The PHP container user needs the docker group to read the socket.
Uses DOCKER_GID env var in dev (defaults to 989) and dynamic GID
detection via Ansible stat in prod.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Complete rewrite of /admin/infra into 4 columns:
- Col 1 (Serveur): CPU, RAM, Disk, System, Services (Caddy, Docker, SSL cert)
- Col 2 (Containers): All Docker containers with CPU%, RAM, state via Docker API
- Col 3 (Redis): Global stats + per-DB (Messenger, Sessions, Cache)
- Col 4 (PostgreSQL): Instance stats + PgBouncer pools/stats
Extract all infra logic into InfraService. Mount Docker socket (read-only)
in PHP container for container stats. Check SSL cert expiry and Caddy status.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add pgbouncer service to docker-compose-dev.yml with dev config
- Route DATABASE_URL through pgbouncer:6432 in dev (matches prod)
- Add PgBouncer pools and stats tables to /admin/infra with color-coded
avg query/xact times and client waiting indicators
- php, messenger, cron now depend on pgbouncer instead of database directly
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The getmeili/meilisearch image (Debian slim) has neither curl nor wget,
so healthcheck commands always fail. Use condition: service_started
and rely on Messenger retry mechanism for brief startup delays.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The getmeili/meilisearch image does not include curl, causing the
healthcheck to fail and blocking messenger startup.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add toggle online/offline and delete routes in AdminController
- Add action buttons (En ligne, Modifier, Supprimer) in admin events template
- Bypass requireEventOwnership and requireStripeReady for ROLE_ROOT so admin can edit any event
- Add Meilisearch healthcheck and depends_on in messenger service (prod + dev)
- Add tests for all new admin routes and ROLE_ROOT bypass
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Remove s3_client service from services.yaml
- Remove S3_* env vars from .env and env.local.j2
- Remove Minio service and volume from docker-compose-dev.yml
- Remove league/flysystem-aws-s3-v3 from composer.json
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- JSON-LD: Organization, WebSite with SearchAction, BreadcrumbList
- SitemapController: sitemapindex with main + paginated events (images/videos)
- RobotsController: dynamic robots.txt with sitemap URL
- SearchController: /search with Meilisearch (TODO)
- Meilisearch added to dev and prod docker-compose
- Breadcrumbs added to all controllers
- .well-known: security.txt, humans.txt, dnt-policy.txt
- PGP public key in public/key.asc
- SecurityController: /mot-de-passe + .well-known/change-password route
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fuse deploy-caddy.yml and cloudflare.yml into deploy.yml
- Add env.local.j2 template for production secrets
- Vault: add all production secrets
- Workflow: single deploy.yml playbook
- MailerService: rewrite with S/MIME signing, email tracking, unsubscribe
- ngrok-sync: run as root for .env.local write access
- Fix domain references to ticket.e-cosplay.fr
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add WORKDIR /app to dev and prod Dockerfiles
- Rename database from e-ticket to e_ticket (PostgreSQL compat)
- purge_dev: remove only containers and volumes, keep images
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Reset templates: clean base.html.twig + new email base template
- Remove old templates (account, legal, security, emails, etc.)
- Add Caddy service to docker-compose-dev
- Add ansible hosts.ini for production deployment
- Add .gitea/CODEOWNERS
- Clean app.scss
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Separate PHP Dockerfiles (dev/prod) with extensions and prod opcache/php.ini optimization
- docker-compose-dev: PHP, PostgreSQL, Redis, Messenger, Mailpit, RedisInsight
- docker-compose-prod: 2x PHP replicas, PgSQL master/slave with PgBouncer, 2x Messenger, Redis
- Makefile with build/start/stop/purge commands
- AGENT.md to restrict AI access to the repository
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
