From e4f1fda1bd9eeab440b7b414179ce134f96640e1 Mon Sep 17 00:00:00 2001
From: Serreau Jovann <jovann@siteconseil.fr>
Date: Wed, 21 Jan 2026 14:00:54 +0100
Subject: [PATCH] =?UTF-8?q?```=20=E2=9C=A8=20feat(maintenance):=20Ajoute?=
 =?UTF-8?q?=20une=20page=20et=20un=20mode=20maintenance=20activable.=20```?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .env                                 |  1 +
 .gitea/workflows/install-deps.yml    | 53 ++++++++++-------------
 config/services.yaml                 |  5 +++
 src/Command/MaintenanceCommand.php   | 59 +++++++++++++++++++++++++
 src/Security/IntranetLocked.php      |  2 +
 src/Security/MaintenanceListener.php | 40 +++++++++++++++++
 templates/security/maintenance.twig  | 65 ++++++++++++++++++++++++++++
 7 files changed, 194 insertions(+), 31 deletions(-)
 create mode 100644 src/Command/MaintenanceCommand.php
 create mode 100644 src/Security/MaintenanceListener.php
 create mode 100644 templates/security/maintenance.twig

diff --git a/.env b/.env
index a691ab6..e064be6 100644
--- a/.env
+++ b/.env
@@ -98,3 +98,4 @@ STRIPE_SECRET_KEY=sk_test_***
 ###< stripe/stripe-php ###
 INTRANET_LOCK=true
 TVA_ENABLED=false
+MAINTENANCE_ENABLED=false
diff --git a/.gitea/workflows/install-deps.yml b/.gitea/workflows/install-deps.yml
index 2f91076..2ad4c0a 100644
--- a/.gitea/workflows/install-deps.yml
+++ b/.gitea/workflows/install-deps.yml
@@ -1,34 +1,25 @@
-# Nom du workflow
-name: Symfony CI - Install, Test, Build, Attest & Deploy
+deploy:
+    name: 🚀 Deploy to Production
+    runs-on: ubuntu-latest # N'oublie pas de préciser l'OS du runner
+    steps:
+        - name: Deploy with SSH
+          uses: appleboy/ssh-action@v1.0.0
+          with:
+              host: ${{ secrets.SSH_HOST }}
+              username: ${{ secrets.SSH_USER }}
+              key: ${{ secrets.SSH_PRIVATE_KEY }}
+              port: 22
+              script: |
+                  cd /var/www/ludikevent-intranet
 
-# Déclencheurs du workflow
-on:
-    push:
-        branches:
-            - master # Ou 'main'
-    pull_request:
-        types: [opened, synchronize, reopened]
-        branches:
-            - master # Ou 'main'
+                  # 1. Activer la maintenance
+                  php bin/console app:maintenance on
 
-# Permissions nécessaires pour les actions utilisées
-permissions:
-    contents: read
-    pull-requests: write
-    id-token: write
-    attestations: write
-    security-events: write # Requis pour Snyk pour poster les résultats
+                  # 2. Mise à jour du code
+                  git pull
 
-jobs:
-    deploy:
-        name: 🚀 Deploy to Production
-        steps:
-            - name: Deploy with SSH & Ansible
-              uses: appleboy/ssh-action@v1.0.0
-              with:
-                  host: ${{ secrets.SSH_HOST }}
-                  username: ${{ secrets.SSH_USER }}
-                  key: ${{ secrets.SSH_PRIVATE_KEY }}
-                  port: 22
-                  script: |
-                      cd /var/www/ludikevent-intranet && git pull && nohup sh ./update.sh
+                  # 3. Exécuter ton script d'update (migrations, install, etc.)
+                  sh ./update.sh
+
+                  # 4. Désactiver la maintenance
+                  php bin/console app:maintenance off
diff --git a/config/services.yaml b/config/services.yaml
index 1dd7780..ba660ea 100644
--- a/config/services.yaml
+++ b/config/services.yaml
@@ -24,3 +24,8 @@ services:
             # Utilisation du listener de Nelmio (identifiant officiel)
             $cspListener: '@nelmio_security.csp_listener'
 
+    App\Security\MaintenanceListener:
+        arguments:
+            $isMaintenance: '%env(MAINTENANCE_ENABLED)%'
+        tags:
+            - { name: kernel.event_listener, event: kernel.request, priority: 255 }
diff --git a/src/Command/MaintenanceCommand.php b/src/Command/MaintenanceCommand.php
new file mode 100644
index 0000000..dfdd78c
--- /dev/null
+++ b/src/Command/MaintenanceCommand.php
@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Command;
+
+use Symfony\Component\Console\Attribute\AsCommand;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Style\SymfonyStyle;
+use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
+
+#[AsCommand(
+    name: 'app:maintenance',
+    description: 'Active ou désactive le mode maintenance',
+)]
+class MaintenanceCommand extends Command
+{
+    protected function configure(): void
+    {
+        $this->addArgument('status', InputArgument::REQUIRED, 'on ou off');
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output): int
+    {
+        $io = new SymfonyStyle($input, $output);
+        $status = $input->getArgument('status');
+        $envFile = dirname(__DIR__, 2) . '/.env.local';
+
+        // Si .env.local n'existe pas, on prend le .env
+        if (!file_exists($envFile)) {
+            $envFile = dirname(__DIR__, 2) . '/.env';
+        }
+
+        $content = file_get_contents($envFile);
+        $value = ($status === 'on') ? 'true' : 'false';
+
+        // On remplace la valeur de la variable
+        if (preg_match('/MAINTENANCE_ENABLED=/', $content)) {
+            $content = preg_replace('/MAINTENANCE_ENABLED=(true|false)/', "MAINTENANCE_ENABLED=$value", $content);
+        } else {
+            $content .= "\nMAINTENANCE_ENABLED=$value";
+        }
+
+        file_put_contents($envFile, $content);
+
+        // Vider le cache pour appliquer le changement
+        $io->note("Mise à jour du fichier .env et nettoyage du cache...");
+        passthru('php bin/console cache:clear');
+
+        if ($status === 'on') {
+            $io->success('Mode maintenance ACTIVÉ ⚙️ (Le site est caché au public)');
+        } else {
+            $io->success('Mode maintenance DÉSACTIVÉ ✅ (Le site est en ligne)');
+        }
+
+        return Command::SUCCESS;
+    }
+}
diff --git a/src/Security/IntranetLocked.php b/src/Security/IntranetLocked.php
index 47476f6..ec7b8b4 100644
--- a/src/Security/IntranetLocked.php
+++ b/src/Security/IntranetLocked.php
@@ -43,6 +43,8 @@ class IntranetLocked
 
     public function onControl(RequestEvent $requestEvent): void
     {
+
+
         // On ignore également le contrôle des services pour l'IP whitelisted
         if ($this->isWhitelisted($requestEvent) || $this->isDebugRoute($requestEvent)) {
             return;
diff --git a/src/Security/MaintenanceListener.php b/src/Security/MaintenanceListener.php
new file mode 100644
index 0000000..be5edc9
--- /dev/null
+++ b/src/Security/MaintenanceListener.php
@@ -0,0 +1,40 @@
+<?php
+
+namespace App\Security;
+
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Event\RequestEvent;
+use Twig\Environment;
+
+class MaintenanceListener
+{
+    private $twig;
+    private $isMaintenance;
+    private $ipsWhiteList;
+
+    public function __construct(Environment $twig, string $isMaintenance)
+    {
+        $this->twig = $twig;
+        $this->isMaintenance = filter_var($isMaintenance, FILTER_VALIDATE_BOOLEAN);
+    }
+
+    public function onKernelRequest(RequestEvent $event)
+    {
+        // On n'active la maintenance que sur la requête principale (pas les sous-requêtes)
+        if (!$event->isMainRequest()) {
+            return;
+        }
+
+        // Si la maintenance est désactivée, on ne fait rien
+        if (!$this->isMaintenance) {
+            return;
+        }
+
+        // Si l'IP du visiteur est dans la whitelist, on le laisse passer
+        // On affiche la page de maintenance
+        $content = $this->twig->render('security/maintenance.twig');
+
+        // On renvoie une réponse 503 (Service Unavailable)
+        $event->setResponse(new Response($content, 503));
+    }
+}
diff --git a/templates/security/maintenance.twig b/templates/security/maintenance.twig
new file mode 100644
index 0000000..7046946
--- /dev/null
+++ b/templates/security/maintenance.twig
@@ -0,0 +1,65 @@
+<!DOCTYPE html>
+<html lang="fr">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Maintenance en cours - Ludik Event</title>
+    {{ vite_asset('reserve.js') }}
+    <style>
+        @import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;700;900&display=swap');
+        body { font-family: 'Inter', sans-serif; }
+    </style>
+</head>
+<body class="bg-slate-50 min-h-screen flex items-center justify-center p-6">
+
+<div class="max-w-3xl w-full text-center">
+
+    {# --- BADGE --- #}
+    <div class="inline-block bg-amber-100 text-amber-600 px-4 py-1.5 rounded-full text-[10px] font-black uppercase tracking-widest mb-8 animate-pulse">
+        Mise à jour en cours ⚙️
+    </div>
+
+    {# --- TITRE IMPACTANT --- #}
+    <h1 class="text-6xl md:text-8xl font-black text-slate-900 uppercase italic tracking-tighter leading-[0.85] mb-8">
+        ON GONFLE <br><span class="text-blue-600">LE SITE !</span>
+    </h1>
+
+    {# --- MESSAGE --- #}
+    <div class="bg-white p-8 md:p-12 rounded-[3rem] shadow-xl border border-slate-100 relative overflow-hidden">
+        <p class="text-xl text-slate-600 font-medium italic leading-relaxed relative z-10">
+            On installe de nouvelles fonctionnalités pour rendre vos réservations encore plus ludiques.
+            <strong>On revient dans quelques minutes.</strong>
+        </p>
+
+        {# Décoration de fond (forme abstraite) #}
+        <div class="absolute -right-10 -bottom-10 w-40 h-40 bg-blue-50 rounded-full blur-3xl opacity-50"></div>
+    </div>
+
+    {# --- CONTACT D'URGENCE --- #}
+    <div class="mt-12 flex flex-col md:flex-row items-center justify-center gap-6">
+        <div class="flex flex-col">
+            <span class="text-[10px] font-black text-slate-400 uppercase tracking-widest mb-1 text-center md:text-left">Besoin d'aide ?</span>
+            <a href="tel:0614172447" class="text-2xl font-black text-slate-900 italic hover:text-blue-600 transition-colors">
+                06 14 17 24 47
+            </a>
+        </div>
+
+        <div class="hidden md:block w-[1px] h-10 bg-slate-200"></div>
+
+        <div class="flex flex-col">
+            <span class="text-[10px] font-black text-slate-400 uppercase tracking-widest mb-1 text-center md:text-left">Par écrit</span>
+            <a href="mailto:lilian@ludikevent.fr" class="text-2xl font-black text-slate-900 italic hover:text-blue-600 transition-colors">
+                lilian@ludikevent.fr
+            </a>
+        </div>
+    </div>
+
+    {# --- FOOTER --- #}
+    <p class="mt-16 text-[10px] font-black text-slate-300 uppercase tracking-[0.4em]">
+        Ludik Event &copy; {{ "now"|date("Y") }} - Hauts-de-France
+    </p>
+
+</div>
+
+</body>
+</html>