +1,12 @@
+[program:e-ticket-messenger]
+command=docker compose -f /var/www/e-ticket/docker-compose-prod.yml exec php php bin/console messenger:consume async --time-limit=3600 --memory-limit=256M --limit=500
+directory=/var/www/e-ticket
+user=bot
+numprocs=2
+process_name=%(program_name)s_%(process_num)02d
+autostart=true
+autorestart=true
+startsecs=0
+startretries=10
+stdout_logfile=/var/log/supervisor/e-ticket-messenger-%(process_num)02d.log
+stderr_logfile=/var/log/supervisor/e-ticket-messenger-%(process_num)02d-error.log