admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
591 Commits 1 Branch 0 Tags
381acd603ee3821fe169fe32c2c12bfe95ec402d
Commit Graph

19 Commits

Author SHA1 Message Date
Serreau Jovann
381acd603e Split Stripe webhooks into 2 endpoints: insta (payments) and leger (Connect) 
- /stripe/webhook → /webhooks/stripe/insta (paiements, payouts, disputes, subscriptions)
- /stripe/webhook/connect → /webhooks/stripe/leger (gestion comptes Connect)
- Rename env vars: STRIPE_WEBHOOK_SECRET → STRIPE_WEBHOOK_SECRET_INSTA,
  STRIPE_WEBHOOK_SECRET_CONNECT → STRIPE_WEBHOOK_SECRET_LEGER
- Update StripeService, CsrfProtectionSubscriber, vault, env files and all tests

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-01 14:07:49 +02:00
Serreau Jovann
622e1894ae aa 2026-03-30 13:43:06 +02:00
Serreau Jovann
918a52415d add new system for upgrade speed 2026-03-30 11:13:22 +02:00
Serreau Jovann
aa2add2696 fix error navbar 2026-03-26 09:42:20 +01:00
Serreau Jovann
7e9f99a88e fix error navbar 2026-03-26 09:37:28 +01:00
Serreau Jovann
7d81fa3604 Update ansible vault 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-24 10:05:07 +01:00
Serreau Jovann
d4e30abffb fix error navbar 2026-03-23 18:37:24 +01:00
Serreau Jovann
615e1c2eab Encrypt vault with updated Stripe webhook secrets 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-20 22:33:24 +01:00
Serreau Jovann
3e8eed4edb Split Stripe webhooks: /stripe/webhook for payouts, /stripe/webhook/connect for v2 Connect 
- Separate webhook routes with different secrets
- Add verifyConnectWebhookSignature() to StripeService
- Add STRIPE_WEBHOOK_SECRET_CONNECT env var
- Update vault with prod secrets for both endpoints

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-20 22:31:00 +01:00
Serreau Jovann
acc9e2a5b8 Add S/MIME private key to vault and deploy cert directory in Ansible playbook 
- Store smime_private_key in encrypted vault
- Add playbook tasks: create cert directory + deploy private key with 0600 permissions
- Certificate public already in git at config/cert/certificate.pem

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-20 16:38:02 +01:00
Serreau Jovann
0caf55e339 Add 120s timeout to SES SMTP mailer DSN to fix 451 timeout errors 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-20 16:21:41 +01:00
Serreau Jovann
10a19e20b1 Regenerate all vault passwords with strong random values and add webhook secret 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-20 13:37:34 +01:00
Serreau Jovann
96de9bac8f fix error navbar 2026-03-20 13:29:38 +01:00
Serreau Jovann
a328f2337c fix error navbar 2026-03-20 12:59:58 +01:00
Serreau Jovann
9bcb41306b Add conformite page, SonarQube badge proxy, coverage fixes, and code quality 
- Add /conformite page: PSD2/3DS/Stripe, SonarQube badges, CI/CD, security
- Create SonarBadgeController proxy to serve SonarQube badges without exposing token
- Store SonarQube badge token in ansible/vault.yml instead of env files
- Add Meilisearch coverage tests: search with results, search error, sync, delete
- Fix MeilisearchService delete catch block with comment
- Fix ESLint: use globalThis.confirm instead of window.confirm
- Fix accessibility: add for/id attributes to buyer creation form labels
- Add conformite link to site footer
- Add SonarBadgeControllerTest and LegalControllerTest for /conformite

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-19 14:25:04 +01:00
Serreau Jovann
160369f0f6 Add CI pipeline, Meilisearch service, CacheService and code quality tools 
- CI: lint, PHPStan, PHP CS Fixer, ESLint, Stylelint, security audit, build
- MeilisearchService: async via Messenger, sync search
- MeilisearchMessage + handler for async operations
- CacheService with CacheKey enum (TTL per key, remember pattern)
- Meilisearch env vars in .env.local, vault and env.local.j2
- Messenger routing for MeilisearchMessage
- PHPStan level 6, ESLint, Stylelint configs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 22:08:54 +01:00
Serreau Jovann
46a84a9f9a Merge deploy playbooks, add env.local template, update MailerService 
- Fuse deploy-caddy.yml and cloudflare.yml into deploy.yml
- Add env.local.j2 template for production secrets
- Vault: add all production secrets
- Workflow: single deploy.yml playbook
- MailerService: rewrite with S/MIME signing, email tracking, unsubscribe
- ngrok-sync: run as root for .env.local write access
- Fix domain references to ticket.e-cosplay.fr

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 21:24:31 +01:00
Serreau Jovann
e3de0da1bf Add Cloudflare automation, ngrok tunnel, fix Dockerfiles 
- Ansible cloudflare.yml: DNS, SSL, HSTS, Brotli, bot fight, SEO bots allow
- Vault: add cloudflare_zone_id
- Workflow: run cloudflare config before deploy
- docker-compose-dev: add ngrok tunnel, vault, minio
- Ngrok sync script: writes OUTSIDE_URL to .env.local
- Fix Dockerfiles: remove mbstring/xml (built-in PHP 8.4), fix libfreetype-dev
- Makefile: maintenance_on/off, clear_prod
- Playbook: stop_prod, install_prod, start_prod, migrate, clear steps

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 21:06:11 +01:00
Serreau Jovann
f822a9a069 Add deployment pipeline, maintenance page and project config 
- Makefile: install_dev, install_prod, migration/migrate commands
- docker-compose-dev: add Caddy and Bun services
- docker-compose-prod: remove exposed pgbouncer port
- Ansible: Caddy template with maintenance mode (503), vault, deploy playbook
- Gitea workflow: manual deploy to production
- Maintenance page (Neubrutalism style)
- LICENSE: proprietary license

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 20:40:40 +01:00