admin/ludikevent_crm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(command): Crée une commande pour l'envoi automatisé d'emails de suivi.

Browse Source 
'Traitement des contrats en attente de signature'
This commit is contained in:
Serreau Jovann
2026-01-29 16:04:13 +01:00
parent c652f91064
commit ce54b49b6e
1 changed files with 76 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

193
ansible/playbook.yml
View File

@@ -11,37 +11,37 @@
db_password: "ludikevent" db_password: "ludikevent"
redis_password: "ludikevent" redis_password: "ludikevent"
redis_port: "20110" redis_port: "20110"
# Assurez-vous que 'path' est définie dans votre inventaire ou comme extra-var # path: /var/www/mainframe/app (à définir dans l'inventaire)
# Exemple: path: /var/www/mainframe/app
tasks: tasks:
- name: Exécuter 'composer install' dans le répertoire de l'application - name: Exécuter 'composer install' dans le répertoire de l'application
ansible.builtin.command: composer install --no-dev --optimize-autoloader ansible.builtin.command: composer install --no-dev --optimize-autoloader
become: false # Run as the connection user (e.g., 'bot') become: false
args: args:
chdir: "{{ path }}" chdir: "{{ path }}"
when: ansible_os_family == "Debian" when: ansible_os_family == "Debian"
- name: Send a message to the Discord channel
community.general.discord:
webhook_id: "1419573620602044518"
webhook_token: "ikAdxWxsrrTqMTb5Gh_8ylcoJHlOnq7aJZvR5udoS_fCK56Jk3qpEnJHVKdD8fwuNJF3"
content: "Mise à jour du intranet ludikevent https://intranet.ludikevent.fr"
- name: Installer le support ACL pour corriger les permissions de 'become_user' - name: Send a message to the Discord channel
community.general.discord:
webhook_id: "1419573620602044518"
webhook_token: "ikAdxWxsrrTqMTb5Gh_8ylcoJHlOnq7aJZvR5udoS_fCK56Jk3qpEnJHVKdD8fwuNJF3"
content: "Mise à jour du intranet ludikevent https://intranet.ludikevent.fr"
- name: Installer le support ACL pour corriger les permissions
ansible.builtin.apt: ansible.builtin.apt:
name: acl name: acl
state: present state: present
update_cache: true update_cache: true
when: ansible_os_family == "Debian" when: ansible_os_family == "Debian"
- name: Installation des dépendances pour le module Ansible PostgreSQL - name: Installation des dépendances PostgreSQL pour Ansible
ansible.builtin.apt: ansible.builtin.apt:
name: python3-psycopg2 name: python3-psycopg2
state: present state: present
update_cache: true update_cache: true
when: ansible_os_family == "Debian" when: ansible_os_family == "Debian"
- name: Installation de PHP 8.3 et PHP 8.3-FPM avec les dépendances - name: Installation de PHP 8.4 et dépendances
ansible.builtin.apt: ansible.builtin.apt:
name: name:
- php8.4 - php8.4
@@ -65,14 +65,13 @@
state: present state: present
when: ansible_os_family == "Debian" when: ansible_os_family == "Debian"
- name: Démarrage et activation du service PHP 8.3 FPM - name: Démarrage de PHP 8.4-FPM
ansible.builtin.systemd: ansible.builtin.systemd:
name: php8.4-fpm name: php8.4-fpm
state: started state: started
enabled: yes enabled: yes
when: ansible_os_family == "Debian"
- name: Créer le fichier .env.local avec les secrets de production - name: Créer le fichier .env.local
ansible.builtin.copy: ansible.builtin.copy:
content: | content: |
APP_ENV=prod APP_ENV=prod
@@ -93,48 +92,25 @@
DEFAULT_URI=https://reservation.ludikevent.fr DEFAULT_URI=https://reservation.ludikevent.fr
INTRANET_LOCK=false INTRANET_LOCK=false
dest: "{{ path }}/.env.local" dest: "{{ path }}/.env.local"
when: ansible_os_family == "Debian"
# --- Initial creation of essential directories with correct ownership --- - name: Configuration des dossiers de base
# These directories should exist before composer runs, but composer might create subdirs.
- name: Ensure app/var and public/media directories exist with correct owner/group
ansible.builtin.file:
path: "{{ item }}"
owner: bot # Assuming 'bot' is your deployment user
group: www-data
mode: '0775' # Allow 'bot' and 'www-data' to read/write/execute
state: directory
recurse: yes # Important to ensure subdirectories created by previous deploys also get permissions
loop:
- "{{ path }}/var"
- "{{ path }}/var/log" # Specific for log, though var/log might be created by composer later
- "{{ path }}/public/media" # For uploads
- "{{ path }}/public/images" # For uploads
- "{{ path }}/public/pdf" # For uploads
- "{{ path }}/public/seo" # For uploads
- "{{ path }}/public/tmp-sign" # For upload
- "{{ path }}/sauvegarde"
# --- POST-COMPOSER PERMISSION FIXES ---
# This is crucial because composer creates var/cache as the `become: false` user
- name: Set correct permissions for Symfony cache and logs directories
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
owner: bot owner: bot
group: www-data group: www-data
mode: '0775' # rwx for owner and group, rx for others mode: '0775'
state: directory state: directory
recurse: yes # Apply to all contents
loop: loop:
- "{{ path }}/var/cache" - "{{ path }}/var"
- "{{ path }}/var/log" - "{{ path }}/var/log"
# For web-writable directories created by the app itself (e.g., uploads), you might set ACLs - "{{ path }}/public/media"
# or chown to www-data and then your user gets access via group membership. - "{{ path }}/public/images"
- "{{ path }}/public/pdf"
- "{{ path }}/public/seo"
- "{{ path }}/public/tmp-sign"
- "{{ path }}/sauvegarde"
# Alternative for cache/log permissions using ACLs (more robust for mixed ownership) - name: ACL pour Symfony (www-data rwx)
# This requires 'acl' package installed (which you already do).
# Use this if 'bot' needs to own, but www-data needs to write.
- name: Set ACLs for Symfony cache and logs (recommended for web-writable dirs)
ansible.builtin.acl: ansible.builtin.acl:
path: "{{ item }}" path: "{{ item }}"
entity: www-data entity: www-data
@@ -142,25 +118,19 @@
permissions: rwx permissions: rwx
state: present state: present
recursive: yes recursive: yes
default: yes # Apply default ACLs for new files/dirs within default: yes
loop: loop:
- "{{ path }}/var/cache" - "{{ path }}/var/cache"
- "{{ path }}/var/log" - "{{ path }}/var/log"
when: ansible_os_family == "Debian" # ACLs are Linux-specific
- name: Exécuter bun install dans le répertoire de l application - name: Bun install & build
ansible.builtin.command: bun install ansible.builtin.command: "{{ item }}"
become: false become: false
args: args:
chdir: "{{ path }}" chdir: "{{ path }}"
when: ansible_os_family == "Debian" loop:
- "bun install"
- name: Exécuter bun build dans le répertoire de l application - "bun run build"
ansible.builtin.command: bun run build
become: false
args:
chdir: "{{ path }}"
when: ansible_os_family == "Debian"
- name: Supervisor config - name: Supervisor config
ansible.builtin.template: ansible.builtin.template:
@@ -168,41 +138,39 @@
dest: "/etc/supervisor/conf.d/mainframe.conf" dest: "/etc/supervisor/conf.d/mainframe.conf"
mode: '0644' mode: '0644'
- name: Reread Supervisor configuration - name: Reload Supervisor
ansible.builtin.command: supervisorctl reread ansible.builtin.command: "{{ item }}"
changed_when: true # Always mark as changed, as output is not always useful for idempotency loop:
- "supervisorctl reread"
- "supervisorctl update"
- name: Update Supervisor (add/remove updated programs) - name: Purger Redis
ansible.builtin.command: supervisorctl update
changed_when: true
- name: Purger la base de données Redis
ansible.builtin.command: "redis-cli -p {{ redis_port }} -a {{ redis_password }} FLUSHALL" ansible.builtin.command: "redis-cli -p {{ redis_port }} -a {{ redis_password }} FLUSHALL"
when: ansible_os_family == "Debian"
- name: Generate Caddy site configuration - name: Caddy config
ansible.builtin.template: ansible.builtin.template:
src: caddy.j2 src: caddy.j2
dest: "/etc/caddy/sites/ludikevent.conf" dest: "/etc/caddy/sites/ludikevent.conf"
mode: '0644' mode: '0644'
- name: Reload Caddy to apply new configuration - name: Reload Caddy
ansible.builtin.systemd: ansible.builtin.systemd:
name: caddy name: caddy
state: reloaded state: reloaded
enabled: yes
- name: Exécuter doctrine:migration:migrate dans le répertoire de l application - name: Symfony Tasks (Migrations, Cache, Warmup)
ansible.builtin.command: php bin/console doctrine:migrations:migrate --no-interaction ansible.builtin.command: "php bin/console {{ item }} --no-interaction"
become: false become: false
args: args:
chdir: "{{ path }}" chdir: "{{ path }}"
when: ansible_os_family == "Debian" loop:
- name: Exécuter cache:clear dans le répertoire de l application - "doctrine:migrations:migrate"
ansible.builtin.command: php bin/console cache:clear - "cache:clear"
become: false - "liip:imagine:cache:remove"
args: - "app:images:warmup"
chdir: "{{ path }}" - "pwa:compile"
when: ansible_os_family == "Debian" - "app:sitemap"
- name: S'assurer que le fichier update.json a les bonnes permissions - name: S'assurer que le fichier update.json a les bonnes permissions
ansible.builtin.file: ansible.builtin.file:
path: "{{ path }}/var/update.json" path: "{{ path }}/var/update.json"
@@ -211,71 +179,62 @@
mode: '0664' mode: '0664'
state: file state: file
ignore_errors: yes ignore_errors: yes
- name: Exécuter liip:imagine:cache:remove dans le répertoire de l application
ansible.builtin.command: php bin/console liip:imagine:cache:remove # --- CRON TASKS ---
become: false - name: "Cron Task - Unsigned Contracts (Relance & Annulation)"
args: ansible.builtin.cron:
chdir: "{{ path }}" name: "Intranet Ludikevent - Unsigned Contracts Expired"
- name: Exécuter app:images:warmup dans le répertoire de l application minute: "0"
ansible.builtin.command: php bin/console app:images:warmup hour: "12"
become: false job: "php {{ path }}/bin/console app:un-signed:expired"
args: user: root
chdir: "{{ path }}" state: present
when: ansible_os_family == "Debian" # Added a when condition here, often missed
- name: Exécuter pwa:compile dans le répertoire de l application
ansible.builtin.command: php -d memory_limit=-1 bin/console pwa:compile
become: false
args:
chdir: "{{ path }}"
- name: Exécuter pwa:compile dans le répertoire de l application
ansible.builtin.command: php bin/console app:sitemap
become: false
args:
chdir: "{{ path }}"
- name: "Cron Task Search" - name: "Cron Task Search"
ansible.builtin.cron: ansible.builtin.cron:
name: "Intranet Ludikevent - Search" name: "Intranet Ludikevent - Search"
minute: "*/5" minute: "*/5"
job: "php {{ path }}/bin/console app:search" job: "php {{ path }}/bin/console app:search"
user: root user: root
- name: "Cron Task Search"
- name: "Cron Task Stripe"
ansible.builtin.cron: ansible.builtin.cron:
name: "Intranet Ludikevent - Stripe" name: "Intranet Ludikevent - Stripe"
minute: "0" minute: "0"
hour: "1" hour: "1"
job: "php {{ path }}/bin/console app:stripe:sync" job: "php {{ path }}/bin/console app:stripe:sync"
user: root user: root
- name: "Cron Task Search"
- name: "Cron Task Backup"
ansible.builtin.cron: ansible.builtin.cron:
name: "Intranet Ludikevent - Backup" name: "Intranet Ludikevent - Backup"
minute: "0" minute: "0"
hour: "*/6" hour: "*/6"
job: "php {{ path }}/bin/console app:backup" job: "php {{ path }}/bin/console app:backup"
user: "root" user: "root"
state: present
- name: "Cron Task - Clean Data (Performance & Tracking)" - name: "Cron Task - Clean Data"
ansible.builtin.cron: ansible.builtin.cron:
name: "Intranet Ludikevent - Clean Data" name: "Intranet Ludikevent - Clean Data"
minute: "0" minute: "0"
hour: "20" hour: "20"
job: "php {{ path }}/bin/console app:clean" job: "php {{ path }}/bin/console app:clean"
user: "root" user: "root"
state: present
- name: Set correct permissions for Symfony cache and logs directories - name: Final Permissions Fix (0777 pour les dossiers d'upload)
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
owner: bot owner: bot
group: www-data group: www-data
mode: '0777' # rwx for owner and group, rx for others mode: '0777'
state: directory state: directory
recurse: yes # Apply to all contents recurse: yes
loop: loop:
- "{{ path }}/var/cache" - "{{ path }}/var/cache"
- "{{ path }}/var/log" - "{{ path }}/var/log"
- "{{ path }}/public/media" - "{{ path }}/public/media"
- "{{ path }}/sauvegarde" - "{{ path }}/sauvegarde"
- "{{ path }}/public/images" # For uploads - "{{ path }}/public/images"
- "{{ path }}/public/pdf" - "{{ path }}/public/pdf"
- "{{ path }}/public/seo" - "{{ path }}/public/seo"
- "{{ path }}/public/tmp-sign" # For uploads - "{{ path }}/public/tmp-sign"