- ApiSandboxController: reduce scan() returns from 4 to 3 via ternary
- ApiDocController: add MIME_JSON constant, extract buildInsomniaRequest()
and buildInsomniaBody() to reduce cognitive complexity
- Store sessions in Redis to fix SSO disconnect with 2 PHP replicas
(round-robin load balancing caused session loss on filesystem storage)
- Configure session cookie: 24h lifetime, secure auto, samesite lax
- Replace Caddy analytics proxies (/stats/*, /assets/perf.js, /sperf)
with direct URLs to tools-security.esy-web.dev and cloudflareinsights.com
- Update JS tests for new direct analytics URLs
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create unavailable.html static page with neo-brutalist design and retry button
- Add handle_errors in Caddy for 502/503: serve unavailable.html
- Add dial/read/write timeouts to php_fastcgi (5s/30s/30s)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- sw.js regenerated by Workbox with full cache strategies
- Add screen.png, site.webmanifest, workbox/*, idb/*, pwa/* to Caddy static paths
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add favicon.png link and apple-touch-icon in base.html.twig
- Add theme-color meta tag (#fabf04)
- Add pwa_dev and pwa_prod Makefile commands
- Add PWA asset generation step in Ansible playbook after cache clear
- Update Caddy static paths for favicon.png, marker.png, manifest.json, sw.js
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
PHP-FPM speaks FastCGI protocol, not HTTP. Caddy must use php_fastcgi
directive with file_server and try_files for proper Symfony routing.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add static file handler for logo.png, favicon.ico, build/*, uploads/* before maintenance check
- Update reverse_proxy ports from 9000-9001 to 4578-4579
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
