first comit

2026-03-16 17:42:26 +01:00
commit 650e19273b
4 changed files with 156 additions and 0 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,13 @@
 # Domaine PrestaShop (utilise par Fabio pour le routage)
 PS_DOMAIN=presta.syoul.fr
 # Dossier admin (renommer pour la securite)
 PS_ADMIN_FOLDER=admin-secure
 # Compte administrateur PrestaShop
 PRESTASHOP_ADMIN_EMAIL=admin@syoul.fr
 PRESTASHOP_ADMIN_PASSWORD=changeme_fort
 # Base de donnees
 DB_ROOT_PASSWORD=changeme_root
 DB_PASSWORD=changeme_user
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,3 @@
 /docs-syoul
 /plans
 .env
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -0,0 +1,76 @@
 when:
  branch: main
  event: push
 steps:
  # Etape 1 : Validation syntaxique du docker-compose.yml
  validate:
    image: docker:27-cli
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      PS_DOMAIN: presta.syoul.fr
      DB_PASSWORD: placeholder
      DB_ROOT_PASSWORD: placeholder
      PRESTASHOP_ADMIN_EMAIL: placeholder
      PRESTASHOP_ADMIN_PASSWORD: placeholder
    commands:
      - docker compose config --quiet
      - echo "docker-compose.yml valide"
  # Etape 2 : Verifications de securite
  security-check:
    image: alpine:3.20
    commands:
      - |
        if [ -f .env ]; then
          echo "ERREUR: .env ne doit pas etre commite dans le depot !"
          exit 1
        fi
      - grep -q "^\.env$" .gitignore || (echo "ERREUR: .env manquant dans .gitignore" && exit 1)
      - echo "Verifications de securite OK"
  # Etape 3 : Deploiement sur sonic via Docker socket
  deploy:
    image: docker:27-cli
    volumes:
      # Acces au Docker socket de l'hote (sonic)
      - /var/run/docker.sock:/var/run/docker.sock
      # Dossier de deploiement sur l'hote (contient le .env)
      - /opt/prestashop:/opt/prestashop
    commands:
      # Copier le docker-compose.yml vers le dossier de deploiement
      - cp docker-compose.yml /opt/prestashop/docker-compose.yml
      # Lancer/mettre a jour la stack depuis le dossier de deploiement
      # (le .env doit deja etre present dans /opt/prestashop/.env sur sonic)
      - cd /opt/prestashop && docker compose pull
      - cd /opt/prestashop && docker compose up -d --remove-orphans
      - cd /opt/prestashop && docker compose ps
  # Etape 4 : Healthcheck post-deploiement
  healthcheck:
    image: curlimages/curl:8.11.0
    environment:
      PS_DOMAIN:
        from_secret: PS_DOMAIN
    commands:
      - echo "Attente du demarrage de PrestaShop..."
      - sleep 90
      - |
        HTTP_CODE=$(curl -sSo /dev/null -w "%{http_code}" "http://${PS_DOMAIN}" || echo "000")
        echo "HTTP Status: ${HTTP_CODE}"
        if [ "${HTTP_CODE}" != "200" ] && [ "${HTTP_CODE}" != "301" ] && [ "${HTTP_CODE}" != "302" ]; then
          echo "ERREUR: PrestaShop ne repond pas correctement (code ${HTTP_CODE})"
          exit 1
        fi
        echo "PrestaShop repond correctement"
  # Notification en cas d'echec
  notify-failure:
    image: alpine:3.20
    commands:
      - echo "ECHEC pipeline #${CI_BUILD_NUMBER} sur commit ${CI_COMMIT_SHA:0:8}"
      - echo "Branche: ${CI_COMMIT_BRANCH}"
    when:
      status: failure
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,64 @@
 services:
  prestashop:
    image: prestashop/prestashop:8-apache
    container_name: prestashop
    restart: unless-stopped
    depends_on:
      db:
        condition: service_healthy
    environment:
      DB_SERVER: db
      DB_NAME: prestashop
      DB_USER: prestashop
      DB_PASSWD: ${DB_PASSWORD}
      PS_DOMAIN: ${PS_DOMAIN}
      PS_FOLDER_ADMIN: ${PS_ADMIN_FOLDER:-admin-secure}
      ADMIN_MAIL: ${PRESTASHOP_ADMIN_EMAIL}
      ADMIN_PASSWD: ${PRESTASHOP_ADMIN_PASSWORD}
      PS_INSTALL_AUTO: "1"
      PS_ERASE_DB: "0"
      # SSL desactive cote PrestaShop : Fabio gere le TLS en terminaison
      # Cela evite les boucles de redirection HTTPS
      PS_ENABLE_SSL: "0"
    volumes:
      - ps_data:/var/www/html
    labels:
      # Registrator lit l'IP du conteneur depuis le reseau "sonic" (-useIpFromNetwork sonic)
      # et enregistre le service dans Consul -> Fabio route presta.syoul.fr vers cette IP
      SERVICE_NAME: "prestashop"
      SERVICE_80_NAME: "prestashop"
      SERVICE_80_TAGS: "urlprefix-${PS_DOMAIN}/"
    networks:
      - prestashop-net
      # Reseau "sonic" requis pour que Registrator trouve l'IP du conteneur
      - sonic
  db:
    image: mariadb:10.11
    container_name: prestashop-db
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
      MYSQL_DATABASE: prestashop
      MYSQL_USER: prestashop
      MYSQL_PASSWORD: ${DB_PASSWORD}
    volumes:
      - db_data:/var/lib/mysql
    healthcheck:
      test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
      interval: 10s
      timeout: 5s
      retries: 10
    networks:
      - prestashop-net
 volumes:
  ps_data:
  db_data:
 networks:
  prestashop-net:
    driver: bridge
  sonic:
    # Reseau externe existant sur le serveur (partage avec Registrator/Consul/Fabio)
    external: true