Compare commits
13 Commits
202212.26.
...
202302.01.
| Author | SHA1 | Date | |
|---|---|---|---|
da2149cb60
|
|||
|
491c5f3b49
|
|||
|
8d3b56c6fe
|
|||
|
4157b4bb21
|
|||
|
99ec0b765f
|
|||
|
dc19006738
|
|||
|
e55562c4cd
|
|||
|
82c8140e4b
|
|||
|
e55745b48b
|
|||
|
f80d2c47ce
|
|||
|
da2f5f37c0
|
|||
|
beab370cd6
|
|||
|
b10074e440
|
@@ -33,6 +33,8 @@ steps:
|
||||
commands:
|
||||
- composer install --no-scripts --no-interaction
|
||||
- composer update --with-all-dependencies --no-interaction chill-project/chill-bundles
|
||||
depends_on:
|
||||
- build-base-image
|
||||
|
||||
- name: build-assets
|
||||
image: node:14
|
||||
@@ -40,6 +42,8 @@ steps:
|
||||
commands:
|
||||
- yarn install
|
||||
- yarn run encore production
|
||||
depends_on:
|
||||
- composer-install
|
||||
|
||||
- name: build-image-php
|
||||
image: plugins/docker
|
||||
@@ -56,6 +60,9 @@ steps:
|
||||
cache_from:
|
||||
- h3m6q87t.gra7.container-registry.ovh.net/chillbasics/php-base:latest
|
||||
- chill/base-image:latest
|
||||
depends_on:
|
||||
- build-assets
|
||||
- composer-install
|
||||
|
||||
- name: build-image-nginx
|
||||
image: plugins/docker
|
||||
@@ -70,3 +77,5 @@ steps:
|
||||
tag:
|
||||
- ${DRONE_TAG}
|
||||
Dockerfile: docker/nginx/Dockerfile
|
||||
depends_on:
|
||||
- build-assets
|
||||
|
||||
36
.env
36
.env
@@ -3,18 +3,16 @@
|
||||
## `$ composer symfony:dump-env prod`
|
||||
##
|
||||
|
||||
## Project environment
|
||||
# this should be set in docker-compose.yml file
|
||||
# APP_ENV=prod
|
||||
|
||||
## Enable debug
|
||||
APP_DEBUG=false
|
||||
|
||||
## Locale
|
||||
LOCALE=fr
|
||||
|
||||
## Framework secret
|
||||
APP_SECRET=ThisTokenIsNotSoSecretChangeIt
|
||||
###> symfony/framework-bundle ###
|
||||
# this should be set in docker-compose.yml file
|
||||
APP_ENV=prod
|
||||
APP_SECRET=ChangeItf2b58287ef7f9976409d3f6c72529e99ChangeIt
|
||||
TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
||||
TRUSTED_HOSTS='^(localhost|example\.com|nginx)$'
|
||||
###< symfony/framework-bundle ###
|
||||
|
||||
## Wopi server for editing documents online
|
||||
WOPI_SERVER=http://collabora:9980
|
||||
@@ -22,13 +20,6 @@ WOPI_SERVER=http://collabora:9980
|
||||
# must be manually set in .env.local
|
||||
# ADMIN_PASSWORD=
|
||||
|
||||
## Symfony/framework-bundle
|
||||
TRUSTED_HOSTS='^(localhost|127.0.0.1|test.localde)$'
|
||||
TRUSTED_PROXIES=~
|
||||
|
||||
## Doctrine/doctrine-bundle
|
||||
DATABASE_URL=
|
||||
|
||||
## Symfony/swiftmailer
|
||||
## Mailer
|
||||
###> symfony/mailer ###
|
||||
@@ -83,3 +74,16 @@ SHORT_MESSAGE_DSN=null://null
|
||||
# MESSENGER_TRANSPORT_DSN=redis://localhost:6379/messages
|
||||
MESSENGER_TRANSPORT_DSN=sync://
|
||||
###< symfony/messenger ###
|
||||
|
||||
###> doctrine/doctrine-bundle ###
|
||||
# Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
|
||||
# IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml
|
||||
#
|
||||
DATABASE_URL="postgresql://postgres:postgres@db:5432/postgres?serverVersion=14&charset=utf8"
|
||||
###< doctrine/doctrine-bundle ###
|
||||
|
||||
###> lexik/jwt-authentication-bundle ###
|
||||
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
|
||||
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
|
||||
JWT_PASSPHRASE=2a30f6ba26521a2613821da35f28386e
|
||||
###< lexik/jwt-authentication-bundle ###
|
||||
|
||||
4
.gitignore
vendored
4
.gitignore
vendored
@@ -75,3 +75,7 @@ yarn-error.log
|
||||
|
||||
docker-compose.override.yml
|
||||
docker-compose.override.yaml
|
||||
|
||||
###> lexik/jwt-authentication-bundle ###
|
||||
/config/jwt/*.pem
|
||||
###< lexik/jwt-authentication-bundle ###
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
},
|
||||
"require": {
|
||||
"ext-redis": "*",
|
||||
"chill-project/chill-bundles": "dev-master#bbd2599e7e6040c7090bfb11bc2f913b5a73d5e4",
|
||||
"chill-project/chill-bundles": "dev-master#de55ff920f1ffee00b0d5ea47aa5028a23dff5a7",
|
||||
"symfony/flex": "^1.9",
|
||||
"symfony/http-client": "^4.4 || ^5",
|
||||
"nelmio/alice": "^3.8",
|
||||
@@ -58,7 +58,9 @@
|
||||
},
|
||||
"preferred-install": {
|
||||
"chill-project/chill-bundles": "source",
|
||||
"champs-libres/async-uploader-bundle": "source"
|
||||
"champs-libres/async-uploader-bundle": "source",
|
||||
"champs-libres/wopi-bundle": "source",
|
||||
"champs-libres/wopi-lib": "source"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
1314
composer.lock
generated
1314
composer.lock
generated
File diff suppressed because it is too large
Load Diff
@@ -36,4 +36,5 @@ return [
|
||||
Misd\PhoneNumberBundle\MisdPhoneNumberBundle::class => ['all' => true],
|
||||
App\App::class => ['all' => true],
|
||||
KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true],
|
||||
Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle::class => ['all' => true],
|
||||
];
|
||||
|
||||
@@ -1,3 +1,10 @@
|
||||
framework:
|
||||
cache:
|
||||
pools:
|
||||
doctrine.system_cache_pool:
|
||||
adapter: cache.adapter.redis
|
||||
|
||||
|
||||
doctrine:
|
||||
dbal:
|
||||
url: '%env(resolve:DATABASE_URL)%'
|
||||
@@ -5,7 +12,7 @@ doctrine:
|
||||
geometry: string
|
||||
# IMPORTANT: You MUST configure your server version,
|
||||
# either here or in the DATABASE_URL env var (see .env file)
|
||||
#server_version: '5.7'
|
||||
#server_version: '14'
|
||||
orm:
|
||||
auto_generate_proxy_classes: true
|
||||
naming_strategy: doctrine.orm.naming_strategy.default
|
||||
|
||||
12
config/packages/lexik_jwt_authentication.yaml
Normal file
12
config/packages/lexik_jwt_authentication.yaml
Normal file
@@ -0,0 +1,12 @@
|
||||
lexik_jwt_authentication:
|
||||
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
|
||||
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
|
||||
pass_phrase: '%env(JWT_PASSPHRASE)%'
|
||||
|
||||
# required for wopi - recommended duration
|
||||
token_ttl: 36000
|
||||
|
||||
token_extractors:
|
||||
query_parameter:
|
||||
enabled: true
|
||||
name: access_token
|
||||
@@ -1,9 +1,6 @@
|
||||
doctrine:
|
||||
orm:
|
||||
auto_generate_proxy_classes: false
|
||||
metadata_cache_driver:
|
||||
type: pool
|
||||
pool: doctrine.system_cache_pool
|
||||
query_cache_driver:
|
||||
type: pool
|
||||
pool: doctrine.system_cache_pool
|
||||
|
||||
9
config/packages/prod/lexik_jwt_authentication.yaml
Normal file
9
config/packages/prod/lexik_jwt_authentication.yaml
Normal file
@@ -0,0 +1,9 @@
|
||||
lexik_jwt_authentication:
|
||||
# in production, the secret must be located in an environment variable
|
||||
# for converting the file to a raw variable, use this command:
|
||||
#
|
||||
# cat path/to/private_or_public.pem | base64 -w0
|
||||
#
|
||||
# then copy past the printed string into the dedicated environment variable
|
||||
secret_key: '%env(base64:resolve:JWT_SECRET_KEY)%'
|
||||
public_key: '%env(base64:resolve:JWT_PUBLIC_KEY)%'
|
||||
@@ -29,6 +29,14 @@ security:
|
||||
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
||||
security: false
|
||||
|
||||
wopi:
|
||||
pattern: ^/wopi
|
||||
provider: chain_provider
|
||||
stateless: true
|
||||
guard:
|
||||
authenticators:
|
||||
- lexik_jwt_authentication.jwt_token_authenticator
|
||||
|
||||
default:
|
||||
anonymous: ~
|
||||
provider: chain_provider
|
||||
@@ -54,7 +62,7 @@ security:
|
||||
- { path: ^/saml/metadata, roles: IS_AUTHENTICATED_ANONYMOUSLY }
|
||||
- { path: ^/(login|logout), roles: IS_AUTHENTICATED_ANONYMOUSLY }
|
||||
- { path: ^/public, roles: IS_AUTHENTICATED_ANONYMOUSLY }
|
||||
- { path: ^/wopi, roles: IS_AUTHENTICATED_ANONYMOUSLY }
|
||||
- { path: ^/wopi, roles: IS_AUTHENTICATED_FULLY }
|
||||
# access for homepage, the homepage redirect admin to admin section
|
||||
- { path: ^/$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }
|
||||
- { path: ^/homepage$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }
|
||||
|
||||
4
config/packages/test/doctrine.yaml
Normal file
4
config/packages/test/doctrine.yaml
Normal file
@@ -0,0 +1,4 @@
|
||||
doctrine:
|
||||
dbal:
|
||||
# "TEST_TOKEN" is typically set by ParaTest
|
||||
dbname: 'main_test%env(default::TEST_TOKEN)%'
|
||||
@@ -1,3 +1,3 @@
|
||||
wopi:
|
||||
server: "%env(resolve:WOPI_SERVER)%"
|
||||
access_token_ttl: 0
|
||||
enable_lock: false
|
||||
|
||||
9
config/preload.php
Normal file
9
config/preload.php
Normal file
@@ -0,0 +1,9 @@
|
||||
<?php
|
||||
|
||||
if (file_exists(dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php')) {
|
||||
require dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php';
|
||||
}
|
||||
|
||||
if (file_exists(dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php')) {
|
||||
require dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php';
|
||||
}
|
||||
@@ -1,3 +1,3 @@
|
||||
chill_wopi_bundle:
|
||||
resource: '@ChillWopiBundle/Resources/config/routes/routes.php'
|
||||
prefix: /wopi
|
||||
prefix: /chill/wopi
|
||||
|
||||
@@ -19,7 +19,6 @@ services:
|
||||
- '../src/DependencyInjection/'
|
||||
- '../src/Entity/'
|
||||
- '../src/Kernel.php'
|
||||
- '../src/Tests/'
|
||||
|
||||
# controllers are imported separately to make sure services can be injected
|
||||
# as action arguments even if you don't extend any base controller class
|
||||
@@ -36,15 +35,7 @@ services:
|
||||
resource: '../src/Service/'
|
||||
|
||||
|
||||
Chill\WopiBundle\Service\Wopi\ChillWopi:
|
||||
decorates: ChampsLibres\WopiLib\Contract\Service\WopiInterface
|
||||
arguments:
|
||||
$cache: '@cache.user_data'
|
||||
|
||||
ChampsLibres\WopiLib\Service\DocumentLockManager:
|
||||
arguments:
|
||||
$cache: '@cache.user_data'
|
||||
|
||||
App\Service\Wopi\NullProofValidator:
|
||||
decorates: ChampsLibres\WopiLib\Contract\Service\ProofValidatorInterface
|
||||
|
||||
|
||||
@@ -36,6 +36,12 @@ fi
|
||||
if [ "${APP_ENV}" = "prod" ]; then
|
||||
composer dump-env "${APP_ENV}"
|
||||
chmod +r /var/www/app/.env.local.php
|
||||
|
||||
if [ "${PREVENT_MIGRATIONS}" != "true" ]; then
|
||||
php /var/www/app/bin/console doctrine:migrations:status
|
||||
php /var/www/app/bin/console doctrine:migrations:migrate -n
|
||||
php /var/www/app/bin/console messenger:setup-transports
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "${CLEAR_CACHE}" != "false" ]; then
|
||||
@@ -45,11 +51,5 @@ if [ "${CLEAR_CACHE}" != "false" ]; then
|
||||
chgrp ${PHP_FPM_GROUP} /var/www/app/var/log -R && chmod g+rw /var/www/app/var/log -R
|
||||
fi
|
||||
|
||||
if [ "${PREVENT_MIGRATIONS}" != "true" ]; then
|
||||
php /var/www/app/bin/console doctrine:migrations:status
|
||||
php /var/www/app/bin/console doctrine:migrations:migrate -n
|
||||
php /var/www/app/bin/console messenger:setup-transports
|
||||
fi
|
||||
|
||||
exec "${@}"
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@ if ($_SERVER['APP_DEBUG']) {
|
||||
}
|
||||
|
||||
if ($trustedProxies = $_SERVER['TRUSTED_PROXIES'] ?? false) {
|
||||
Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_ALL ^ Request::HEADER_X_FORWARDED_HOST);
|
||||
Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO);
|
||||
}
|
||||
|
||||
if ($trustedHosts = $_SERVER['TRUSTED_HOSTS'] ?? false) {
|
||||
|
||||
32
symfony.lock
32
symfony.lock
@@ -51,16 +51,17 @@
|
||||
"version": "v0.5.3"
|
||||
},
|
||||
"doctrine/doctrine-bundle": {
|
||||
"version": "2.0",
|
||||
"version": "2.7",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "master",
|
||||
"version": "2.0",
|
||||
"ref": "a9f2463b9f73efe74482f831f03a204a41328555"
|
||||
"branch": "main",
|
||||
"version": "2.3",
|
||||
"ref": "b8ddff356705ad8e704ea75b6872ce89a15d614d"
|
||||
},
|
||||
"files": [
|
||||
"config/packages/doctrine.yaml",
|
||||
"config/packages/prod/doctrine.yaml",
|
||||
"config/packages/test/doctrine.yaml",
|
||||
"src/Entity/.gitignore",
|
||||
"src/Repository/.gitignore"
|
||||
]
|
||||
@@ -186,6 +187,18 @@
|
||||
"league/csv": {
|
||||
"version": "9.6.2"
|
||||
},
|
||||
"lexik/jwt-authentication-bundle": {
|
||||
"version": "2.16",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "2.5",
|
||||
"ref": "5b2157bcd5778166a5696e42f552ad36529a07a6"
|
||||
},
|
||||
"files": [
|
||||
"config/packages/lexik_jwt_authentication.yaml"
|
||||
]
|
||||
},
|
||||
"loophp/psr-http-message-bridge-bundle": {
|
||||
"version": "1.0.0"
|
||||
},
|
||||
@@ -345,9 +358,6 @@
|
||||
"psr/http-message": {
|
||||
"version": "1.0.1"
|
||||
},
|
||||
"psr/link": {
|
||||
"version": "1.0.0"
|
||||
},
|
||||
"psr/log": {
|
||||
"version": "1.1.3"
|
||||
},
|
||||
@@ -542,15 +552,16 @@
|
||||
"version": "4.4",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "master",
|
||||
"branch": "main",
|
||||
"version": "4.4",
|
||||
"ref": "af2e2efad553bc959a0c61d9185e33ca9eec5c99"
|
||||
"ref": "24eb45d1355810154890460e6a05c0ca27318fe7"
|
||||
},
|
||||
"files": [
|
||||
"config/bootstrap.php",
|
||||
"config/packages/cache.yaml",
|
||||
"config/packages/framework.yaml",
|
||||
"config/packages/test/framework.yaml",
|
||||
"config/preload.php",
|
||||
"config/routes/dev/framework.yaml",
|
||||
"config/services.yaml",
|
||||
"public/index.php",
|
||||
@@ -806,9 +817,6 @@
|
||||
"symfony/var-exporter": {
|
||||
"version": "v5.1.3"
|
||||
},
|
||||
"symfony/web-link": {
|
||||
"version": "v5.2.12"
|
||||
},
|
||||
"symfony/web-profiler-bundle": {
|
||||
"version": "3.3",
|
||||
"recipe": {
|
||||
|
||||
Reference in New Issue
Block a user