From 650e19273b1bc7688b53176297ab031d98164462 Mon Sep 17 00:00:00 2001
From: syoul <syoul@librezo.fr>
Date: Mon, 16 Mar 2026 17:42:26 +0100
Subject: [PATCH] first comit

---
 .env.example       | 13 ++++++++
 .gitignore         |  3 ++
 .woodpecker.yml    | 76 ++++++++++++++++++++++++++++++++++++++++++++++
 docker-compose.yml | 64 ++++++++++++++++++++++++++++++++++++++
 4 files changed, 156 insertions(+)
 create mode 100644 .env.example
 create mode 100644 .gitignore
 create mode 100644 .woodpecker.yml
 create mode 100644 docker-compose.yml

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..04de06d
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,13 @@
+# Domaine PrestaShop (utilise par Fabio pour le routage)
+PS_DOMAIN=presta.syoul.fr
+
+# Dossier admin (renommer pour la securite)
+PS_ADMIN_FOLDER=admin-secure
+
+# Compte administrateur PrestaShop
+PRESTASHOP_ADMIN_EMAIL=admin@syoul.fr
+PRESTASHOP_ADMIN_PASSWORD=changeme_fort
+
+# Base de donnees
+DB_ROOT_PASSWORD=changeme_root
+DB_PASSWORD=changeme_user
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..c55436f
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+/docs-syoul
+/plans
+.env
\ No newline at end of file
diff --git a/.woodpecker.yml b/.woodpecker.yml
new file mode 100644
index 0000000..7367332
--- /dev/null
+++ b/.woodpecker.yml
@@ -0,0 +1,76 @@
+when:
+  branch: main
+  event: push
+
+steps:
+
+  # Etape 1 : Validation syntaxique du docker-compose.yml
+  validate:
+    image: docker:27-cli
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      PS_DOMAIN: presta.syoul.fr
+      DB_PASSWORD: placeholder
+      DB_ROOT_PASSWORD: placeholder
+      PRESTASHOP_ADMIN_EMAIL: placeholder
+      PRESTASHOP_ADMIN_PASSWORD: placeholder
+    commands:
+      - docker compose config --quiet
+      - echo "docker-compose.yml valide"
+
+  # Etape 2 : Verifications de securite
+  security-check:
+    image: alpine:3.20
+    commands:
+      - |
+        if [ -f .env ]; then
+          echo "ERREUR: .env ne doit pas etre commite dans le depot !"
+          exit 1
+        fi
+      - grep -q "^\.env$" .gitignore || (echo "ERREUR: .env manquant dans .gitignore" && exit 1)
+      - echo "Verifications de securite OK"
+
+  # Etape 3 : Deploiement sur sonic via Docker socket
+  deploy:
+    image: docker:27-cli
+    volumes:
+      # Acces au Docker socket de l'hote (sonic)
+      - /var/run/docker.sock:/var/run/docker.sock
+      # Dossier de deploiement sur l'hote (contient le .env)
+      - /opt/prestashop:/opt/prestashop
+    commands:
+      # Copier le docker-compose.yml vers le dossier de deploiement
+      - cp docker-compose.yml /opt/prestashop/docker-compose.yml
+      # Lancer/mettre a jour la stack depuis le dossier de deploiement
+      # (le .env doit deja etre present dans /opt/prestashop/.env sur sonic)
+      - cd /opt/prestashop && docker compose pull
+      - cd /opt/prestashop && docker compose up -d --remove-orphans
+      - cd /opt/prestashop && docker compose ps
+
+  # Etape 4 : Healthcheck post-deploiement
+  healthcheck:
+    image: curlimages/curl:8.11.0
+    environment:
+      PS_DOMAIN:
+        from_secret: PS_DOMAIN
+    commands:
+      - echo "Attente du demarrage de PrestaShop..."
+      - sleep 90
+      - |
+        HTTP_CODE=$(curl -sSo /dev/null -w "%{http_code}" "http://${PS_DOMAIN}" || echo "000")
+        echo "HTTP Status: ${HTTP_CODE}"
+        if [ "${HTTP_CODE}" != "200" ] && [ "${HTTP_CODE}" != "301" ] && [ "${HTTP_CODE}" != "302" ]; then
+          echo "ERREUR: PrestaShop ne repond pas correctement (code ${HTTP_CODE})"
+          exit 1
+        fi
+        echo "PrestaShop repond correctement"
+
+  # Notification en cas d'echec
+  notify-failure:
+    image: alpine:3.20
+    commands:
+      - echo "ECHEC pipeline #${CI_BUILD_NUMBER} sur commit ${CI_COMMIT_SHA:0:8}"
+      - echo "Branche: ${CI_COMMIT_BRANCH}"
+    when:
+      status: failure
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..9a2d54d
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,64 @@
+services:
+  prestashop:
+    image: prestashop/prestashop:8-apache
+    container_name: prestashop
+    restart: unless-stopped
+    depends_on:
+      db:
+        condition: service_healthy
+    environment:
+      DB_SERVER: db
+      DB_NAME: prestashop
+      DB_USER: prestashop
+      DB_PASSWD: ${DB_PASSWORD}
+      PS_DOMAIN: ${PS_DOMAIN}
+      PS_FOLDER_ADMIN: ${PS_ADMIN_FOLDER:-admin-secure}
+      ADMIN_MAIL: ${PRESTASHOP_ADMIN_EMAIL}
+      ADMIN_PASSWD: ${PRESTASHOP_ADMIN_PASSWORD}
+      PS_INSTALL_AUTO: "1"
+      PS_ERASE_DB: "0"
+      # SSL desactive cote PrestaShop : Fabio gere le TLS en terminaison
+      # Cela evite les boucles de redirection HTTPS
+      PS_ENABLE_SSL: "0"
+    volumes:
+      - ps_data:/var/www/html
+    labels:
+      # Registrator lit l'IP du conteneur depuis le reseau "sonic" (-useIpFromNetwork sonic)
+      # et enregistre le service dans Consul -> Fabio route presta.syoul.fr vers cette IP
+      SERVICE_NAME: "prestashop"
+      SERVICE_80_NAME: "prestashop"
+      SERVICE_80_TAGS: "urlprefix-${PS_DOMAIN}/"
+    networks:
+      - prestashop-net
+      # Reseau "sonic" requis pour que Registrator trouve l'IP du conteneur
+      - sonic
+
+  db:
+    image: mariadb:10.11
+    container_name: prestashop-db
+    restart: unless-stopped
+    environment:
+      MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
+      MYSQL_DATABASE: prestashop
+      MYSQL_USER: prestashop
+      MYSQL_PASSWORD: ${DB_PASSWORD}
+    volumes:
+      - db_data:/var/lib/mysql
+    healthcheck:
+      test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
+      interval: 10s
+      timeout: 5s
+      retries: 10
+    networks:
+      - prestashop-net
+
+volumes:
+  ps_data:
+  db_data:
+
+networks:
+  prestashop-net:
+    driver: bridge
+  sonic:
+    # Reseau externe existant sur le serveur (partage avec Registrator/Consul/Fabio)
+    external: true