41b5af9092
Les formulaires de réinitialisation de mot de passe et d'inscription utilisaient Turbo par défaut, ce qui pouvait interférer avec le processus de soumission standard et la redirection après action. L'ajout de l'attribut `data-turbo="false"` sur chaque formulaire concerné garantit que les requêtes POST sont traitées de manière conventionnelle, évitant ainsi des comportements inattendus ou des échecs de soumission.
254 lines
8.4 KiB
YAML
254 lines
8.4 KiB
YAML
# Fichier: install_php_83_symfony_pgsql.yml
|
|
|
|
- name: Deploy application
|
|
hosts: webservers
|
|
become: true
|
|
gather_facts: true
|
|
|
|
vars:
|
|
db_name: "ludikevent"
|
|
db_user: "ludikevent"
|
|
db_password: "ludikevent"
|
|
redis_password: "ludikevent"
|
|
redis_port: "20110"
|
|
# path: /var/www/mainframe/app (à définir dans l'inventaire)
|
|
|
|
tasks:
|
|
- name: Exécuter 'composer install' dans le répertoire de l'application
|
|
ansible.builtin.command: php8.4 /usr/local/bin/composer install --no-dev --optimize-autoloader
|
|
become: false
|
|
args:
|
|
chdir: "{{ path }}"
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Send a message to the Discord channel
|
|
community.general.discord:
|
|
webhook_id: "1419573620602044518"
|
|
webhook_token: "ikAdxWxsrrTqMTb5Gh_8ylcoJHlOnq7aJZvR5udoS_fCK56Jk3qpEnJHVKdD8fwuNJF3"
|
|
content: "Mise à jour du intranet ludikevent https://intranet.ludikevent.fr"
|
|
|
|
- name: Installer le support ACL pour corriger les permissions
|
|
ansible.builtin.apt:
|
|
name: acl
|
|
state: present
|
|
update_cache: true
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Installation des dépendances PostgreSQL pour Ansible
|
|
ansible.builtin.apt:
|
|
name: python3-psycopg2
|
|
state: present
|
|
update_cache: true
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Installation de PHP 8.4 et dépendances
|
|
ansible.builtin.apt:
|
|
name:
|
|
- php8.4
|
|
- php8.4-fpm
|
|
- php8.4-cli
|
|
- php8.4-common
|
|
- php8.4-mysql
|
|
- php8.4-pgsql
|
|
- php8.4-xml
|
|
- php8.4-mbstring
|
|
- php8.4-zip
|
|
- php8.4-intl
|
|
- php8.4-gd
|
|
- php8.4-curl
|
|
- php8.4-pdo
|
|
- php8.4-opcache
|
|
- php8.4-bcmath
|
|
- php8.4-redis
|
|
- php8.4-imagick
|
|
- ffmpeg
|
|
state: present
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Démarrage de PHP 8.4-FPM
|
|
ansible.builtin.systemd:
|
|
name: php8.4-fpm
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Créer le fichier .env.local
|
|
ansible.builtin.copy:
|
|
content: |
|
|
APP_ENV=prod
|
|
APP_DEBUG=false
|
|
VITE_LOAD=1
|
|
DATABASE_URL="postgresql://{{ db_user }}:{{ db_password }}@127.0.0.1:5432/{{ db_name }}?serverVersion=16&charset=utf8"
|
|
REDIS_DSN="redis://{{ redis_password }}@127.0.0.1:{{ redis_port }}"
|
|
REDIS_URL="redis://{{ redis_password }}@127.0.0.1:{{ redis_port }}"
|
|
MESSENGER_TRANSPORT_DSN="redis://{{ redis_password }}@127.0.0.1:{{ redis_port }}/messages"
|
|
APP_SECRET=939bbc67038c2e2d1232d86fc605bf2f
|
|
REAL_MAIL=1
|
|
VAULT_ADDR=http://127.0.0.1:8200
|
|
VAULT_TOKEN=hvs.QLpUdiptXtSPo5Qf7i2nn2Xz
|
|
MAILER_DSN=ses+smtp://AKIAWTT2T22CWBRBBDYN:BBdgb6KxRQ8mNcpWFJsZCJxbSGNdgLhKFiITMErfBlQP@default?region=eu-west-3
|
|
PATH_URL=https://intranet.ludikevent.fr
|
|
STRIPE_BASEURL=https://payment.ludikevent.fr
|
|
SIGN_URL=https://reservation.ludikevent.fr
|
|
DEFAULT_URI=https://reservation.ludikevent.fr
|
|
INTRANET_LOCK=false
|
|
STRIPE_PK=pk_test_51SUA22173W4aeFB1nO6oFfDZ12HOTffDKtCshhZ8rkUg6kUO2ZaQC0tK72rhE79Tr8treeHX9KMcZtvcQZ0X8VSm00Q6GQ365V
|
|
STRIPE_SK=sk_test_51SUA22173W4aeFB16EB2LxGI0hNvNJzFshDI98zRImWBIhSfzqOGAz5TlPxSpUWbj3x4COm6kmSsaal9FpQR1A7M0022DvjbbR
|
|
dest: "{{ path }}/.env.local"
|
|
|
|
- name: Configuration des dossiers de base
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
owner: bot
|
|
group: www-data
|
|
mode: '0775'
|
|
state: directory
|
|
loop:
|
|
- "{{ path }}/var"
|
|
- "{{ path }}/var/log"
|
|
- "{{ path }}/public/media"
|
|
- "{{ path }}/public/images"
|
|
- "{{ path }}/public/pdf"
|
|
- "{{ path }}/public/seo"
|
|
- "{{ path }}/public/tmp-sign"
|
|
- "{{ path }}/sauvegarde"
|
|
|
|
- name: ACL pour Symfony (www-data rwx)
|
|
ansible.builtin.acl:
|
|
path: "{{ item }}"
|
|
entity: www-data
|
|
etype: group
|
|
permissions: rwx
|
|
state: present
|
|
recursive: yes
|
|
default: yes
|
|
loop:
|
|
- "{{ path }}/var/cache"
|
|
- "{{ path }}/var/log"
|
|
- name: ACL pour Symfony (www-data rwx)
|
|
ansible.builtin.acl:
|
|
path: "{{ item }}"
|
|
entity: bot
|
|
etype: group
|
|
permissions: rwx
|
|
state: present
|
|
recursive: yes
|
|
default: yes
|
|
loop:
|
|
- "{{ path }}/public/media"
|
|
|
|
- name: Bun install & build
|
|
ansible.builtin.command: "{{ item }}"
|
|
become: false
|
|
args:
|
|
chdir: "{{ path }}"
|
|
loop:
|
|
- "bun install"
|
|
- "bun run build"
|
|
|
|
- name: Supervisor config
|
|
ansible.builtin.template:
|
|
src: supervisor.j2
|
|
dest: "/etc/supervisor/conf.d/mainframe.conf"
|
|
mode: '0644'
|
|
|
|
- name: Reload Supervisor
|
|
ansible.builtin.command: "{{ item }}"
|
|
loop:
|
|
- "supervisorctl reread"
|
|
- "supervisorctl update"
|
|
|
|
- name: Purger Redis
|
|
ansible.builtin.command: "redis-cli -p {{ redis_port }} -a {{ redis_password }} FLUSHALL"
|
|
|
|
- name: Caddy config
|
|
ansible.builtin.template:
|
|
src: caddy.j2
|
|
dest: "/etc/caddy/sites/ludikevent.conf"
|
|
mode: '0644'
|
|
|
|
- name: Reload Caddy
|
|
ansible.builtin.systemd:
|
|
name: caddy
|
|
state: reloaded
|
|
|
|
- name: Symfony Tasks (Migrations, Cache, Warmup)
|
|
ansible.builtin.command: "php8.4 bin/console {{ item }} --no-interaction"
|
|
become: false
|
|
args:
|
|
chdir: "{{ path }}"
|
|
loop:
|
|
- "doctrine:migrations:migrate"
|
|
- "cache:clear"
|
|
- "app:images:warmup"
|
|
- "pwa:compile"
|
|
- "app:sitemap"
|
|
|
|
- name: S'assurer que le fichier update.json a les bonnes permissions
|
|
ansible.builtin.file:
|
|
path: "{{ path }}/var/update.json"
|
|
owner: bot
|
|
group: www-data
|
|
mode: '0664'
|
|
state: file
|
|
ignore_errors: yes
|
|
|
|
# --- CRON TASKS ---
|
|
- name: "Cron Task - Unsigned Contracts (Relance & Annulation)"
|
|
ansible.builtin.cron:
|
|
name: "Intranet Ludikevent - Unsigned Contracts Expired"
|
|
minute: "0"
|
|
hour: "12"
|
|
job: "php8.4 {{ path }}/bin/console app:mail"
|
|
user: root
|
|
state: present
|
|
|
|
- name: "Cron Task Search"
|
|
ansible.builtin.cron:
|
|
name: "Intranet Ludikevent - Search"
|
|
minute: "*/5"
|
|
job: "php8.4 {{ path }}/bin/console app:search"
|
|
user: root
|
|
|
|
- name: "Cron Task Stripe"
|
|
ansible.builtin.cron:
|
|
name: "Intranet Ludikevent - Stripe"
|
|
minute: "0"
|
|
hour: "1"
|
|
job: "php8.4 {{ path }}/bin/console app:stripe:sync"
|
|
user: root
|
|
|
|
- name: "Cron Task Backup"
|
|
ansible.builtin.cron:
|
|
name: "Intranet Ludikevent - Backup"
|
|
minute: "0"
|
|
hour: "*/6"
|
|
job: "php8.4 {{ path }}/bin/console app:backup"
|
|
user: "root"
|
|
|
|
- name: "Cron Task - Clean Data"
|
|
ansible.builtin.cron:
|
|
name: "Intranet Ludikevent - Clean Data"
|
|
minute: "0"
|
|
hour: "20"
|
|
job: "php8.4 {{ path }}/bin/console app:clean"
|
|
user: "root"
|
|
|
|
- name: Final Permissions Fix (0777 pour les dossiers d'upload)
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
owner: bot
|
|
group: www-data
|
|
mode: '0777'
|
|
state: directory
|
|
recurse: yes
|
|
loop:
|
|
- "{{ path }}/var/cache"
|
|
- "{{ path }}/var/log"
|
|
- "{{ path }}/public/media"
|
|
- "{{ path }}/sauvegarde"
|
|
- "{{ path }}/public/images"
|
|
- "{{ path }}/public/media"
|
|
- "{{ path }}/public/pdf"
|
|
- "{{ path }}/public/seo"
|
|
- "{{ path }}/public/tmp-sign"
|