MALIO-DEV/Inventory
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

chore(config): ajuster docker, cors et securite

Browse Source
This commit is contained in:
THOLOT DECHENE Matthieu
2026-01-11 17:06:25 +01:00
parent 15e0b23f15
commit 5222a6bbf9
10 changed files with 73 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/packages/api_platform.yaml
View File

@@ -2,6 +2,6 @@ api_platform:
title: Hello API Platform title: Hello API Platform
version: 1.0.0 version: 1.0.0
defaults: defaults:
stateless: true stateless: false
cache_headers: cache_headers:
vary: ['Content-Type', 'Authorization', 'Origin'] vary: ['Content-Type', 'Authorization', 'Origin']

4
config/packages/lexik_jwt_authentication.yaml Normal file
View File

@@ -0,0 +1,4 @@
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'

3
config/packages/nelmio_cors.yaml
View File

@@ -4,7 +4,8 @@ nelmio_cors:
allow_origin: ['%env(CORS_ALLOW_ORIGIN)%'] allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE'] allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
allow_headers: ['Content-Type', 'Authorization'] allow_headers: ['Content-Type', 'Authorization']
allow_credentials: true
expose_headers: ['Link'] expose_headers: ['Link']
max_age: 3600 max_age: 3600
paths: paths:
'^/': null '^/api/': ~

15
config/packages/security.yaml
View File

@@ -29,10 +29,17 @@ security:
success_handler: lexik_jwt_authentication.handler.authentication_success success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure failure_handler: lexik_jwt_authentication.handler.authentication_failure
session_profile:
pattern: ^/api/session
stateless: false
session_api:
pattern: ^/api/(sites|machines|documents|profiles)
stateless: false
api: api:
pattern: ^/api pattern: ^/api
stateless: true stateless: false
jwt: ~
main: main:
lazy: true lazy: true
@@ -40,7 +47,9 @@ security:
# Note: Only the *first* matching rule is applied # Note: Only the *first* matching rule is applied
access_control: access_control:
- { path: ^/api/login, roles: PUBLIC_ACCESS } - { path: ^/api/session/profile, roles: PUBLIC_ACCESS }
- { path: ^/api/session/profiles, roles: PUBLIC_ACCESS }
- { path: ^/api, roles: PUBLIC_ACCESS }
- { path: ^/api/docs, roles: PUBLIC_ACCESS } - { path: ^/api/docs, roles: PUBLIC_ACCESS }
- { path: ^/api/test, roles: PUBLIC_ACCESS } - { path: ^/api/test, roles: PUBLIC_ACCESS }
- { path: ^/docs, roles: PUBLIC_ACCESS } - { path: ^/docs, roles: PUBLIC_ACCESS }

4
config/reference.php
View File

@@ -1,7 +1,5 @@
<?php <?php
declare(strict_types=1);
// This file is auto-generated and is for apps only. Bundles SHOULD NOT rely on its content. // This file is auto-generated and is for apps only. Bundles SHOULD NOT rely on its content.
namespace Symfony\Component\DependencyInjection\Loader\Configurator; namespace Symfony\Component\DependencyInjection\Loader\Configurator;
@@ -1387,7 +1385,7 @@ use Symfony\Component\Config\Loader\ParamConfigurator as Param;
* mercure?: bool|array{ * mercure?: bool|array{
* enabled?: bool|Param, // Default: false * enabled?: bool|Param, // Default: false
* hub_url?: scalar|null|Param, // The URL sent in the Link HTTP header. If not set, will default to the URL for MercureBundle's default hub. // Default: null * hub_url?: scalar|null|Param, // The URL sent in the Link HTTP header. If not set, will default to the URL for MercureBundle's default hub. // Default: null
* include_type?: bool|Param, // Always include @var in updates (including delete ones). // Default: false * include_type?: bool|Param, // Always include @type in updates (including delete ones). // Default: false
* }, * },
* messenger?: bool|array{ * messenger?: bool|array{
* enabled?: bool|Param, // Default: false * enabled?: bool|Param, // Default: false

1
docker-compose.yml
View File

@@ -14,6 +14,7 @@ services:
XDEBUG_CLIENT_HOST: ${XDEBUG_CLIENT_HOST:-host.docker.internal} XDEBUG_CLIENT_HOST: ${XDEBUG_CLIENT_HOST:-host.docker.internal}
XDEBUG_CONFIG: client_host=${XDEBUG_CLIENT_HOST:-host.docker.internal} client_port=9003 XDEBUG_CONFIG: client_host=${XDEBUG_CLIENT_HOST:-host.docker.internal} client_port=9003
DATABASE_URL: "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}?serverVersion=16&charset=utf8" DATABASE_URL: "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}?serverVersion=16&charset=utf8"
CORS_ALLOW_ORIGIN: ${CORS_ALLOW_ORIGIN}
volumes: volumes:
- ./:/var/www/html - ./:/var/www/html
- ~/.cache:/var/www/.cache # Pour la cache de composer - ~/.cache:/var/www/.cache # Pour la cache de composer

26
docker/.env.docker.local
View File

@@ -2,8 +2,34 @@ DOCKER_APP_NAME=inventory
DOCKER_PHP_VERSION=8.4.6 DOCKER_PHP_VERSION=8.4.6
DOCKER_NODE_VERSION=24.12.0 DOCKER_NODE_VERSION=24.12.0
APP_USER=www-data APP_USER=www-data
CURRENT_UID=1000
CURRENT_GID=1000
# PostgreSQL
POSTGRES_DB=inventory POSTGRES_DB=inventory
POSTGRES_USER=root POSTGRES_USER=root
POSTGRES_PASSWORD=root POSTGRES_PASSWORD=root
#
# CORS
CORS_ALLOW_ORIGIN=^https?://(localhost|127\\.0\\.0\\.1)(:[0-9]+)?$
POSTGRES_PORT=5433 POSTGRES_PORT=5433
# pgAdmin
PGADMIN_EMAIL=admin@admin.com
PGADMIN_PASSWORD=admin
PGADMIN_PORT=5050
# XDebug
XDEBUG_CLIENT_HOST=host.docker.internal XDEBUG_CLIENT_HOST=host.docker.internal
# Symfony (pour future migration)
APP_ENV=dev
APP_SECRET=changeme_super_secret_key_123456789
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
JWT_PASSPHRASE=your_jwt_passphrase_change_me
# NestJS
NESTJS_PORT=3000
SESSION_SECRET=changeme_session_secret
CORS_ORIGIN=http://localhost:3001

2
docker/pgadmin/pgpass Normal file
View File

@@ -0,0 +1,2 @@
db:5432:inventory:root:root
db:5432:*:root:root

15
docker/pgadmin/servers.json Normal file
View File

@@ -0,0 +1,15 @@
{
"Servers": {
"1": {
"Name": "Inventory PostgreSQL",
"Group": "Servers",
"Host": "db",
"Port": 5432,
"MaintenanceDB": "inventory",
"Username": "root",
"SSLMode": "prefer",
"PassFile": "/var/lib/pgadmin/pgpass",
"Comment": "Serveur PostgreSQL du projet Inventory"
}
}
}

13
makefile
View File

@@ -31,6 +31,11 @@ start: env-init
@echo "**** START CONTAINERS ****" @echo "**** START CONTAINERS ****"
@cp --update=none docker/.env.docker docker/.env.docker.local @cp --update=none docker/.env.docker docker/.env.docker.local
CURRENT_UID=$(shell id -u) CURRENT_GID=$(shell id -g) $(DOCKER_COMPOSE) up -d CURRENT_UID=$(shell id -u) CURRENT_GID=$(shell id -g) $(DOCKER_COMPOSE) up -d
@echo ""
@echo "URLs disponibles:"
@echo "- Symfony API: http://localhost:8081/api"
@echo "- Nuxt (Inventory_frontend): http://localhost:3001"
@echo "- pgAdmin: http://localhost:5050"
# Éteint le container # Éteint le container
stop: stop:
@@ -49,16 +54,16 @@ composer-install:
$(EXEC_PHP) composer install $(EXEC_PHP) composer install
build-nuxtJS: build-nuxtJS:
# $(EXEC_PHP) cp -n frontend/.env.dist frontend/.env.local # $(EXEC_PHP) cp -n Inventory_frontend/.env.dist Inventory_frontend/.env.local
$(EXEC_PHP) sh -lc "cd frontend && npm install && npm run build:dist" $(EXEC_PHP) sh -lc "cd Inventory_frontend && npm install && npm run build:dist"
dev-nuxt: dev-nuxt:
$(EXEC_PHP) sh -c "cd frontend && npm run dev" $(EXEC_PHP) sh -c "cd Inventory_frontend && npm run dev"
delete_built_dir: delete_built_dir:
CURRENT_UID=$(shell id -u) CURRENT_GID=$(shell id -g) $(DOCKER_COMPOSE) up -d CURRENT_UID=$(shell id -u) CURRENT_GID=$(shell id -g) $(DOCKER_COMPOSE) up -d
$(DOCKER) exec -u root $(PHP_CONTAINER) rm -rf vendor/ $(DOCKER) exec -u root $(PHP_CONTAINER) rm -rf vendor/
$(DOCKER) exec -u root $(PHP_CONTAINER) rm -rf frontend/node_modules $(DOCKER) exec -u root $(PHP_CONTAINER) rm -rf Inventory_frontend/node_modules
remove_orphans: remove_orphans:
$(DOCKER_COMPOSE) kill $(DOCKER_COMPOSE) kill